Add configuration from start script with env vars and README doc

Dockerfile

@@ -1,8 +1,7 @@
 FROM debian:bullseye-slim
 
 ENV DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && apt-get install --no-install-recommends -y slapd fusiondirectory-schema fusiondirectory-plugin-mail-schema ldap-utils
-ENV DEBIAN_FRONTEND=readline
+RUN apt-get update && apt-get install --no-install-recommends -y slapd fusiondirectory-schema fusiondirectory-plugin-*-schema ldap-utils
 RUN rm -rf /etc/ldap/slapd.d/* /var/lib/ldap/*
 
 
@@ -12,6 +11,9 @@ ENV URL="ldap:/// ldapi:///"
 ENV CONF_DIR="/etc/ldap/slapd.d"
 ENV DB_DIR="/var/lib/ldap"
 ENV DEBUG_LEVEL="0"
+ENV LDPA_ADMINPWD=
+ENV LDAP_DOMAIN=
+ENV LDAP_ORGANIZATION=
 
 COPY ./start.sh /root/start.sh
 RUN chmod +x /root/start.sh

README.md

@@ -1,2 +1,32 @@
 # OpenLDAP FusionDirectory Docker
 
+Basic Docker image for OpenLDAP server with FusionDirectory schema
+
+## Environment variables
+
+| Variable            | Value                                                                                |
+|:-------------------:|:------------------------------------------------------------------------------------:|
+| `URL`               | The LDAP server URLs (default `ldap:/// ldapi:///`)                                  |
+| `CONF_DIR`          | The LDAP config directory (default: `/etc/ldap/slapd.d`)                             |
+| `DB_DIR`            | The LDAP database directory (default: `/var/lib/ldap`)                               |
+| `DEBUG_LEVEL`       | The LDAP debug level (default: `0`)                                                  |
+| `LDPA_ADMINPWD`     | The LDAP admin password (only needed on first start)                                 |
+| `LDAP_DOMAIN`       | The LDAP domain, will be the base DN separated by point (only needed on first start) |
+| `LDAP_ORGANIZATION` | The LDPA organisation name (only needed on first start)                              |
+
+
+## Exemple
+
+```bash
+# Build image
+docker build -t openldap-fd-docker .
+
+# Run a test LDAP server
+docker run -it -e "LDPA_ADMINPWD=test" -e 'LDAP_DOMAIN=exemple.org' -e 'LDAP_ORGANIZATION=test' --rm -d --name ldap openldap-fd-docker
+
+# Try to fetch some data
+docker exec -it ldap ldapsearch -x -LLL -H 'ldap://localhost' -D 'cn=admin,dc=exemple,dc=org' -b'dc=exemple,dc=org' -w test
+
+# Stop & remove the test LDAP server
+docker rm -f ldap
+```

start.sh

@@ -1,13 +1,40 @@
 #!/bin/bash
 
-if [ -z "$(ls -A "$CONF_DIR")" ] || [ -z "$(ls -A "$DB_DIR")" ]; then
-    echo "Reconfigure slapd"
-    dpkg-reconfigure -plow slapd
+if [ -z "$URL" ] || [ -z "$CONF_DIR" ] || [ -z "$DB_DIR" ] || [ -z "$DEBUG_LEVEL" ]; then
+    echo "Missing environment variable !"
+    exit 1
+fi
 
-    echo "Insert fusiondirectory schema"
+if [ -z "$(ls -A "$CONF_DIR")" ] || [ -z "$(ls -A "$DB_DIR")" ]; then
+    if [ -z "$LDPA_ADMINPWD" ] || [ -z "$LDAP_DOMAIN" ] || [ -z "$LDAP_ORGANIZATION" ]; then
+        echo "Missing environment variable for LDAP configuration !"
+        exit 1
+    fi
+    
+    echo "Reconfigure slapd"
+
+    echo -e "slapd slapd/password1 password $LDPA_ADMINPWD" | debconf-set-selections
+    echo -e "slapd slapd/internal/adminpw password $LDPA_ADMINPWD" | debconf-set-selections
+    echo -e "slapd slapd/internal/generated_adminpw password $LDPA_ADMINPWD" | debconf-set-selections
+    echo -e "slapd slapd/password2 password $LDPA_ADMINPWD" | debconf-set-selections
+    echo -e "slapd slapd/unsafe_selfwrite_acl note" | debconf-set-selections
+    echo -e "slapd slapd/purge_database boolean false" | debconf-set-selections
+    echo -e "slapd slapd/domain string $LDAP_DOMAIN" | debconf-set-selections
+    echo -e "slapd slapd/ppolicy_schema_needs_update select abort installation" | debconf-set-selections
+    echo -e "slapd slapd/invalid_config boolean true" | debconf-set-selections
+    echo -e "slapd slapd/move_old_database boolean false" | debconf-set-selections
+    echo -e "slapd slapd/backend select MDB" | debconf-set-selections
+    echo -e "slapd shared/organization string $LDAP_ORGANIZATION" | debconf-set-selections
+    echo -e "slapd slapd/dump_database_destdir string /var/backups/slapd-VERSION" | debconf-set-selections
+    echo -e "slapd slapd/no_configuration boolean false" | debconf-set-selections
+    echo -e "slapd slapd/dump_database select when needed" | debconf-set-selections
+    echo -e "slapd slapd/password_mismatch note" | debconf-set-selections
+    dpkg-reconfigure slapd
+    
     slapd -F "$CONF_DIR" -u openldap -g openldap -h "$URL" -d "$DEBUG_LEVEL" &
     slapd_pid=$!
     sleep 2
+    
     fusiondirectory-insert-schema
     kill -9 "$slapd_pid"
     sleep 2