mauro/docker-image-nextcloud
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ldap: force 's01' config
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Mauro Torrez 2019-10-12 19:06:53 -03:00
parent 351e257c91
commit 28dc957305
10 changed files with 105 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
14.0/unit/Dockerfile
View File

@ -196,7 +196,6 @@ RUN \
}
ENV LDAP_ENABLE=false
ENV LDAP_CONFIG_ID=s01
ENV LDAP_HOST=
ENV LDAP_PORT=389
ENV LDAP_BACKUP_HOST=

44
14.0/unit/ldap_setup.sh
View File

@ -12,49 +12,47 @@ PREV_DIR=${PWD}
cd /var/www/html
php occ app:enable user_ldap
LDAP_CONFIG_ID=${LDAP_CONFIG_ID:-s01}
[[ "$(php occ ldap:create-empty-config --only-print-prefix)" > "${LDAP_CONFIG_ID}" ]] || {
php occ ldap:show-config s01 | grep -q 'Invalid configID' && {
# config does not yet exist, create it
php occ ldap:create-empty-config
}
[[ -z ${LDAP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapHost ${LDAP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapPort ${LDAP_PORT:-389}
php occ ldap:set-config s01 ldapHost ${LDAP_HOST}
php occ ldap:set-config s01 ldapPort ${LDAP_PORT:-389}
}
[[ -z ${LDAP_BACKUP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupPort ${LDAP_BACKUP_PORT:-389}
php occ ldap:set-config s01 ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config s01 ldapBackupPort ${LDAP_BACKUP_PORT:-389}
}
# credentials for accessing LDAP directory
[[ -z ${LDAP_AGENT_NAME} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentName ${LDAP_AGENT_NAME}
php occ ldap:set-config s01 ldapAgentName ${LDAP_AGENT_NAME}
}
[[ -z ${LDAP_AGENT_PASSWORD} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentPassword ${LDAP_AGENT_PASSWORD}
php occ ldap:set-config s01 ldapAgentPassword ${LDAP_AGENT_PASSWORD}
}
# search base
[[ -z ${LDAP_BASE} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBase ${LDAP_BASE}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBase ${LDAP_BASE}
php occ ldap:set-config s01 ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
}
LDAP_USER_FILTER_OBJECTCLASS=${LDAP_USER_FILTER_OBJECTCLASS:-inetOrgPerson}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_FILTER="(|(objectclass=${LDAP_USER_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_USER_FILTER="${LDAP_USER_FILTER:-${DEFAULT_FILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilter "${LDAP_USER_FILTER}"
php occ ldap:set-config s01 ldapUserFilter "${LDAP_USER_FILTER}"
# | ldapUserFilterGroups | |
# | ldapUserFilterMode | 0 |
DEFAULT_LOGIN_FILTER="(&${DEFAULT_FILTER}(uid=%uid))"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
php occ ldap:set-config s01 ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
# | ldapLoginFilterAttributes | |
# | ldapLoginFilterEmail | 0 |
@ -62,29 +60,29 @@ php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-
# | ldapLoginFilterUsername | 1 |
LDAP_GROUP_FILTER_OBJECTCLASS=${LDAP_GROUP_FILTER_OBJECTCLASS:-organizationalRole}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_GFILTER="(|(objectclass=${LDAP_GROUP_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_GROUP_FILTER="${LDAP_GROUP_FILTER:-${DEFAULT_GFILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilter "${LDAP_GROUP_FILTER}"
php occ ldap:set-config s01 ldapGroupFilter "${LDAP_GROUP_FILTER}"
# | ldapGroupFilterGroups | |
# | ldapGroupFilterMode | 0 |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config s01 ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
[[ -z ${LDAP_USER_DISPLAY_NAME_2} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
php occ ldap:set-config s01 ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
# | ldapTLS | 0 |
# | ldapQuotaAttribute | |
# | ldapQuotaDefault | |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
php occ ldap:set-config s01 ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config s01 ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
# | hasMemberOfFilterSupport | 0 |
# | homeFolderNamingRule | |

1
15.0/unit/Dockerfile
View File

@ -196,7 +196,6 @@ RUN \
}
ENV LDAP_ENABLE=false
ENV LDAP_CONFIG_ID=s01
ENV LDAP_HOST=
ENV LDAP_PORT=389
ENV LDAP_BACKUP_HOST=

