wbyc/docker-openldap
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: wbyc:main
Branches Tags
wbyc:main
wbyc:master
wbyc:0.1.5
wbyc:0.1.4
wbyc:0.1.3
wbyc:0.1.2
wbyc:0.1.1
wbyc:v0.1.0
..
compare: wbyc:master
Branches Tags
wbyc:main
wbyc:master
wbyc:0.1.5
wbyc:0.1.4
wbyc:0.1.3
wbyc:0.1.2
wbyc:0.1.1
wbyc:v0.1.0

No commits in common. "main" and "master" have entirely different histories.
main ... master

3 changed files with 39 additions and 55 deletions
Show Stats Expand all files Collapse all files

29
.gitea/workflows/build.yaml
View File

@ -273,36 +273,23 @@ jobs:
if: always() if: always()
run: docker logout ${{ env.REGISTRY }} || true run: docker logout ${{ env.REGISTRY }} || true
# Stage 7: Trigger CD pipeline for terraform-docker-openldap # Stage 7: Update CD pipeline (trigger deployment)
update-cd: update-cd:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: push needs: push
if: needs.push.result == 'success' if: needs.push.result == 'success'
steps: steps:
- name: Trigger terraform-docker-openldap pipeline - name: Trigger CD pipeline
run: | run: |
echo "==============================================" echo "=============================================="
echo " Triggering CD pipeline" echo " Ready to update CD pipeline"
echo "==============================================" echo "=============================================="
echo "New version: ${{ needs.push.outputs.version }}" echo "New version: ${{ needs.push.outputs.version }}"
echo "Full image: ${{ needs.push.outputs.full_image }}" echo "Full image: ${{ needs.push.outputs.full_image }}"
echo "" echo ""
echo "TODO: Add step to update version in CD repository"
# Trigger the Gitea Actions workflow via repository dispatch echo "This could be:"
curl -X POST \ echo " - Update docker-compose.yml in infra repo"
-H "Authorization: token ${{ secrets.GITEA_TOKEN }}" \ echo " - Update Helm values"
-H "Content-Type: application/json" \ echo " - Trigger ArgoCD sync"
"${{ vars.GITEA_URL }}/api/v1/repos/wbyc/terraform-docker-openldap/actions/workflows/pipeline.yaml/dispatches" \
-d '{
"ref": "main",
"inputs": {
"image_tag": "${{ needs.push.outputs.version }}"
}
}' || {
echo "::warning::Failed to trigger CD pipeline"
exit 1
}
echo "=============================================="
echo " CD pipeline triggered successfully"
echo "==============================================" echo "=============================================="

