FROM debian:buster

ADD build.sh /
RUN /build.sh

ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
	apt-get install -y -qq  \
	ca-certificates \
	coreutils \
	libsasl2-2 \
	libltdl7 \
	libtcmalloc-minimal4 \
	libsasl2-modules-gssapi-mit \
	openssl \
	lmdb-utils \
	krb5-user \
	kstart \
	procps \
	wget

RUN mkdir -p /etc/ldap/sasl2 \
	&& echo "mech_list: GSSAPI EXTERNAL" >> /etc/ldap/sasl2/slapd.conf \
	&& mkdir -p /var/lib/ldap/accesslog \
	&& mkdir -p /var/lib/ldap/logs \
	&& rm -rfv /etc/ldap/slapd.d/* \
	&& ln -s /usr/lib/slapd /usr/sbin/slapd \
	&& ln -s /var/lib/ldap/logs/ldap /var/log/ldap \
	&& openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/private/server.key -out /etc/ssl/certs/server.pem -days 365 -nodes -subj "/CN=$HOSTNAME"

# krb5 conf
COPY etc/krb5.conf /etc/krb5.conf

# ldap conf
COPY etc/ldap/ldap.conf /etc/ldap/ldap.conf
COPY etc/default/slapd  /etc/default/slapd
COPY etc/saslauthd.conf /etc/saslauthd.conf

# Start up file
COPY start.sh /start.sh

# Expose these ports
EXPOSE 389 636
  
WORKDIR /workspace
CMD ["/bin/bash"]