FROM alpine:3.23

LABEL maintainer="WeBuildYourCloud"
LABEL description="Enterprise OpenLDAP container with rfc2307bis, memberOf, and custom schemas"

# Install OpenLDAP and required packages
RUN apk add --no-cache \
    openldap \
    openldap-clients \
    openldap-back-mdb \
    openldap-overlay-memberof \
    openldap-overlay-refint \
    openldap-overlay-unique \
    openldap-overlay-ppolicy \
    openldap-overlay-syncprov \
    openssl \
    argon2 \
    && mkdir -p /var/lib/openldap/openldap-data \
    && mkdir -p /etc/openldap/slapd.d \
    && mkdir -p /run/openldap \
    && mkdir -p /certs \
    && chown -R ldap:ldap /var/lib/openldap \
    && chown -R ldap:ldap /etc/openldap/slapd.d \
    && chown -R ldap:ldap /run/openldap

# Copy custom schemas
COPY schema/*.schema /etc/openldap/schema/

# Copy initialization scripts
COPY scripts/ /scripts/
RUN chmod +x /scripts/*.sh

# Copy LDIF templates
COPY ldif/ /ldif/

# Copy entrypoint
COPY docker-entrypoint.sh /docker-entrypoint.sh
RUN chmod +x /docker-entrypoint.sh

# Expose ports
EXPOSE 389 636

# Volumes for persistence
VOLUME ["/var/lib/openldap/openldap-data", "/etc/openldap/slapd.d", "/certs"]

# Health check
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD ldapsearch -x -H ldap://localhost -b "" -s base "objectClass=*" || exit 1

ENTRYPOINT ["/docker-entrypoint.sh"]