diff --git a/lam-packaging/docker/.env b/lam-packaging/docker/.env index 9f5904f0..ffac751d 100644 --- a/lam-packaging/docker/.env +++ b/lam-packaging/docker/.env @@ -6,8 +6,6 @@ LDAP_BASE_DN=dc=my-domain,dc=com LDAP_SERVER=ldap://ldap:389 # LDAP admin user (set as login user for LAM) LDAP_USER=cn=admin,dc=my-domain,dc=com -# LDAP admin password -LDAP_ADMIN_PASSWORD=adminpw # default language, e.g. en_US, de_DE, fr_FR, ... LAM_LANG=en_US @@ -16,5 +14,7 @@ LAM_PASSWORD=lam # docker-compose only, LDAP organisation name for OpenLDAP LDAP_ORGANISATION="LDAP Account Manager Demo" +# docker-compose only, LDAP admin password +LDAP_ADMIN_PASSWORD=adminpw # docker-compose only, password for LDAP read-only user LDAP_READONLY_USER_PASSWORD=readonlypw diff --git a/lam-packaging/docker/start.sh b/lam-packaging/docker/start.sh index 70390b1d..15e15b69 100755 --- a/lam-packaging/docker/start.sh +++ b/lam-packaging/docker/start.sh @@ -26,7 +26,7 @@ set -eu # unset variables are errors & non-zero return values exit the whole scr LAM_LANG="${LAM_LANG:-en_US}" export LAM_PASSWORD="${LAM_PASSWORD:-lam}" LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";') -LDAP_HOST="${LDAP_HOST:-ldap://ldap:389}" +LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}" LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}" LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}" LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}" @@ -37,7 +37,7 @@ EOF unset LAM_PASSWORD sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF - s|^ServerURL:.*|ServerURL: ${LDAP_HOST}|; + s|^ServerURL:.*|ServerURL: ${LDAP_SERVER}|; s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|; s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|; s|^treesuffix:.*|treesuffix: ${LDAP_BASE_DN}|;