First commit

This commit is contained in:
2025-06-06 12:18:24 -05:00
commit 42bed4c90c
7 changed files with 361 additions and 0 deletions

41
entrypoint.sh Normal file
View File

@ -0,0 +1,41 @@
#!/usr/bin/env bash
set -e
# 1) Ensure required env vars are set:
: "${LDAP_DOMAIN:?Need to set LDAP_DOMAIN (e.g. example.com)}"
: "${LDAP_ORGANISATION:?Need to set LDAP_ORGANISATION}"
: "${LDAP_ADMIN_PASSWORD:?Need to set LDAP_ADMIN_PASSWORD}"
: "${LDAP_USER_PASSWORD:?Need to set LDAP_USER_PASSWORD}"
: "${LAM_BIND_DN:?Need to set LAM_BIND_DN}"
: "${LAM_BIND_PASSWORD:?Need to set LAM_BIND_PASSWORD}"
: "${HYDRA_SECRETS_SYSTEM:?Need to set HYDRA_SECRETS_SYSTEM}"
: "${HYDRA_ISSUER_URL:?Need to set HYDRA_ISSUER_URL}"
# 2) Reconfigure slapd via debconf:
debconf-set-selections <<EOF
slapd slapd/no_configuration boolean false
slapd slapd/password1 password ${LDAP_ADMIN_PASSWORD}
slapd slapd/password2 password ${LDAP_ADMIN_PASSWORD}
slapd slapd/domain string ${LDAP_DOMAIN}
slapd shared/organization string "${LDAP_ORGANISATION}"
slapd slapd/backend select MDB
slapd slapd/purge_database boolean true
slapd slapd/move_old_database boolean true
EOF
# (Re)configure slapd non-interactively:
DEBIAN_FRONTEND=noninteractive dpkg-reconfigure -f noninteractive slapd
# 3) Bootstrap the LDIF into slapd:
envsubst < /templates/bootstrap.ldif.tpl > /tmp/bootstrap.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -D "cn=admin,dc=${LDAP_DOMAIN}" -w "${LDAP_ADMIN_PASSWORD}" -f /tmp/bootstrap.ldif || true
# (ignore “already exists” errors if rerunning)
# 4) Render Hydras config:
envsubst < /templates/hydra-config.yaml.tpl > /etc/hydra/config.yaml
# 5) Render LAMs PHP config:
envsubst < /templates/lam.conf.php.tpl > /var/www/lam/config/lam.conf.php
# 6) Finally, launch supervisord (which starts slapd, hydra, and apache2):
exec /usr/bin/supervisord -c /etc/supervisor/supervisord.conf