[PR #32] [MERGED] STARTTLS, custom/valid certificate support, runtime configuration & other enhancements #59

Closed
opened 2026-02-27 16:47:50 +03:00 by kerem · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/rroemhild/docker-test-openldap/pull/32
Author: @AnalogJ
Created: 6/13/2021
Status: Merged
Merged: 8/11/2021
Merged by: @rroemhild

Base: masterHead: master


📝 Commits (7)

  • c61f87e working container. Made it very easy to dynamically enable/disable starttls.
  • 2f80ce6 making sure we can completely customize the users DN and email. pre-requsite for letsencrypt certs
  • f3ffad8 working custom certificates from Letsencrypt.
  • 31dcfc6 Create docker-publish.yml
  • 91f1f04 Update README.md
  • 414d3df fixes for PR.
  • 612b622 change README.md back to rroemhild/test-openldap

📊 Changes

28 files changed (+293 additions, -135 deletions)

View changed files

.github/workflows/docker-publish.yml (+63 -0)
📝 .gitignore (+1 -0)
📝 Dockerfile (+20 -12)
LETSENCRYPT_CERTS.md (+40 -0)
📝 README.md (+19 -1)
bootstrap/slapd-init.sh (+0 -112)
📝 docker-compose.yml (+11 -6)
rootfs/etc/cont-init.d/000-slapd-package-config (+21 -0)
rootfs/etc/cont-init.d/010-tls-certificates (+24 -0)
rootfs/etc/cont-init.d/020-filesystem-perms (+4 -0)
rootfs/etc/cont-init.d/050-openldap-populate (+76 -0)
rootfs/etc/services.d/slapd/run (+4 -0)
📝 rootfs/opt/openldap/bootstrap/config/configadminpw.ldif (+0 -0)
rootfs/opt/openldap/bootstrap/config/force-starttls.ldif (+4 -0)
📝 rootfs/opt/openldap/bootstrap/config/logging.ldif (+0 -0)
📝 rootfs/opt/openldap/bootstrap/config/memberof.ldif (+0 -0)
📝 rootfs/opt/openldap/bootstrap/config/msad.ldif (+0 -0)
📝 rootfs/opt/openldap/bootstrap/config/tls.ldif (+3 -0)
📝 rootfs/opt/openldap/bootstrap/data/00_people.ldif (+0 -0)
📝 rootfs/opt/openldap/bootstrap/data/10_people_amy.ldif (+0 -0)

...and 8 more files

📄 Description

I added the following to your (incredibly useful) image:

  • support for STARTTLS (forced and unforced).
  • instructions for how to generate valid certificates for using Letsencrypt
  • configuration that can be set/overridden via environmental variables
    • ENV LDAP_DOMAIN=planetexpress.com
    • ENV LDAP_ORGANISATION="Planet Express, Inc."
    • ENV LDAP_BINDDN="cn=admin,dc=planetexpress,dc=com"
    • ENV LDAP_FORCE_STARTTLS="false"
  • Example commands for Ldapsearch.
  • Reorganized the container to use s6-overlay, so its easier to customize/configure the container at runtime (rather than having to rebuild the image everytime a change is necessary).

Hopefully you find it useful enough to merge, but either way, thanks for all your hard work @rroemhild


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/rroemhild/docker-test-openldap/pull/32 **Author:** [@AnalogJ](https://github.com/AnalogJ) **Created:** 6/13/2021 **Status:** ✅ Merged **Merged:** 8/11/2021 **Merged by:** [@rroemhild](https://github.com/rroemhild) **Base:** `master` ← **Head:** `master` --- ### 📝 Commits (7) - [`c61f87e`](https://github.com/rroemhild/docker-test-openldap/commit/c61f87e09657e920d851640532b40effc12abf34) working container. Made it very easy to dynamically enable/disable starttls. - [`2f80ce6`](https://github.com/rroemhild/docker-test-openldap/commit/2f80ce69a0432715d1535063b3fd2065e8cd979b) making sure we can completely customize the users DN and email. pre-requsite for letsencrypt certs - [`f3ffad8`](https://github.com/rroemhild/docker-test-openldap/commit/f3ffad876435339d52f8cf3be2e4cbf93b9c7810) working custom certificates from Letsencrypt. - [`31dcfc6`](https://github.com/rroemhild/docker-test-openldap/commit/31dcfc6dbdc9bc1f0a0f38595ea73c8b1b5b50fc) Create docker-publish.yml - [`91f1f04`](https://github.com/rroemhild/docker-test-openldap/commit/91f1f045f66077c443dc70e3cc48df151d3dea4f) Update README.md - [`414d3df`](https://github.com/rroemhild/docker-test-openldap/commit/414d3dfe997e919e1a955df1776645596f083760) fixes for PR. - [`612b622`](https://github.com/rroemhild/docker-test-openldap/commit/612b62201db0ebf6f4a22cce81638d0a0e39044b) change README.md back to rroemhild/test-openldap ### 📊 Changes **28 files changed** (+293 additions, -135 deletions) <details> <summary>View changed files</summary> ➕ `.github/workflows/docker-publish.yml` (+63 -0) 📝 `.gitignore` (+1 -0) 📝 `Dockerfile` (+20 -12) ➕ `LETSENCRYPT_CERTS.md` (+40 -0) 📝 `README.md` (+19 -1) ➖ `bootstrap/slapd-init.sh` (+0 -112) 📝 `docker-compose.yml` (+11 -6) ➕ `rootfs/etc/cont-init.d/000-slapd-package-config` (+21 -0) ➕ `rootfs/etc/cont-init.d/010-tls-certificates` (+24 -0) ➕ `rootfs/etc/cont-init.d/020-filesystem-perms` (+4 -0) ➕ `rootfs/etc/cont-init.d/050-openldap-populate` (+76 -0) ➕ `rootfs/etc/services.d/slapd/run` (+4 -0) 📝 `rootfs/opt/openldap/bootstrap/config/configadminpw.ldif` (+0 -0) ➕ `rootfs/opt/openldap/bootstrap/config/force-starttls.ldif` (+4 -0) 📝 `rootfs/opt/openldap/bootstrap/config/logging.ldif` (+0 -0) 📝 `rootfs/opt/openldap/bootstrap/config/memberof.ldif` (+0 -0) 📝 `rootfs/opt/openldap/bootstrap/config/msad.ldif` (+0 -0) 📝 `rootfs/opt/openldap/bootstrap/config/tls.ldif` (+3 -0) 📝 `rootfs/opt/openldap/bootstrap/data/00_people.ldif` (+0 -0) 📝 `rootfs/opt/openldap/bootstrap/data/10_people_amy.ldif` (+0 -0) _...and 8 more files_ </details> ### 📄 Description I added the following to your (incredibly useful) image: - support for STARTTLS (forced and unforced). - instructions for how to generate valid certificates for using Letsencrypt - configuration that can be set/overridden via environmental variables - `ENV LDAP_DOMAIN=planetexpress.com` - `ENV LDAP_ORGANISATION="Planet Express, Inc."` - `ENV LDAP_BINDDN="cn=admin,dc=planetexpress,dc=com"` - `ENV LDAP_FORCE_STARTTLS="false"` - Example commands for Ldapsearch. - Reorganized the container to use s6-overlay, so its easier to customize/configure the container at runtime (rather than having to rebuild the image everytime a change is necessary). Hopefully you find it useful enough to merge, but either way, thanks for all your hard work @rroemhild --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-02-27 16:47:50 +03:00
Sign in to join this conversation.
No labels
pull-request
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/docker-test-openldap#59
No description provided.