allow to skip preconfiguration
This commit is contained in:
Roland Gruber
parent
10f6897e7e
commit
9136d79751
|
|
@ -1,3 +1,9 @@
|
|||
#
|
||||
# LAM setup
|
||||
#
|
||||
# skip LAM preconfiguration (lam.conf + config.cfg), values: (true/false)
|
||||
# If set to false the other variables below have no effect.
|
||||
LAM_SKIP_PRECONFIGURE=false
|
||||
# domain of LDAP database root entry, will be converted to dc=...,dc=...
|
||||
LDAP_DOMAIN=my-domain.com
|
||||
# LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
||||
|
|
@ -8,13 +14,15 @@ LDAP_SERVER=ldap://ldap:389
|
|||
LDAP_USER=cn=admin,dc=my-domain,dc=com
|
||||
# default language, e.g. en_US, de_DE, fr_FR, ...
|
||||
LAM_LANG=en_US
|
||||
|
||||
# LAM configuration master password and password for server profile "lam"
|
||||
LAM_PASSWORD=lam
|
||||
|
||||
# docker-compose only, LDAP organisation name for OpenLDAP
|
||||
#
|
||||
# docker-compose only, LDAP server setup
|
||||
#
|
||||
# LDAP organisation name for OpenLDAP
|
||||
LDAP_ORGANISATION="LDAP Account Manager Demo"
|
||||
# docker-compose only, LDAP admin password
|
||||
# LDAP admin password
|
||||
LDAP_ADMIN_PASSWORD=adminpw
|
||||
# docker-compose only, password for LDAP read-only user
|
||||
# password for LDAP read-only user
|
||||
LDAP_READONLY_USER_PASSWORD=readonlypw
|
||||
|
|
|
|||
|
|
@ -23,20 +23,23 @@
|
|||
set -eu # unset variables are errors & non-zero return values exit the whole script
|
||||
[ "$DEBUG" ] && set -x
|
||||
|
||||
LAM_LANG="${LAM_LANG:-en_US}"
|
||||
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
||||
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
||||
LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}"
|
||||
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
||||
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
||||
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
||||
LAM_SKIP_PRECONFIGURE="${LAM_SKIP_PRECONFIGURE:-false}"
|
||||
if [ "$LAM_SKIP_PRECONFIGURE" != "true" ]; then
|
||||
|
||||
sed -i -f- /etc/ldap-account-manager/config.cfg <<- EOF
|
||||
LAM_LANG="${LAM_LANG:-en_US}"
|
||||
export LAM_PASSWORD="${LAM_PASSWORD:-lam}"
|
||||
LAM_PASSWORD_SSHA=$(php -r '$password = getenv("LAM_PASSWORD"); mt_srand((microtime() * 1000000)); $rand = abs(hexdec(bin2hex(openssl_random_pseudo_bytes(5)))); $salt0 = substr(pack("h*", md5($rand)), 0, 8); $salt = substr(pack("H*", sha1($salt0 . $password)), 0, 4); print "{SSHA}" . base64_encode(pack("H*", sha1($password . $salt))) . " " . base64_encode($salt) . "\n";')
|
||||
LDAP_SERVER="${LDAP_SERVER:-ldap://ldap:389}"
|
||||
LDAP_DOMAIN="${LDAP_DOMAIN:-my-domain.com}"
|
||||
LDAP_BASE_DN="${LDAP_BASE_DN:-dc=${LDAP_DOMAIN//\./,dc=}}"
|
||||
LDAP_ADMIN_USER="${LDAP_USER:-cn=admin,${LDAP_BASE_DN}}"
|
||||
|
||||
sed -i -f- /etc/ldap-account-manager/config.cfg <<- EOF
|
||||
s|^password:.*|password: ${LAM_PASSWORD_SSHA}|;
|
||||
EOF
|
||||
unset LAM_PASSWORD
|
||||
unset LAM_PASSWORD
|
||||
|
||||
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||
sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
||||
s|^ServerURL:.*|ServerURL: ${LDAP_SERVER}|;
|
||||
s|^Admins:.*|Admins: ${LDAP_ADMIN_USER}|;
|
||||
s|^Passwd:.*|Passwd: ${LAM_PASSWORD_SSHA}|;
|
||||
|
|
@ -46,6 +49,8 @@ sed -i -f- /var/lib/ldap-account-manager/config/lam.conf <<- EOF
|
|||
s|^.*suffix_group:.*|types: suffix_group: ${LDAP_BASE_DN}|;
|
||||
EOF
|
||||
|
||||
fi
|
||||
|
||||
echo "Starting Apache"
|
||||
rm -f /run/apache2/apache2.pid
|
||||
set +u
|
||||
|
|
|
|||
Loading…
Reference in New Issue