44
15.0/unit/ldap_setup.sh
View File

@ -12,49 +12,47 @@ PREV_DIR=${PWD}
cd /var/www/html
php occ app:enable user_ldap
LDAP_CONFIG_ID=${LDAP_CONFIG_ID:-s01}
[[ "$(php occ ldap:create-empty-config --only-print-prefix)" > "${LDAP_CONFIG_ID}" ]] || {
php occ ldap:show-config s01 | grep -q 'Invalid configID' && {
# config does not yet exist, create it
php occ ldap:create-empty-config
}
[[ -z ${LDAP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapHost ${LDAP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapPort ${LDAP_PORT:-389}
php occ ldap:set-config s01 ldapHost ${LDAP_HOST}
php occ ldap:set-config s01 ldapPort ${LDAP_PORT:-389}
}
[[ -z ${LDAP_BACKUP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupPort ${LDAP_BACKUP_PORT:-389}
php occ ldap:set-config s01 ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config s01 ldapBackupPort ${LDAP_BACKUP_PORT:-389}
}
# credentials for accessing LDAP directory
[[ -z ${LDAP_AGENT_NAME} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentName ${LDAP_AGENT_NAME}
php occ ldap:set-config s01 ldapAgentName ${LDAP_AGENT_NAME}
}
[[ -z ${LDAP_AGENT_PASSWORD} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentPassword ${LDAP_AGENT_PASSWORD}
php occ ldap:set-config s01 ldapAgentPassword ${LDAP_AGENT_PASSWORD}
}
# search base
[[ -z ${LDAP_BASE} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBase ${LDAP_BASE}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBase ${LDAP_BASE}
php occ ldap:set-config s01 ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
}
LDAP_USER_FILTER_OBJECTCLASS=${LDAP_USER_FILTER_OBJECTCLASS:-inetOrgPerson}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_FILTER="(|(objectclass=${LDAP_USER_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_USER_FILTER="${LDAP_USER_FILTER:-${DEFAULT_FILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilter "${LDAP_USER_FILTER}"
php occ ldap:set-config s01 ldapUserFilter "${LDAP_USER_FILTER}"
# | ldapUserFilterGroups | |
# | ldapUserFilterMode | 0 |
DEFAULT_LOGIN_FILTER="(&${DEFAULT_FILTER}(uid=%uid))"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
php occ ldap:set-config s01 ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
# | ldapLoginFilterAttributes | |
# | ldapLoginFilterEmail | 0 |
@ -62,29 +60,29 @@ php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-
# | ldapLoginFilterUsername | 1 |
LDAP_GROUP_FILTER_OBJECTCLASS=${LDAP_GROUP_FILTER_OBJECTCLASS:-organizationalRole}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_GFILTER="(|(objectclass=${LDAP_GROUP_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_GROUP_FILTER="${LDAP_GROUP_FILTER:-${DEFAULT_GFILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilter "${LDAP_GROUP_FILTER}"
php occ ldap:set-config s01 ldapGroupFilter "${LDAP_GROUP_FILTER}"
# | ldapGroupFilterGroups | |
# | ldapGroupFilterMode | 0 |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config s01 ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
[[ -z ${LDAP_USER_DISPLAY_NAME_2} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
php occ ldap:set-config s01 ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
# | ldapTLS | 0 |
# | ldapQuotaAttribute | |
# | ldapQuotaDefault | |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
php occ ldap:set-config s01 ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config s01 ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
# | hasMemberOfFilterSupport | 0 |
# | homeFolderNamingRule | |

1
16.0/unit/Dockerfile
View File

@ -196,7 +196,6 @@ RUN \
}
ENV LDAP_ENABLE=false
ENV LDAP_CONFIG_ID=s01
ENV LDAP_HOST=
ENV LDAP_PORT=389
ENV LDAP_BACKUP_HOST=