44
scripts/init-config.sh
View File

@ -13,20 +13,6 @@ export LDAP_ADMIN_PASSWORD_HASH LDAP_CONFIG_PASSWORD_HASH
# Create initial slapd.d configuration # Create initial slapd.d configuration
rm -rf /etc/openldap/slapd.d/* rm -rf /etc/openldap/slapd.d/*
# Build TLS attributes if enabled
TLS_CONFIG=""
if [ "$LDAP_TLS_ENABLED" = "true" ] && [ -f "$LDAP_TLS_CERT_FILE" ] && [ -f "$LDAP_TLS_KEY_FILE" ]; then
log_info "Adding TLS configuration..."
TLS_CONFIG="olcTLSCertificateFile: ${LDAP_TLS_CERT_FILE}
olcTLSCertificateKeyFile: ${LDAP_TLS_KEY_FILE}"
if [ -f "$LDAP_TLS_CA_FILE" ]; then
TLS_CONFIG="${TLS_CONFIG}
olcTLSCACertificateFile: ${LDAP_TLS_CA_FILE}"
fi
TLS_CONFIG="${TLS_CONFIG}
olcTLSVerifyClient: ${LDAP_TLS_VERIFY_CLIENT}"
fi
# Create base cn=config LDIF # Create base cn=config LDIF
cat > /tmp/init-config.ldif << EOF cat > /tmp/init-config.ldif << EOF
dn: cn=config dn: cn=config
@ -35,7 +21,6 @@ cn: config
olcArgsFile: /run/openldap/slapd.args olcArgsFile: /run/openldap/slapd.args
olcPidFile: /run/openldap/slapd.pid olcPidFile: /run/openldap/slapd.pid
olcLogLevel: ${LDAP_LOG_LEVEL} olcLogLevel: ${LDAP_LOG_LEVEL}
${TLS_CONFIG}
dn: cn=module{0},cn=config dn: cn=module{0},cn=config
objectClass: olcModuleList objectClass: olcModuleList
@ -83,6 +68,35 @@ olcDbIndex: entryUUID eq
olcDbMaxSize: 1073741824 olcDbMaxSize: 1073741824
EOF EOF
# Add TLS configuration if enabled and certs exist
if [ "$LDAP_TLS_ENABLED" = "true" ] && [ -f "$LDAP_TLS_CERT_FILE" ] && [ -f "$LDAP_TLS_KEY_FILE" ]; then
log_info "Adding TLS configuration..."
cat >> /tmp/init-config.ldif << EOF
dn: cn=config
changetype: modify
add: olcTLSCertificateFile
olcTLSCertificateFile: ${LDAP_TLS_CERT_FILE}
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: ${LDAP_TLS_KEY_FILE}
EOF
if [ -f "$LDAP_TLS_CA_FILE" ]; then
cat >> /tmp/init-config.ldif << EOF
-
add: olcTLSCACertificateFile
olcTLSCACertificateFile: ${LDAP_TLS_CA_FILE}
EOF
fi
cat >> /tmp/init-config.ldif << EOF
-
add: olcTLSVerifyClient
olcTLSVerifyClient: ${LDAP_TLS_VERIFY_CLIENT}
EOF
fi
# Import the configuration # Import the configuration
log_info "Importing cn=config with slapadd..." log_info "Importing cn=config with slapadd..."
/usr/sbin/slapadd -n 0 -F /etc/openldap/slapd.d -l /tmp/init-config.ldif /usr/sbin/slapadd -n 0 -F /etc/openldap/slapd.d -l /tmp/init-config.ldif

21
scripts/init-replication.sh
View File

@ -91,30 +91,13 @@ IFS="$OLD_IFS"
# Configure syncrepl and mirrormode on the database # Configure syncrepl and mirrormode on the database
log_info "Configuring syncrepl and mirrormode..." log_info "Configuring syncrepl and mirrormode..."
# Check if olcSyncRepl attribute already exists
if ldapsearch -Y EXTERNAL -H "$LDAPI_SOCKET" -b "olcDatabase={1}mdb,cn=config" -s base "(olcSyncRepl=*)" olcSyncRepl 2>/dev/null | grep -q "olcSyncRepl:"; then
SYNCREPL_OP="replace"
log_info "Updating existing syncrepl configuration..."
else
SYNCREPL_OP="add"
log_info "Adding new syncrepl configuration..."
fi
# Check if olcMirrorMode attribute already exists
if ldapsearch -Y EXTERNAL -H "$LDAPI_SOCKET" -b "olcDatabase={1}mdb,cn=config" -s base "(olcMirrorMode=*)" olcMirrorMode 2>/dev/null | grep -q "olcMirrorMode:"; then
MIRRORMODE_OP="replace"
else
MIRRORMODE_OP="add"
fi
cat > /tmp/repl-syncrepl.ldif << EOF cat > /tmp/repl-syncrepl.ldif << EOF
dn: olcDatabase={1}mdb,cn=config dn: olcDatabase={1}mdb,cn=config
changetype: modify changetype: modify
${SYNCREPL_OP}: olcSyncRepl replace: olcSyncRepl
${SYNCREPL_CONFIG} ${SYNCREPL_CONFIG}
- -
${MIRRORMODE_OP}: olcMirrorMode replace: olcMirrorMode
olcMirrorMode: TRUE olcMirrorMode: TRUE
EOF EOF