mauro/docker-image-openldap
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Add backup, restore scripts
All checks were successful
Build Docker images / docker (eumau/openldap, 1) (push) Successful in 1m0s
Details
Build Docker images / docker (eumau/openldap, latest) (push) Successful in 1m19s
Details

Browse Source
This commit is contained in:
Mauro Torrez 2024-02-28 01:51:13 -03:00
parent 86923be42e
commit 10d496a8f4
4 changed files with 63 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
.drone.yml
View File

@ -1,30 +0,0 @@
---
kind: pipeline
name: default
steps:
- name: build image only
image: plugins/docker
settings:
repo: eumau/openldap
auto_tag: true
dry_run: true
when:
ref:
- refs/pull/**
# event no anda (?)
# event:
# - pull_request
- name: build and publish image
image: plugins/docker
settings:
repo: eumau/openldap
auto_tag: true
username:
from_secret: dockerhub_username
password:
from_secret: dockerhub_password
when:
branch:
- master

3
Dockerfile
View File

@ -1,4 +1,4 @@
FROM eumau/debian:buster-slim FROM eumau/debian:bookworm-slim
# admin CN => dn: cn=%%ADMIN_CN%%,%%DOMAIN_DN%% # admin CN => dn: cn=%%ADMIN_CN%%,%%DOMAIN_DN%%
ENV LDAP_ADMIN_CN="admin" ENV LDAP_ADMIN_CN="admin"
@ -31,6 +31,7 @@ RUN apt-get update \
ADD setup /start.d ADD setup /start.d
ADD confd /etc/confd/ ADD confd /etc/confd/
ADD entrypoint.sh / ADD entrypoint.sh /
ADD ldap_backup ldap_restore /usr/local/sbin/
EXPOSE 389 EXPOSE 389

15
ldap_backup Executable file
View File

@ -0,0 +1,15 @@
#!/bin/bash
assert(){ [[ $? -eq 0 ]] || { [[ -n ${1} ]] && echo ${@} ; exit 1 ; } }
[[ -n "${LDAP_CONFIG_PASSWORD}" ]]
assert "FATAL: Please set LDAP_CONFIG_PASSWORD and retry."
# Count databases
DB_COUNT=$(ldapsearch -D cn=admin,cn=config -w "${LDAP_CONFIG_PASSWORD}" -b cn=config -LLL "(olcDatabase=mdb)" dn | tr -s '\n' | wc -l)
# Perform backup
for i in $(seq 0 ${DB_INDEXES})
do slapcat -n ${i} -l /var/backups/ldap/${i}.ldif
done
echo "Backed up ${DB_COUNT} databases in /var/backups/ldap."

46
ldap_restore Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash
assert(){ [[ $? -eq 0 ]] || { [[ -n ${1} ]] && echo ${@} ; exit 1 ; } }
[[ -f /var/backups/ldap/0.ldif ]]
assert "Unable to restore backup. Missing /var/backups/ldap/0.ldif backup of cn=config."
[[ -f /var/backups/ldap/1.ldif ]]
assert "Unable to restore backup. Missing /var/backups/ldap/1.ldif backup of first database."
# Backup and clean existing config directory
tar czf /var/backups/ldap/etc_ldap_slapd_d-$(date '+%Y-%m-%d').tar.gz /etc/ldap/slapd.d
assert "FATAL: could not backup /etc/ldap/slapd.d before restoring."
find /etc/ldap/slapd.d -delete
assert "FATAL: could not clean /etc/ldap/slapd.d before restoring."
# Backup and clean existing data directory
tar czf /var/backups/ldap/var_lib_ldap-$(date '+%Y-%m-%d').tar.gz /var/lib/ldap
assert "FATAL: could not backup /var/lib/ldap before restoring."
find /var/lib/ldap -delete
assert "FATAL: could not clean /var/lib/ldap before restoring."
# Restore cn=config
echo "Restoring cn=config..."
slapadd -n 0 -F /etc/ldap/slapd.d -l /var/backups/ldap/0.ldif
assert "FATAL: error restoring cn=config using slapadd."
chown -R openldap:openldap /etc/ldap/slapd.d
assert "FATAL: could not fix /etc/ldap/slapd.d permissions."
for LDIF in /var/backups/ldap/*.ldif
do
# Check if it's cn=config backup
if [[ "${LDIF}" == "/var/backups/ldap/0.ldif" ]]
then continue
else
INDEX=$(basename "${LDIF}" | sed 's/.ldif$//g')
[[ "${INDEX}" =~ ^[0-9]+$ ]]
assert "FATAL: could not determine the DB index for ${LDIF}."
echo "Restoring database ${INDEX}..."
slapadd -n ${INDEX} -F /etc/ldap/slapd.d -l "${LDIF}"
assert "FATAL: error restoring database ${INDEX} using slapadd."
fi
done
chown -R openldap:openldap /var/lib/ldap
assert "FATAL: could not fix /var/lib/ldap permissions."