Skip to content
Snippets Groups Projects
Normal view Permalink
Dockerfile 1.27 KiB
Newer Older
Xueshan Feng's avatar
Rename stage to builder.  
Xueshan Feng committed
1 
FROM debian:buster-slim AS builder
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
2 
ADD build.sh /
Xueshan Feng's avatar
Add openldap its9295.patch to fix an ADD might conflict with an existing value.  
Xueshan Feng committed
3 4 
# https://rt.symas.com/rt/Ticket/Display.html?id=1628
# Fix access log ADD/DELETE order bug
Xueshan Feng's avatar
Upgrade to 2.4.59; remove its9295.patch.  
Xueshan Feng committed
5 
# ADD its9295.patch /
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
6 7 
RUN /build.sh
Xueshan Feng's avatar
Change sysconfdir location; back to use slim image.  
Xueshan Feng committed
8 9 10 
FROM debian:buster-slim
LABEL maintainer="sfeng@stanford.edu"
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
11 12 
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
Xueshan Feng's avatar
Tidy up code.  
Xueshan Feng committed
13 
	apt-get install -y -qq \
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
14 15 
	ca-certificates \
	coreutils \
Xueshan Feng's avatar
Add libsasl2-2 back. symlink does not seem to work.  
Xueshan Feng committed
16 
	libsasl2-2 \
Xueshan Feng's avatar
Revert to 7e84defa11.  
Xueshan Feng committed
17 
	libltdl7 \
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
18 
	libtcmalloc-minimal4 \
Xueshan Feng's avatar
Add libsasl2-modules-gssapi-mit.  
Xueshan Feng committed
19 
	libsasl2-modules-gssapi-mit \
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
20 
	openssl \
Xueshan Feng's avatar
Dockerfile: format. [skip ci]  
Xueshan Feng committed
21 22 23 
	lmdb-utils \
	krb5-user \
	kstart \
Xueshan Feng's avatar
Tidy up code.  
Xueshan Feng committed
24 
	procps
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
25
Xueshan Feng's avatar
Tidy up code.  
Xueshan Feng committed
26 
# Copy software from stage image
Xueshan Feng's avatar
Rename stage to builder.  
Xueshan Feng committed
27 
COPY --from=builder /artifacts /
Xueshan Feng's avatar
Change sysconfdir location; back to use slim image.  
Xueshan Feng committed
28
Xueshan Feng's avatar
Rename stage to builder.  
Xueshan Feng committed
29 
RUN rm -rfv /etc/ldap/slapd.d/* \
Xueshan Feng's avatar
Use DESTDIR in make for installation.  
Xueshan Feng committed
30 
	&& mkdir -p /etc/ldap/sasl2 \
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
31 32 33 34 35 36 
	&& echo "mech_list: GSSAPI EXTERNAL" >> /etc/ldap/sasl2/slapd.conf \
	&& mkdir -p /var/lib/ldap/accesslog \
	&& mkdir -p /var/lib/ldap/logs \
	&& ln -s /var/lib/ldap/logs/ldap /var/log/ldap \
	&& openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/server.key -out /etc/ssl/certs/server.pem -days 365 -nodes -subj "/CN=$HOSTNAME"
Xueshan Feng's avatar
Tidy up code.  
Xueshan Feng committed
37 38 
# krb5 conf, sldapd conf, sasldauthd conf
COPY etc /etc/
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
39
Xueshan Feng's avatar
Change sysconfdir location; back to use slim image.  
Xueshan Feng committed
40 
# Link default configuration path to customized paths
Xueshan Feng's avatar
Correct syntax to disable DIGEST-MD5.  
Xueshan Feng committed
41 42 
RUN ln -s /usr/lib/slapd /usr/sbin/slapd \
	&& ln -sf /etc/ldap/sasl2/slapd.conf /usr/lib/sasl2/slapd.conf
Xueshan Feng's avatar
Change sysconfdir location; back to use slim image.  
Xueshan Feng committed
43
Xueshan Feng's avatar
Initial commit.
Xueshan Feng committed
44 45 46 47 48 49 50 
# Start up file
COPY start.sh /start.sh

# Expose these ports
EXPOSE 389 636
  
WORKDIR /workspace
Xueshan Feng's avatar
Update Dockerfile to remove Stanford-server-directory. Permissions denied.  
Xueshan Feng committed
51 
CMD ["/bin/bash"]