From 08d4307ee1f6d409a88caba5b2b83e159ff9d63f Mon Sep 17 00:00:00 2001 From: tdevetzis <119485709+tdevetzis@users.noreply.github.com> Date: Wed, 7 Dec 2022 02:15:37 -0800 Subject: [PATCH] [bitnami/openldap] New option LDAP_CUSTOM_SCHEMA_DIR (#15545) * Add LDAP_CUSTOM_SCHEMA_DIR option to enable initialization of multiple schemas Signed-off-by: Taso N. Devetzis * Fix typo Signed-off-by: Taso N. Devetzis * Add ldap_add_custom_schemas() call Signed-off-by: Taso N. Devetzis * Fix capitalization Signed-off-by: Taso N. Devetzis * Fix indentation Signed-off-by: Taso N. Devetzis Signed-off-by: Taso N. Devetzis --- .../rootfs/opt/bitnami/scripts/libopenldap.sh | 21 +++++++++++++++++++ bitnami/openldap/README.md | 1 + 2 files changed, 22 insertions(+) diff --git a/bitnami/openldap/2.6/debian-11/rootfs/opt/bitnami/scripts/libopenldap.sh b/bitnami/openldap/2.6/debian-11/rootfs/opt/bitnami/scripts/libopenldap.sh index ad43e96ed968..38d05201df82 100644 --- a/bitnami/openldap/2.6/debian-11/rootfs/opt/bitnami/scripts/libopenldap.sh +++ b/bitnami/openldap/2.6/debian-11/rootfs/opt/bitnami/scripts/libopenldap.sh @@ -36,6 +36,7 @@ export LDAP_ONLINE_CONF_DIR="${LDAP_VOLUME_DIR}/slapd.d" export LDAP_PID_FILE="${LDAP_VAR_DIR}/run/slapd.pid" export LDAP_CUSTOM_LDIF_DIR="${LDAP_CUSTOM_LDIF_DIR:-/ldifs}" export LDAP_CUSTOM_SCHEMA_FILE="${LDAP_CUSTOM_SCHEMA_FILE:-/schema/custom.ldif}" +export LDAP_CUSTOM_SCHEMA_DIR="${LDAP_CUSTOM_SCHEMA_DIR:-/schemas}" export PATH="${LDAP_BIN_DIR}:${LDAP_SBIN_DIR}:$PATH" export LDAP_TLS_CERT_FILE="${LDAP_TLS_CERT_FILE:-}" export LDAP_TLS_KEY_FILE="${LDAP_TLS_KEY_FILE:-}" @@ -357,6 +358,23 @@ ldap_add_custom_schema() { ldap_start_bg } +######################## +# Add custom schemas +# Globals: +# LDAP_* +# Arguments: +# None +# Returns +# None +######################### +ldap_add_custom_schemas() { + info "Adding custom schemas : $LDAP_CUSTOM_SCHEMA_DIR ..." + find "$LDAP_CUSTOM_SCHEMA_DIR" -maxdepth 1 \( -type f -o -type l \) -iname '*.ldif' -print0 | sort -z | xargs --null -I{} bash -c ". /opt/bitnami/scripts/libos.sh && debug_execute slapadd -F \"$LDAP_ONLINE_CONF_DIR\" -n 0 -l {}" + ldap_stop + while is_ldap_running; do sleep 1; done + ldap_start_bg +} + ######################## # Create LDAP tree # Globals: @@ -496,6 +514,9 @@ ldap_initialize() { if [[ -f "$LDAP_CUSTOM_SCHEMA_FILE" ]]; then ldap_add_custom_schema fi + if ! is_dir_empty "$LDAP_CUSTOM_SCHEMA_DIR"; then + ldap_add_custom_schemas + fi if ! is_dir_empty "$LDAP_CUSTOM_LDIF_DIR"; then ldap_add_custom_ldifs elif ! is_boolean_yes "$LDAP_SKIP_DEFAULT_TREE"; then diff --git a/bitnami/openldap/README.md b/bitnami/openldap/README.md index 970d0887340a..72843b59220d 100644 --- a/bitnami/openldap/README.md +++ b/bitnami/openldap/README.md @@ -190,6 +190,7 @@ The Bitnami Docker OpenLDAP can be easily setup with the following environment v - `LDAP_SKIP_DEFAULT_TREE`: Whether to skip creating the default LDAP tree based on `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. Please note that this will **not** skip the addition of schemas or importing of LDIF files. Default: **no** - `LDAP_CUSTOM_LDIF_DIR`: Location of a directory that contains LDIF files that should be used to bootstrap the database. Only files ending in `.ldif` will be used. Default LDAP tree based on the `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP` will be skipped when `LDAP_CUSTOM_LDIF_DIR` is used. When using this it will override the usage of `LDAP_USERS`, `LDAP_PASSWORDS`, `LDAP_USER_DC` and `LDAP_GROUP`. You should set `LDAP_ROOT` to your base to make sure the `olcSuffix` configured on the database matches the contents imported from the LDIF files. Default: **/ldifs** - `LDAP_CUSTOM_SCHEMA_FILE`: Location of a custom internal schema file that could not be added as custom ldif file (i.e. containing some `structuralObjectClass`). Default is **/schema/custom.ldif**" +- `LDAP_CUSTOM_SCHEMA_DIR`: Location of a directory containing custom internal schema files that could not be added as custom ldif files (i.e. containing some `structuralObjectClass`). This can be used in addition to or instead of `LDAP_CUSTOM_SCHEMA_FILE` (above) to add multiple schema files. Default: **/schemas** - `LDAP_ULIMIT_NOFILES`: Maximum number of open file descriptors. Default: **1024**. - `LDAP_ALLOW_ANON_BINDING`: Allow anonymous bindings to the LDAP server. Default: **yes**. - `LDAP_LOGLEVEL`: Set the loglevel for the OpenLDAP server (see https://www.openldap.org/doc/admin25/slapdconfig.html for possible values). Default: **256**.