44
16.0/unit/ldap_setup.sh
View File

@ -12,49 +12,47 @@ PREV_DIR=${PWD}
cd /var/www/html
php occ app:enable user_ldap
LDAP_CONFIG_ID=${LDAP_CONFIG_ID:-s01}
[[ "$(php occ ldap:create-empty-config --only-print-prefix)" > "${LDAP_CONFIG_ID}" ]] || {
php occ ldap:show-config s01 | grep -q 'Invalid configID' && {
# config does not yet exist, create it
php occ ldap:create-empty-config
}
[[ -z ${LDAP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapHost ${LDAP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapPort ${LDAP_PORT:-389}
php occ ldap:set-config s01 ldapHost ${LDAP_HOST}
php occ ldap:set-config s01 ldapPort ${LDAP_PORT:-389}
}
[[ -z ${LDAP_BACKUP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupPort ${LDAP_BACKUP_PORT:-389}
php occ ldap:set-config s01 ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config s01 ldapBackupPort ${LDAP_BACKUP_PORT:-389}
}
# credentials for accessing LDAP directory
[[ -z ${LDAP_AGENT_NAME} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentName ${LDAP_AGENT_NAME}
php occ ldap:set-config s01 ldapAgentName ${LDAP_AGENT_NAME}
}
[[ -z ${LDAP_AGENT_PASSWORD} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentPassword ${LDAP_AGENT_PASSWORD}
php occ ldap:set-config s01 ldapAgentPassword ${LDAP_AGENT_PASSWORD}
}
# search base
[[ -z ${LDAP_BASE} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBase ${LDAP_BASE}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBase ${LDAP_BASE}
php occ ldap:set-config s01 ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
}
LDAP_USER_FILTER_OBJECTCLASS=${LDAP_USER_FILTER_OBJECTCLASS:-inetOrgPerson}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_FILTER="(|(objectclass=${LDAP_USER_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_USER_FILTER="${LDAP_USER_FILTER:-${DEFAULT_FILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilter "${LDAP_USER_FILTER}"
php occ ldap:set-config s01 ldapUserFilter "${LDAP_USER_FILTER}"
# | ldapUserFilterGroups | |
# | ldapUserFilterMode | 0 |
DEFAULT_LOGIN_FILTER="(&${DEFAULT_FILTER}(uid=%uid))"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
php occ ldap:set-config s01 ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
# | ldapLoginFilterAttributes | |
# | ldapLoginFilterEmail | 0 |
@ -62,29 +60,29 @@ php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-
# | ldapLoginFilterUsername | 1 |
LDAP_GROUP_FILTER_OBJECTCLASS=${LDAP_GROUP_FILTER_OBJECTCLASS:-organizationalRole}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_GFILTER="(|(objectclass=${LDAP_GROUP_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_GROUP_FILTER="${LDAP_GROUP_FILTER:-${DEFAULT_GFILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilter "${LDAP_GROUP_FILTER}"
php occ ldap:set-config s01 ldapGroupFilter "${LDAP_GROUP_FILTER}"
# | ldapGroupFilterGroups | |
# | ldapGroupFilterMode | 0 |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config s01 ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
[[ -z ${LDAP_USER_DISPLAY_NAME_2} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
php occ ldap:set-config s01 ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
# | ldapTLS | 0 |
# | ldapQuotaAttribute | |
# | ldapQuotaDefault | |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
php occ ldap:set-config s01 ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config s01 ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
# | hasMemberOfFilterSupport | 0 |
# | homeFolderNamingRule | |

1
17.0/unit/Dockerfile
View File

@ -196,7 +196,6 @@ RUN \
}
ENV LDAP_ENABLE=false
ENV LDAP_CONFIG_ID=s01
ENV LDAP_HOST=
ENV LDAP_PORT=389
ENV LDAP_BACKUP_HOST=

