- [demo](demo) Now Also add an LDAP kopano-group.
mlan
parent
56857c5528
commit
b76d723d04
|
|
@ -10,12 +10,13 @@ SA_DEBUG=0
|
|||
RAZOR_REGISTRATION=
|
||||
LDAP_BASE=dc=example,dc=com
|
||||
LDAP_USEROU=users
|
||||
LDAP_USEROBJ=posixAccount
|
||||
LDAP_USEROBJ=kopano-user
|
||||
LDAP_USERFLT=
|
||||
LDAP_GROUPOU=groups
|
||||
LDAP_GROUPOBJ=posixGroup
|
||||
LDAP_GROUPOBJ=kopano-group
|
||||
LDAP_TEST_USER=demo
|
||||
LDAP_TEST_PASSWD=demo
|
||||
LDAP_TEST_GROUP=team
|
||||
MYSQL_ROOT_PASSWORD=secret
|
||||
MYSQL_DATABASE=kopano
|
||||
MYSQL_USER=kopano
|
||||
|
|
|
|||
|
|
@ -73,14 +73,83 @@ wait_%:
|
|||
web:
|
||||
firefox localhost:8008 &
|
||||
|
||||
auth-init: wait_11 auth-mod_hash auth-mod_index auth-add_schema auth-add_user
|
||||
auth-init: wait_11 auth-mod_conf auth-add_schema auth-add_data
|
||||
|
||||
define LDIF_MOD_CONF
|
||||
dn: olcDatabase={-1}frontend,cn=config
|
||||
changetype: modify
|
||||
add: olcPasswordHash
|
||||
olcPasswordHash: {CRYPT}
|
||||
|
||||
dn: cn=config
|
||||
changetype: modify
|
||||
add: olcPasswordCryptSaltFormat
|
||||
olcPasswordCryptSaltFormat: $$6$$%.16s
|
||||
|
||||
dn: olcDatabase={1}mdb,cn=config
|
||||
changetype: modify
|
||||
add: olcDbIndex
|
||||
olcDbIndex: cn,ou,uid,mail eq
|
||||
endef
|
||||
export LDIF_MOD_CONF
|
||||
|
||||
define LDIF_ADD_DATA
|
||||
dn: ou=$(LDAP_USEROU),$(LDAP_BASE)
|
||||
changetype: add
|
||||
ou: $(LDAP_USEROU)
|
||||
objectClass: top
|
||||
objectClass: organizationalUnit
|
||||
|
||||
dn: ou=$(LDAP_GROUPOU),$(LDAP_BASE)
|
||||
changetype: add
|
||||
ou: $(LDAP_GROUPOU)
|
||||
objectClass: top
|
||||
objectClass: organizationalUnit
|
||||
|
||||
dn: cn=$(LDAP_TEST_GROUP),ou=$(LDAP_GROUPOU),$(LDAP_BASE)
|
||||
changetype: add
|
||||
cn: $(LDAP_TEST_GROUP)
|
||||
objectClass: top
|
||||
objectClass: groupOfNames
|
||||
objectClass: kopano-group
|
||||
member: uid=$(LDAP_TEST_USER),ou=$(LDAP_USEROU),$(LDAP_BASE)
|
||||
mail: $(LDAP_TEST_GROUP)@$(MAIL_DOMAIN)
|
||||
|
||||
dn: uid=$(LDAP_TEST_USER),ou=$(LDAP_USEROU),$(LDAP_BASE)
|
||||
changetype: add
|
||||
cn: $(LDAP_TEST_USER)
|
||||
objectClass: top
|
||||
objectClass: inetOrgPerson
|
||||
objectClass: kopano-user
|
||||
sn: $(LDAP_TEST_USER)
|
||||
uid: $(LDAP_TEST_USER)
|
||||
mail: $(LDAP_TEST_USER)@$(MAIL_DOMAIN)
|
||||
userPassword: $(LDAP_TEST_PASSWD)
|
||||
telephoneNumber: 0123 123456789
|
||||
title: MCP
|
||||
kopanoAccount: 1
|
||||
kopanoAdmin: 1
|
||||
kopanoEnabledFeatures: imap
|
||||
kopanoEnabledFeatures: pop3
|
||||
endef
|
||||
export LDIF_ADD_DATA
|
||||
|
||||
auth-mod_conf:
|
||||
echo "$$LDIF_MOD_CONF" | docker-compose exec -T auth ldap modify
|
||||
|
||||
auth-add_data:
|
||||
echo "$$LDIF_ADD_DATA" | docker-compose exec -T auth ldap modify
|
||||
|
||||
auth-add_schema:
|
||||
docker-compose exec app zcat /usr/share/doc/kopano/kopano.ldif.gz \
|
||||
| docker-compose exec -T auth ldapadd -H ldapi://%2Fvar%2Frun%2Fopenldap%2Fldapi/ -Y EXTERNAL
|
||||
|
||||
auth-show_conf:
|
||||
docker-compose exec auth ldap search -b cn=config "(cn=config)"
|
||||
docker-compose exec auth ldap search -b cn=config olcDatabase={-1}frontend
|
||||
docker-compose exec auth ldap search -b cn=config olcDatabase={1}mdb
|
||||
|
||||
auth-show_user:
|
||||
auth-show_data:
|
||||
docker-compose exec auth ldap search -b "$(LDAP_BASE)"
|
||||
|
||||
auth-show_cat0:
|
||||
|
|
@ -89,22 +158,6 @@ auth-show_cat0:
|
|||
auth-show_cat1:
|
||||
docker-compose exec auth slapcat -n1
|
||||
|
||||
auth-add_user:
|
||||
printf "dn: ou=$(LDAP_USEROU),$(LDAP_BASE)\nchangetype: add\nobjectClass: organizationalUnit\nobjectClass: top\nou: $(LDAP_USEROU)\n\ndn: ou=$(LDAP_GROUPOU),$(LDAP_BASE)\nchangetype: add\nobjectClass: organizationalUnit\nobjectClass: top\nou: $(LDAP_GROUPOU)\n\ndn: uid=$(LDAP_TEST_USER),ou=$(LDAP_USEROU),$(LDAP_BASE)\nchangetype: add\nobjectClass: top\nobjectClass: inetOrgPerson\nobjectClass: kopano-user\nobjectClass: $(LDAP_USEROBJ)\ncn: $(LDAP_TEST_USER)\nsn: $(LDAP_TEST_USER)\nuid: $(LDAP_TEST_USER)\nmail: $(LDAP_TEST_USER)@$(MAIL_DOMAIN)\nuidNumber: 1234\ngidNumber: 1234\nhomeDirectory: /home/$(LDAP_TEST_USER)\nuserPassword: $(LDAP_TEST_PASSWD)\ntelephoneNumber: 0123 123456789\ntitle: MCP\nkopanoEnabledFeatures: imap\nkopanoEnabledFeatures: pop3\n" \
|
||||
| docker-compose exec -T auth ldap modify
|
||||
|
||||
auth-mod_index:
|
||||
printf "dn: olcDatabase={1}mdb,cn=config\nchangetype: modify\nadd: olcDbIndex\nolcDbIndex: cn,ou,uid,mail eq\n" \
|
||||
| docker-compose exec -T auth ldap modify
|
||||
|
||||
auth-mod_hash:
|
||||
printf "dn: olcDatabase={-1}frontend,cn=config\nchangetype: modify\nadd: olcPasswordHash\nolcPasswordHash: {CRYPT}\n\ndn: cn=config\nchangetype: modify\nadd: olcPasswordCryptSaltFormat\nolcPasswordCryptSaltFormat: \$$6\$$%%.16s\n" \
|
||||
| docker-compose exec -T auth ldap modify
|
||||
|
||||
auth-add_schema:
|
||||
docker-compose exec app zcat /usr/share/doc/kopano/kopano.ldif.gz \
|
||||
| docker-compose exec -T auth ldapadd -H ldapi://%2Fvar%2Frun%2Fopenldap%2Fldapi/ -Y EXTERNAL
|
||||
|
||||
auth-gui-up:
|
||||
docker run -d --rm --name auth-gui --network demo_backend \
|
||||
-p 127.0.0.1:8001:80 -e PHPLDAPADMIN_LDAP_HOSTS=auth \
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ services:
|
|||
- LDAP_SEARCH_BASE=${LDAP_BASE-dc=example,dc=com}
|
||||
- LDAP_USER_TYPE_ATTRIBUTE_VALUE=${LDAP_USEROBJ-posixAccount}
|
||||
- LDAP_GROUP_TYPE_ATTRIBUTE_VALUE=${LDAP_GROUPOBJ-posixGroup}
|
||||
- LDAP_GROUPMEMBERS_ATTRIBUTE_TYPE=dn
|
||||
- LDAP_PROPMAP=
|
||||
- MYSQL_DATABASE=${MYSQL_DATABASE-kopano}
|
||||
- MYSQL_USER=${MYSQL_USER-kopano}
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ AUT_FQDN ?= $(AUT_NAME).$(MAIL_DOM)
|
|||
AUT_VOL ?=
|
||||
AUT_ENV ?= $(NET_ENV) \
|
||||
--name $(AUT_NAME) \
|
||||
--hostname $(AUT_FQDN) \
|
||||
--hostname $(AUT_FQDN)
|
||||
|
||||
CURL_OPT ?= -s -v
|
||||
CURL_IMG ?= curlimages/curl
|
||||
|
|
|
|||
Loading…
Reference in New Issue