- [demo](demo) Now Also add an LDAP kopano-group.
mlan
parent
56857c5528
commit
b76d723d04
|
|
@ -10,12 +10,13 @@ SA_DEBUG=0
|
||||||
RAZOR_REGISTRATION=
|
RAZOR_REGISTRATION=
|
||||||
LDAP_BASE=dc=example,dc=com
|
LDAP_BASE=dc=example,dc=com
|
||||||
LDAP_USEROU=users
|
LDAP_USEROU=users
|
||||||
LDAP_USEROBJ=posixAccount
|
LDAP_USEROBJ=kopano-user
|
||||||
LDAP_USERFLT=
|
LDAP_USERFLT=
|
||||||
LDAP_GROUPOU=groups
|
LDAP_GROUPOU=groups
|
||||||
LDAP_GROUPOBJ=posixGroup
|
LDAP_GROUPOBJ=kopano-group
|
||||||
LDAP_TEST_USER=demo
|
LDAP_TEST_USER=demo
|
||||||
LDAP_TEST_PASSWD=demo
|
LDAP_TEST_PASSWD=demo
|
||||||
|
LDAP_TEST_GROUP=team
|
||||||
MYSQL_ROOT_PASSWORD=secret
|
MYSQL_ROOT_PASSWORD=secret
|
||||||
MYSQL_DATABASE=kopano
|
MYSQL_DATABASE=kopano
|
||||||
MYSQL_USER=kopano
|
MYSQL_USER=kopano
|
||||||
|
|
|
||||||
|
|
@ -73,14 +73,83 @@ wait_%:
|
||||||
web:
|
web:
|
||||||
firefox localhost:8008 &
|
firefox localhost:8008 &
|
||||||
|
|
||||||
auth-init: wait_11 auth-mod_hash auth-mod_index auth-add_schema auth-add_user
|
auth-init: wait_11 auth-mod_conf auth-add_schema auth-add_data
|
||||||
|
|
||||||
|
define LDIF_MOD_CONF
|
||||||
|
dn: olcDatabase={-1}frontend,cn=config
|
||||||
|
changetype: modify
|
||||||
|
add: olcPasswordHash
|
||||||
|
olcPasswordHash: {CRYPT}
|
||||||
|
|
||||||
|
dn: cn=config
|
||||||
|
changetype: modify
|
||||||
|
add: olcPasswordCryptSaltFormat
|
||||||
|
olcPasswordCryptSaltFormat: $$6$$%.16s
|
||||||
|
|
||||||
|
dn: olcDatabase={1}mdb,cn=config
|
||||||
|
changetype: modify
|
||||||
|
add: olcDbIndex
|
||||||
|
olcDbIndex: cn,ou,uid,mail eq
|
||||||
|
endef
|
||||||
|
export LDIF_MOD_CONF
|
||||||
|
|
||||||
|
define LDIF_ADD_DATA
|
||||||
|
dn: ou=$(LDAP_USEROU),$(LDAP_BASE)
|
||||||
|
changetype: add
|
||||||
|
ou: $(LDAP_USEROU)
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
|
||||||
|
dn: ou=$(LDAP_GROUPOU),$(LDAP_BASE)
|
||||||
|
changetype: add
|
||||||
|
ou: $(LDAP_GROUPOU)
|
||||||
|
objectClass: top
|
||||||
|
objectClass: organizationalUnit
|
||||||
|
|
||||||
|
dn: cn=$(LDAP_TEST_GROUP),ou=$(LDAP_GROUPOU),$(LDAP_BASE)
|
||||||
|
changetype: add
|
||||||
|
cn: $(LDAP_TEST_GROUP)
|
||||||
|
objectClass: top
|
||||||
|
objectClass: groupOfNames
|
||||||
|
objectClass: kopano-group
|
||||||
|
member: uid=$(LDAP_TEST_USER),ou=$(LDAP_USEROU),$(LDAP_BASE)
|
||||||
|
mail: $(LDAP_TEST_GROUP)@$(MAIL_DOMAIN)
|
||||||
|
|
||||||
|
dn: uid=$(LDAP_TEST_USER),ou=$(LDAP_USEROU),$(LDAP_BASE)
|
||||||
|
changetype: add