44
17.0/unit/ldap_setup.sh
View File

@ -12,49 +12,47 @@ PREV_DIR=${PWD}
cd /var/www/html
php occ app:enable user_ldap
LDAP_CONFIG_ID=${LDAP_CONFIG_ID:-s01}
[[ "$(php occ ldap:create-empty-config --only-print-prefix)" > "${LDAP_CONFIG_ID}" ]] || {
php occ ldap:show-config s01 | grep -q 'Invalid configID' && {
# config does not yet exist, create it
php occ ldap:create-empty-config
}
[[ -z ${LDAP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapHost ${LDAP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapPort ${LDAP_PORT:-389}
php occ ldap:set-config s01 ldapHost ${LDAP_HOST}
php occ ldap:set-config s01 ldapPort ${LDAP_PORT:-389}
}
[[ -z ${LDAP_BACKUP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupPort ${LDAP_BACKUP_PORT:-389}
php occ ldap:set-config s01 ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config s01 ldapBackupPort ${LDAP_BACKUP_PORT:-389}
}
# credentials for accessing LDAP directory
[[ -z ${LDAP_AGENT_NAME} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentName ${LDAP_AGENT_NAME}
php occ ldap:set-config s01 ldapAgentName ${LDAP_AGENT_NAME}
}
[[ -z ${LDAP_AGENT_PASSWORD} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentPassword ${LDAP_AGENT_PASSWORD}
php occ ldap:set-config s01 ldapAgentPassword ${LDAP_AGENT_PASSWORD}
}
# search base
[[ -z ${LDAP_BASE} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBase ${LDAP_BASE}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBase ${LDAP_BASE}
php occ ldap:set-config s01 ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
}
LDAP_USER_FILTER_OBJECTCLASS=${LDAP_USER_FILTER_OBJECTCLASS:-inetOrgPerson}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_FILTER="(|(objectclass=${LDAP_USER_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_USER_FILTER="${LDAP_USER_FILTER:-${DEFAULT_FILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilter "${LDAP_USER_FILTER}"
php occ ldap:set-config s01 ldapUserFilter "${LDAP_USER_FILTER}"
# | ldapUserFilterGroups | |
# | ldapUserFilterMode | 0 |
DEFAULT_LOGIN_FILTER="(&${DEFAULT_FILTER}(uid=%uid))"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
php occ ldap:set-config s01 ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
# | ldapLoginFilterAttributes | |
# | ldapLoginFilterEmail | 0 |
@ -62,29 +60,29 @@ php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-
# | ldapLoginFilterUsername | 1 |
LDAP_GROUP_FILTER_OBJECTCLASS=${LDAP_GROUP_FILTER_OBJECTCLASS:-organizationalRole}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_GFILTER="(|(objectclass=${LDAP_GROUP_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_GROUP_FILTER="${LDAP_GROUP_FILTER:-${DEFAULT_GFILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilter "${LDAP_GROUP_FILTER}"
php occ ldap:set-config s01 ldapGroupFilter "${LDAP_GROUP_FILTER}"
# | ldapGroupFilterGroups | |
# | ldapGroupFilterMode | 0 |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config s01 ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
[[ -z ${LDAP_USER_DISPLAY_NAME_2} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
php occ ldap:set-config s01 ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
# | ldapTLS | 0 |
# | ldapQuotaAttribute | |
# | ldapQuotaDefault | |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
php occ ldap:set-config s01 ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config s01 ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
# | hasMemberOfFilterSupport | 0 |
# | homeFolderNamingRule | |

1
Dockerfile-unit.template
View File

@ -195,7 +195,6 @@ RUN \
}
ENV LDAP_ENABLE=false
ENV LDAP_CONFIG_ID=s01
ENV LDAP_HOST=
ENV LDAP_PORT=389
ENV LDAP_BACKUP_HOST=

