hydraldaplam/Dockerfile

# Dockerfile

FROM debian:bookworm-slim

ENV DEBIAN_FRONTEND=noninteractive

# 1) Install Supervisor, slapd, ldap-utils, Apache2+PHP, wget, bzip2, envsubst, and CA certificates
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
      ca-certificates \
      supervisor \
      slapd ldap-utils \
      wget bzip2 \
      apache2 libapache2-mod-php php php-ldap php-mbstring php-xml \
      gettext-base \
      && rm -rf /var/lib/apt/lists/*

# 2) Download and install Hydra binary (v2.3.0)
RUN wget -qO /tmp/hydra.tar.gz \
      https://github.com/ory/hydra/releases/download/v2.3.0/hydra_2.3.0-linux_64bit.tar.gz && \
    mkdir -p /tmp/hydra_tmp && \
    tar -xzf /tmp/hydra.tar.gz -C /tmp/hydra_tmp && \
    mv "$(find /tmp/hydra_tmp -type f -name hydra)" /usr/local/bin/hydra && \
    chmod +x /usr/local/bin/hydra && \
    rm -rf /tmp/hydra.tar.gz /tmp/hydra_tmp

# 3) Install LAM (LDAP Account Manager) v9.2 under /var/www/html/lam
RUN wget -qO /tmp/lam.tar.bz2 \
      https://github.com/LDAPAccountManager/lam/releases/download/9.2/ldap-account-manager-9.2.tar.bz2 && \
    mkdir -p /tmp/lam_tmp && \
    tar -xjf /tmp/lam.tar.bz2 -C /tmp/lam_tmp && \
    mv /tmp/lam_tmp/ldap-account-manager-9.2 /var/www/html/lam && \
    rm -rf /tmp/lam.tar.bz2 /tmp/lam_tmp

# 4) Enable Apache modules required by LAM
RUN a2enmod php8.2 ldap rewrite

# 5) Copy Supervisor config and entrypoint
COPY supervisord.conf /etc/supervisor/supervisord.conf
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh

# 6) Copy all template files into /templates
COPY templates/ /templates/

# 7) Create empty folder for LAM runtime config (populated via entrypoint.sh)
RUN mkdir -p /var/www/html/lam/config
RUN chown -R www-data:www-data /var/www/html/lam

# 8) Expose ports: LDAP=389, LDAPS=636, Hydra Public=4444, Hydra Admin=4445, HTTP=80
EXPOSE 389 636 4444 4445 80

# 9) At runtime, entrypoint.sh does envsubst + slapd reconfiguration + supervisord
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]