|
||||||
|
cn: $(LDAP_TEST_USER)
|
||||||
|
objectClass: top
|
||||||
|
objectClass: inetOrgPerson
|
||||||
|
objectClass: kopano-user
|
||||||
|
sn: $(LDAP_TEST_USER)
|
||||||
|
uid: $(LDAP_TEST_USER)
|
||||||
|
mail: $(LDAP_TEST_USER)@$(MAIL_DOMAIN)
|
||||||
|
userPassword: $(LDAP_TEST_PASSWD)
|
||||||
|
telephoneNumber: 0123 123456789
|
||||||
|
title: MCP
|
||||||
|
kopanoAccount: 1
|
||||||
|
kopanoAdmin: 1
|
||||||
|
kopanoEnabledFeatures: imap
|
||||||
|
kopanoEnabledFeatures: pop3
|
||||||
|
endef
|
||||||
|
export LDIF_ADD_DATA
|
||||||
|
|
||||||
|
auth-mod_conf:
|
||||||
|
echo "$$LDIF_MOD_CONF" | docker-compose exec -T auth ldap modify
|
||||||
|
|
||||||
|
auth-add_data:
|
||||||
|
echo "$$LDIF_ADD_DATA" | docker-compose exec -T auth ldap modify
|
||||||
|
|
||||||
|
auth-add_schema:
|
||||||
|
docker-compose exec app zcat /usr/share/doc/kopano/kopano.ldif.gz \
|
||||||
|
| docker-compose exec -T auth ldapadd -H ldapi://%2Fvar%2Frun%2Fopenldap%2Fldapi/ -Y EXTERNAL
|
||||||
|
|
||||||
auth-show_conf:
|
auth-show_conf:
|
||||||
docker-compose exec auth ldap search -b cn=config "(cn=config)"
|
docker-compose exec auth ldap search -b cn=config "(cn=config)"
|
||||||
docker-compose exec auth ldap search -b cn=config olcDatabase={-1}frontend
|
docker-compose exec auth ldap search -b cn=config olcDatabase={-1}frontend
|
||||||
docker-compose exec auth ldap search -b cn=config olcDatabase={1}mdb
|
docker-compose exec auth ldap search -b cn=config olcDatabase={1}mdb
|
||||||
|
|
||||||
auth-show_user:
|
auth-show_data:
|
||||||
docker-compose exec auth ldap search -b "$(LDAP_BASE)"
|
docker-compose exec auth ldap search -b "$(LDAP_BASE)"
|
||||||
|
|
||||||
auth-show_cat0:
|
auth-show_cat0:
|
||||||
|
|
@ -89,22 +158,6 @@ auth-show_cat0:
|
||||||
auth-show_cat1:
|
auth-show_cat1:
|
||||||
docker-compose exec auth slapcat -n1
|
docker-compose exec auth slapcat -n1
|
||||||
|
|
||||||
auth-add_user:
|
|
||||||
printf "dn: ou=$(LDAP_USEROU),$(LDAP_BASE)\nchangetype: add\nobjectClass: organizationalUnit\nobjectClass: top\nou: $(LDAP_USEROU)\n\ndn: ou=$(LDAP_GROUPOU),$(LDAP_BASE)\nchangetype: add\nobjectClass: organizationalUnit\nobjectClass: top\nou: $(LDAP_GROUPOU)\n\ndn: uid=$(LDAP_TEST_USER),ou=$(LDAP_USEROU),$(LDAP_BASE)\nchangetype: add\nobjectClass: top\nobjectClass: inetOrgPerson\nobjectClass: kopano-user\nobjectClass: $(LDAP_USEROBJ)\ncn: $(LDAP_TEST_USER)\nsn: $(LDAP_TEST_USER)\nuid: $(LDAP_TEST_USER)\nmail: $(LDAP_TEST_USER)@$(MAIL_DOMAIN)\nuidNumber: 1234\ngidNumber: 1234\nhomeDirectory: /home/$(LDAP_TEST_USER)\nuserPassword: $(LDAP_TEST_PASSWD)\ntelephoneNumber: 0123 123456789\ntitle: MCP\nkopanoEnabledFeatures: imap\nkopanoEnabledFeatures: pop3\n" \