44
docker-ldap_setup.sh
View File

@ -12,49 +12,47 @@ PREV_DIR=${PWD}
cd /var/www/html
php occ app:enable user_ldap
LDAP_CONFIG_ID=${LDAP_CONFIG_ID:-s01}
[[ "$(php occ ldap:create-empty-config --only-print-prefix)" > "${LDAP_CONFIG_ID}" ]] || {
php occ ldap:show-config s01 | grep -q 'Invalid configID' && {
# config does not yet exist, create it
php occ ldap:create-empty-config
}
[[ -z ${LDAP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapHost ${LDAP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapPort ${LDAP_PORT:-389}
php occ ldap:set-config s01 ldapHost ${LDAP_HOST}
php occ ldap:set-config s01 ldapPort ${LDAP_PORT:-389}
}
[[ -z ${LDAP_BACKUP_HOST} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBackupPort ${LDAP_BACKUP_PORT:-389}
php occ ldap:set-config s01 ldapBackupHost ${LDAP_BACKUP_HOST}
php occ ldap:set-config s01 ldapBackupPort ${LDAP_BACKUP_PORT:-389}
}
# credentials for accessing LDAP directory
[[ -z ${LDAP_AGENT_NAME} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentName ${LDAP_AGENT_NAME}
php occ ldap:set-config s01 ldapAgentName ${LDAP_AGENT_NAME}
}
[[ -z ${LDAP_AGENT_PASSWORD} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapAgentPassword ${LDAP_AGENT_PASSWORD}
php occ ldap:set-config s01 ldapAgentPassword ${LDAP_AGENT_PASSWORD}
}
# search base
[[ -z ${LDAP_BASE} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBase ${LDAP_BASE}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBase ${LDAP_BASE}
php occ ldap:set-config s01 ldapBaseUsers ${LDAP_BASE_USERS:-ou=People,${LDAP_BASE}}
php occ ldap:set-config s01 ldapBaseGroups ${LDAP_BASE_GROUPS:-ou=Group,${LDAP_BASE}}
}
LDAP_USER_FILTER_OBJECTCLASS=${LDAP_USER_FILTER_OBJECTCLASS:-inetOrgPerson}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapUserFilterObjectclass "$(echo ${LDAP_USER_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_FILTER="(|(objectclass=${LDAP_USER_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_USER_FILTER="${LDAP_USER_FILTER:-${DEFAULT_FILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserFilter "${LDAP_USER_FILTER}"
php occ ldap:set-config s01 ldapUserFilter "${LDAP_USER_FILTER}"
# | ldapUserFilterGroups | |
# | ldapUserFilterMode | 0 |
DEFAULT_LOGIN_FILTER="(&${DEFAULT_FILTER}(uid=%uid))"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
php occ ldap:set-config s01 ldapLoginFilter "${LDAP_LOGIN_FILTER:-${DEFAULT_LOGIN_FILTER}}"
# | ldapLoginFilterAttributes | |
# | ldapLoginFilterEmail | 0 |
@ -62,29 +60,29 @@ php occ ldap:set-config ${LDAP_CONFIG_ID} ldapLoginFilter "${LDAP_LOGIN_FILTER:-
# | ldapLoginFilterUsername | 1 |
LDAP_GROUP_FILTER_OBJECTCLASS=${LDAP_GROUP_FILTER_OBJECTCLASS:-organizationalRole}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
php occ ldap:set-config s01 ldapGroupFilterObjectclass "$(echo ${LDAP_GROUP_FILTER_OBJECTCLASS} | tr ' ' '\n')"
DEFAULT_GFILTER="(|(objectclass=${LDAP_GROUP_FILTER_OBJECTCLASS// /)(objectclass=}))"
LDAP_GROUP_FILTER="${LDAP_GROUP_FILTER:-${DEFAULT_GFILTER}}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupFilter "${LDAP_GROUP_FILTER}"
php occ ldap:set-config s01 ldapGroupFilter "${LDAP_GROUP_FILTER}"
# | ldapGroupFilterGroups | |
# | ldapGroupFilterMode | 0 |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config s01 ldapGidNumber "${LDAP_GID_NUMBER:-gidNumber}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapUserDisplayName "${LDAP_USER_DISPLAY_NAME:-cn}"
[[ -z ${LDAP_USER_DISPLAY_NAME_2} ]] || {
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
php occ ldap:set-config s01 ldapUserDisplayName2 "${LDAP_USER_DISPLAY_NAME_2}"
}
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
php occ ldap:set-config s01 ldapGroupDisplayName "${LDAP_GROUP_DISPLAY_NAME:-cn}"
# | ldapTLS | 0 |
# | ldapQuotaAttribute | |
# | ldapQuotaDefault | |
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config ${LDAP_CONFIG_ID} ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
php occ ldap:set-config s01 ldapEmailAttribute "${LDAP_EMAIL_ATTRIBUTE:-mail}"
php occ ldap:set-config s01 ldapGroupMemberAssocAttr "${LDAP_GROUP_MEMBER_ASSOC_ATTR:-memberUid}"
# | hasMemberOfFilterSupport | 0 |
# | homeFolderNamingRule | |