Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Port OpenBSD LDAP to linux #23

Merged
merged 15 commits into from
Jan 4, 2018
Merged

WIP: Port OpenBSD LDAP to linux #23

merged 15 commits into from
Jan 4, 2018

Conversation

harishanand95
Copy link
Contributor

@harishanand95 harishanand95 commented Dec 28, 2017

  • Vagrant LDAP removed.
  • Use Portable OpenBSD ldapd

Issue: #22

@harishanand95
Copy link
Contributor Author

harishanand95 commented Dec 28, 2017

Pushpin takes a longer time to build. To reduce this build time, it's better to create a docker hub image of the pushpin. A fix to the above issue will be added in this pull request.

Issue: #24

@@ -18,8 +18,8 @@ schema "/etc/ldap/core.schema"
#schema "/etc/ldap/nis.schema"


listen on em0 port 389 secure
listen on lo0 port 389 secure
listen on eth0 port 8389 secure
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

8389 port will be used by LDAP instead of 389.

#!/usr/bin/env bash
cd /data/kong && rm -rf *
cd /data/tomcat && rm -rf *
cd /data/rabbitmq && rm -rf *
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sudo is not required. The directory already has all user permissions.

@@ -1,41 +1,6 @@
FROM ansible/ubuntu-ssh
FROM harishanand95/ansible-tomcat
MAINTAINER Harish Anand "https://github.com/harishanand95"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

harishanand95/ansible-tomcat image will contain the tomcat installation steps that were part of the old Dockerfile. This avoids the manual building process that keeps happening.
The current approach will be to download the image at once and reuse it.
(instead of building from the Dockerfile)

@@ -7,5 +7,6 @@ RUN apt-get install -y openssh-server sudo
RUN rm /etc/ssh/ca-user-certificate-key.pub
EXPOSE 22
EXPOSE 8000
ARG CACHEBUST=1
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix: ssh to apt_repo container fails because it has the old ca-user-certificate-key.

RUN echo "TrustedUserCAKeys /etc/ssh/ca-user-certificate-key.pub" >> /etc/ssh/sshd_config

EXPOSE 22
EXPOSE 8389
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PORT 8389 is exposed for using apache directory studio. @pct960 IPtables in the server should block based on requirements.

mkdir /root/pushpin/runner && \
mkdir /root/pushpin/runner/certs

ENV LOGNAME=nobody
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pushpin fails when LOGNAME env is not set.
The new Pushpin image will contain the pushpin's installation steps that were part of the old Dockerfile.
Issue: #24


- name: Download openbsd-ldapd-portable
git:
repo: https://github.com/harishanand95/openbsd-ldapd-portable.git
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

using a OpenBSD portable ldapd (has been tested on ubuntu 16.04)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bzero.se/ldapd/

@@ -0,0 +1,3 @@
---
- name: Start pushpin
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pct960 pushpin's logs are in pushpin/pushpin_log_file directory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant