WIP: add provider capability

Dockerfile

@@ -1,25 +1,31 @@
 FROM eumau/debian:buster-slim
 
+# admin CN => dn: cn=%%ADMIN_CN%%,%%DOMAIN_DN%%
 ENV LDAP_ADMIN_CN="admin"
-# admin CN, DN => cn=%%ADMIN_DN%%,%%DOMAIN_DN%%
-ENV LDAP_ADMIN_PASSWORD="admin"
 # password for cn=%%ADMIN_DN%%,%%DOMAIN_DN%%
-ENV LDAP_CONFIG_PASSWORD="${LDAP_ADMIN_PASSWORD}"
+ENV LDAP_ADMIN_PASSWORD="admin"
 # password for cn=admin,cn=config
+ENV LDAP_CONFIG_PASSWORD="${LDAP_ADMIN_PASSWORD}"
+# domain name (example.org)
 ENV LDAP_DOMAIN=""
-# domain O (example.org)
-ENV LDAP_DOMAIN_ACCESS="{0}to attrs=userPassword by self write by anonymous auth by * none\n{1}to attrs=shadowLastChange by self write by * read\n{2}to * by * read"
 # olcDbAccess attribute for domain entry (newline-separated)
-ENV LDAP_DOMAIN_DN=""
+ENV LDAP_DOMAIN_ACCESS="{0}to attrs=userPassword by self write by anonymous auth by * none\n{1}to attrs=shadowLastChange by self write by * read\n{2}to * by * read"
 # domain DN (dc=example,dc=org)
-ENV LDAP_DOMAIN_INDEX="cn,uid eq\nmember,memberUid eq\nobjectClass eq\nuidNumber,gidNumber eq"
+ENV LDAP_DOMAIN_DN=""
 # olcDbIndex attribute for domain entry (newline-separated)
-ENV LDAP_DOMAIN_OUS="People Alias Group"
+ENV LDAP_DOMAIN_INDEX="cn,uid eq\nmember,memberUid eq\nobjectClass eq\nuidNumber,gidNumber eq"
 # domain OUs (space-separated)
-ENV LDAP_MEMBEROF="true"
+ENV LDAP_DOMAIN_OUS="People Alias Group"
 # enable memberOf module
-ENV LDAP_SCHEMAS="core cosine inetorgperson misc nis"
+ENV LDAP_MEMBEROF="true"
+# enable replication provider
+ENV LDAP_PROVIDER="false"
+# replicator CN => dn: cn=%%REPLICATOR_CN%%,%%DOMAIN_DN%%
+ENV LDAP_REPLICATOR_CN="replicator"
+# replicator password
+ENV LDAP_REPLICATOR_PASSWORD="${LDAP_ADMIN_PASSWORD}"
 # space-separated list of schemas to load
+ENV LDAP_SCHEMAS="core cosine inetorgperson misc nis"
 
 RUN apt-get update \
 	&& DEBIAN_FRONTEND=noninteractive apt-get install -y \