Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
FROM debian:buster-slim AS stage1
ARG OPENLDAP_VERSION=openldap-2.4.49
ARG CYRUS_SASL_VERSION=cyrus-sasl-2.1.27
ENV OPENLDAP_TARBALL ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/${OPENLDAP_VERSION}.tgz
ENV CYRUS_SASL_TARBALL https://github.com/cyrusimap/cyrus-sasl/releases/download/${CYRUS_SASL_VERSION}/${CYRUS_SASL_VERSION}.tar.gz
ENV HOME /
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get install -y -qq \
ca-certificates \
coreutils \
file \
gcc \
groff-base \
libsasl2-modules-gssapi-mit \
libc6-dev \
libssl-dev \
libsasl2-dev \
libperl-dev \
libltdl-dev \
libltdl7 \
make \
wget
ADD build.sh /
RUN /build.sh
FROM debian:buster-slim
LABEL maintainer="sfeng@stanford.edu"
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get install -y -qq \
ca-certificates \
coreutils \
libldap-2.4-2 \
libsasl2-modules-gssapi-mit \
libltdl7 \
libtcmalloc-minimal4 \
openssl \
sasl2-bin \
lmdb-utils \
krb5-user \
kstart \
procps \
wget
COPY --from=stage1 /release /
RUN mkdir -p /etc/ldap/sasl2 \
&& echo "mech_list: GSSAPI EXTERNAL" >> /etc/ldap/sasl2/slapd.conf \
&& mkdir -p /var/lib/ldap/accesslog \
&& mkdir -p /var/lib/ldap/logs \
&& rm -rfv /etc/ldap/slapd.d/* \
&& ln -s /usr/lib/slapd /usr/sbin/slapd \
&& ln -s /var/lib/ldap/logs/ldap /var/log/ldap \
&& openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/server.key -out /etc/ssl/certs/server.pem -days 365 -nodes -subj "/CN=$HOSTNAME"
# krb5 conf
COPY etc/krb5.conf /etc/krb5.conf
# ldap conf
COPY etc/ldap/ldap.conf /etc/ldap/ldap.conf
COPY etc/default/slapd /etc/default/slapd
COPY etc/saslauthd.conf /etc/saslauthd.conf
# Start up file
COPY start.sh /start.sh
# Expose these ports
EXPOSE 389 636
WORKDIR /workspace
CMD ["/bin/bash"]