|
|
||||||
| docker-compose exec -T auth ldap modify
|
|
||||||
|
|
||||||
auth-mod_index:
|
|
||||||
printf "dn: olcDatabase={1}mdb,cn=config\nchangetype: modify\nadd: olcDbIndex\nolcDbIndex: cn,ou,uid,mail eq\n" \
|
|
||||||
| docker-compose exec -T auth ldap modify
|
|
||||||
|
|
||||||
auth-mod_hash:
|
|
||||||
printf "dn: olcDatabase={-1}frontend,cn=config\nchangetype: modify\nadd: olcPasswordHash\nolcPasswordHash: {CRYPT}\n\ndn: cn=config\nchangetype: modify\nadd: olcPasswordCryptSaltFormat\nolcPasswordCryptSaltFormat: \$$6\$$%%.16s\n" \
|
|
||||||
| docker-compose exec -T auth ldap modify
|
|
||||||
|
|
||||||
auth-add_schema:
|
|
||||||
docker-compose exec app zcat /usr/share/doc/kopano/kopano.ldif.gz \
|
|
||||||
| docker-compose exec -T auth ldapadd -H ldapi://%2Fvar%2Frun%2Fopenldap%2Fldapi/ -Y EXTERNAL
|
|
||||||
|
|
||||||
auth-gui-up:
|
auth-gui-up:
|
||||||
docker run -d --rm --name auth-gui --network demo_backend \
|
docker run -d --rm --name auth-gui --network demo_backend \
|
||||||
-p 127.0.0.1:8001:80 -e PHPLDAPADMIN_LDAP_HOSTS=auth \
|
-p 127.0.0.1:8001:80 -e PHPLDAPADMIN_LDAP_HOSTS=auth \
|
||||||
|
|
|
||||||
|
|
@ -25,6 +25,7 @@ services:
|
||||||
- LDAP_SEARCH_BASE=${LDAP_BASE-dc=example,dc=com}
|
- LDAP_SEARCH_BASE=${LDAP_BASE-dc=example,dc=com}
|
||||||
- LDAP_USER_TYPE_ATTRIBUTE_VALUE=${LDAP_USEROBJ-posixAccount}
|
- LDAP_USER_TYPE_ATTRIBUTE_VALUE=${LDAP_USEROBJ-posixAccount}
|
||||||
- LDAP_GROUP_TYPE_ATTRIBUTE_VALUE=${LDAP_GROUPOBJ-posixGroup}
|
- LDAP_GROUP_TYPE_ATTRIBUTE_VALUE=${LDAP_GROUPOBJ-posixGroup}
|
||||||
|
- LDAP_GROUPMEMBERS_ATTRIBUTE_TYPE=dn
|
||||||
- LDAP_PROPMAP=
|
- LDAP_PROPMAP=
|
||||||
- MYSQL_DATABASE=${MYSQL_DATABASE-kopano}
|
- MYSQL_DATABASE=${MYSQL_DATABASE-kopano}
|
||||||
- MYSQL_USER=${MYSQL_USER-kopano}
|
- MYSQL_USER=${MYSQL_USER-kopano}
|
||||||
|
|
|
||||||
|
|
@ -86,7 +86,7 @@ AUT_FQDN ?= $(AUT_NAME).$(MAIL_DOM)
|
||||||
AUT_VOL ?=
|
AUT_VOL ?=
|
||||||
AUT_ENV ?= $(NET_ENV) \
|
AUT_ENV ?= $(NET_ENV) \
|
||||||
--name $(AUT_NAME) \
|
--name $(AUT_NAME) \
|
||||||
--hostname $(AUT_FQDN) \
|
--hostname $(AUT_FQDN)
|
||||||
|
|
||||||
CURL_OPT ?= -s -v
|
CURL_OPT ?= -s -v
|
||||||
CURL_IMG ?= curlimages/curl
|
CURL_IMG ?= curlimages/curl
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue