Skip to content
Snippets Groups Projects
Commit 705cf8bb authored by Martin Heide's avatar Martin Heide
Browse files

Rework to use docker-compose

parent b4d22bf1
Branches
No related tags found
No related merge requests found
......@@ -13,16 +13,17 @@ The connector executes two primary queries:
The dex repo contains a basic LDAP setup using [OpenLDAP][openldap].
First start the LDAP server using the example script. This will run the OpenLDAP daemon in a Docker container, and seed it with an initial set of users.
First start the LDAP server using docker-compose. This will run the OpenLDAP daemon in a Docker container, and seed it with an initial set of users.
```
./scripts/slapd.sh
cd examples/ldap
docker-compose up
```
This script sets the LDAP daemon to debug mode, and is expected to print several error messages which are normal. Once the server is up, run dex.
This container is expected to print several warning messages which are normal. Once the server is up, run dex in another terminal.
```
./bin/dex serve examples/config-ldap.yaml
./bin/dex serve examples/ldap/config-ldap.yaml
```
Then run the OAuth client in another terminal.
......
File moved
File moved
version: "3"
services:
ldap:
image: osixia/openldap:1.4.0
# Copying is required because the entrypoint modifies the *.ldif files.
# For verbose output, use:
#command: ["--copy-service", "--loglevel", "debug"]
command: ["--copy-service"]
volumes:
# https://github.com/osixia/docker-openldap#seed-ldap-database-with-ldif
# Option 1: Add additional seed file by mounting to /container/service/slapd/assets/config/bootstrap/ldif/custom/
# Option 2: Overwrite default seed file by mounting to /container/service/slapd/assets/config/bootstrap/ldif/
- ./config-ldap.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/config-ldap.ldif
ports:
- 389:389
- 636:636
#!/bin/bash
#
# Start an OpenLDAP container and populate it with example entries.
# https://github.com/dexidp/dex/blob/master/Documentation/connectors/ldap.md
#
# Usage:
# slapd.sh Kill a possibly preexisting "ldap" container, start a new one, and populate the directory.
# slapd.sh --keep Same, but keep the container if it is already running.
#
set -eu
cd -- "$(dirname "$0")/.."
run_cmd() {
echo ">" "$@" >&2
"$@"
}
keep_running=
if [ $# -gt 0 ] && [ "$1" = "--keep" ]; then
keep_running=1
fi
if [ -z "$keep_running" ] || [ "$(docker inspect --format="{{.State.Running}}" ldap 2> /dev/null)" != "true" ]; then
echo "LDAP container not running, or running and --keep not specified."
echo "Removing old LDAP container (if any)..."
run_cmd docker rm --force ldap || true
echo "Starting LDAP container..."
# Currently the most popular OpenLDAP image on Docker Hub. Comes with the latest version OpenLDAP 2.4.50.
run_cmd docker run -p 389:389 -p 636:636 -v $PWD:$PWD --name ldap --detach osixia/openldap:1.4.0
tries=1
max_tries=10
echo "Waiting for LDAP container ($tries/$max_tries)..."
# Wait until expected line "structuralObjectClass: organization" shows up.
# Seems to work more reliably than waiting for exit code 0. That would be:
# while ! docker exec ldap slapcat -b "dc=example,dc=org" > /dev/null 2>&1; do
while [[ ! "$(docker exec ldap slapcat -b "dc=example,dc=org" 2>/dev/null)" =~ organization ]]; do
((++tries))
if [ "$tries" -gt "$max_tries" ]; then
echo "ERROR: Timeout waiting for LDAP container."
exit 1
fi
sleep 1
echo "Waiting for LDAP container ($tries/$max_tries)..."
done
fi
echo "Adding example entries to directory..."
run_cmd docker exec ldap ldapadd \
-x \
-D "cn=admin,dc=example,dc=org" \
-w admin \
-H ldap://localhost:389/ \
-f $PWD/examples/config-ldap.ldif
echo "OK."
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment