allow to skip preconfiguration
This commit is contained in:
parent
10f6897e7e
commit
9136d79751
|
@ -1,3 +1,9 @@
|
||||||
|
#
|
||||||
|
# LAM setup
|
||||||
|
#
|
||||||
|
# skip LAM preconfiguration (lam.conf + config.cfg), values: (true/false)
|
||||||
|
# If set to false the other variables below have no effect.
|
||||||
|
LAM_SKIP_PRECONFIGURE=false
|
||||||
# domain of LDAP database root entry, will be converted to dc=...,dc=...
|
# domain of LDAP database root entry, will be converted to dc=...,dc=...
|
||||||
LDAP_DOMAIN=my-domain.com
|
LDAP_DOMAIN=my-domain.com
|
||||||
# LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
# LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
||||||
|
@ -8,13 +14,15 @@ LDAP_SERVER=ldap://ldap:389
|
||||||
LDAP_USER=cn=admin,dc=my-domain,dc=com
|
LDAP_USER=cn=admin,dc=my-domain,dc=com
|
||||||
# default language, e.g. en_US, de_DE, fr_FR, ...
|
# default language, e.g. en_US, de_DE, fr_FR, ...
|
||||||
LAM_LANG=en_US
|
LAM_LANG=en_US
|
||||||
|
|
||||||
# LAM configuration master password and password for server profile "lam"
|
# LAM configuration master password and password for server profile "lam"
|
||||||
LAM_PASSWORD=lam
|
LAM_PASSWORD=lam
|
||||||
|
|
||||||
# docker-compose only, LDAP organisation name for OpenLDAP
|
#
|
||||||
|
# docker-compose only, LDAP server setup
|
||||||
|
#
|
||||||
|
# LDAP organisation name for OpenLDAP
|
||||||
LDAP_ORGANISATION="LDAP Account Manager Demo"
|
LDAP_ORGANISATION="LDAP Account Manager Demo"
|
||||||
# docker-compose only, LDAP admin password
|
# LDAP admin password
|
||||||
LDAP_ADMIN_PASSWORD=adminpw
|
LDAP_ADMIN_PASSWORD=adminpw
|
||||||
# docker-compose only, password for LDAP read-only user
|
# password for LDAP read-only user
|
||||||
LDAP_READONLY_USER_PASSWORD=readonlypw
|
LDAP_READONLY_USER_PASSWORD=readonlypw
|
||||||
|
|
|
@ -23,20 +23,23 @@
|
||||||
set -eu # unset variables are errors & non-zero return values exit the whole script
|
set -eu # unset variables are errors & non-zero return values exit the whole script
|
||||||
[ "$DEBUG" ] && set -x
|
[ "$DEBUG" ] && set -x
|
||||||
|
|
||||||
LAM_LANG="${LAM_LANG:-en_US}"
|
LAM_SKIP_PRECONFIGURE="${LAM_SKIP_PRECONFIGURE:-false}"
|
||||||
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
if [ "$LAM_SKIP_PRECONFIGURE" != "true" ]; then
|
||||||
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
|
||||||
LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}"
|
|
||||||
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
|
||||||
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
|
||||||
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
|
||||||
|
|
||||||
sed -i -f- /etc/ldap-account-manager/config.cfg <<- EOF
|
LAM_LANG="${LAM_LANG:-en_US}"
|
||||||
|
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
||||||
|
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
||||||
|
LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}"
|
||||||
|
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
||||||
|
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
||||||
|
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
||||||
|
|
||||||
|
sed -i -f- /etc/ldap-account-manager/config.cfg <<- EOF
|
||||||
s|^password:.*|password: ${LAM_PASSWORD_SSHA}|;
|
s|^password:.*|password: ${LAM_PASSWORD_SSHA}|;
|
||||||
EOF
|
EOF
|
||||||
unset LAM_PASSWORD
|
unset LAM_PASSWORD
|
||||||
|
|
||||||
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||||
s|^ServerURL:.*|ServerURL: ${LDAP_SERVER}|;
|
s|^ServerURL:.*|ServerURL: ${LDAP_SERVER}|;
|
||||||
s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|;
|
s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|;
|
||||||
s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|;
|
s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|;
|
||||||
|
@ -46,6 +49,8 @@ sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||||
s|^.*suffix_group:.*|types: suffix_group: ${LDAP_BASE_DN}|;
|
s|^.*suffix_group:.*|types: suffix_group: ${LDAP_BASE_DN}|;
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
echo "Starting Apache"
|
echo "Starting Apache"
|
||||||
rm -f /run/apache2/apache2.pid
|
rm -f /run/apache2/apache2.pid
|
||||||
set +u
|
set +u
|
||||||
|
|
Loading…
Reference in New Issue