slapd config from environment variables in files

docker · May 2, 2017 · a30c78f · a30c78f
1 parent 41d68bd
commit a30c78f
Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/comanage-registry-slapd/README.md b/comanage-registry-slapd/README.md
@@ -93,3 +93,21 @@ docker run -d --name comanage-registry-slapd \
   -p 389:389 -p 636:636 \
   sphericalcowgroup/comanage-registry-slapd
 ```
+
+You may also use environment variables that point to files, for example
+
+```
+docker run -d --name comanage-registry-slapd \
+  --network comanage-registry-internal-network \
+  -v /tmp/slapd-data:/var/lib/ldap \
+  -v /tmp/slapd-config:/etc/ldap/slapd.d \
+  -e SLAPD_CERT_FILE=/run/secrets/slapd_cert_file \
+  -e SLAPD_PRIVKEY_FILE=/run/secrets/slapd_privkey_file \
+  -e SLAPD_CHAIN_FILE=/run/secrets/slapd_chain_file \
+  -e OLC_SUFFIX=dc=my,dc=org \
+  -e OLC_ROOT_DN=cn=admin,dc=my,dc=org \
+  -e OLC_ROOT_PW_FILE=/run/secrets/olc_root_pw \
+  -p 389:389 -p 636:636 \
+  sphericalcowgroup/comanage-registry-slapd
+```
+
diff --git a/comanage-registry-slapd/docker-slapd-entrypoint b/comanage-registry-slapd/docker-slapd-entrypoint
@@ -21,6 +21,23 @@
 
 set -e
 
+# Copy secrets and other deployment specific details into place.
+if [[ -f "${SLAPD_CERT_FILE}" ]]; then
+    cp ${SLAPD_CERT_FILE} /etc/ldap/slapd.crt
+fi
+
+if [[ -f "${SLAPD_PRIVKEY_FILE}" ]]; then
+    cp ${SLAPD_PRIVKEY_FILE} /etc/ldap/slapd.key
+fi
+
+if [[ -f "${SLAPD_CHAIN_FILE}" ]]; then
+    cp ${SLAPD_CHAIN_FILE} /etc/ldap/slapd.ca.crt
+fi
+
+if [[ -f "${OLC_ROOT_PW_FILE}" ]]; then
+    OLC_ROOT_PW=`cat ${OLC_ROOT_PW_FILE}`
+fi
+
 # Only bootstrap the directory if it does not already exist.
 if [[ ! -f /var/lib/ldap/data.mdb && ! -f /etc/ldap/slapd.d/cn=config.ldif ]]; then
     # Parse the domain, rdn, and the value of rdn from the OLC_SUFFIX