Added new parameters for LDAP in docker-entrypoint.sh

2019-08-14 13:32:20 +02:00 · 2019-08-14 13:32:20 +02:00 · de20d8a64c
commit de20d8a64c
parent 98cd14f8be
1 changed files with 90 additions and 0 deletions
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -12,6 +12,15 @@ Optional parameters:
  --mongoHost XXX       - sets mongo host (default: mongo)
  --redisHost XXX       - sets redis host (default: redis)
  --mySqlHost XXX       - sets mysql host (default: mysql)
+  --withLdap            - use if you want to enable LDAP authentication
+  --ldapHost XXX        - LDAP Host for authentication (default: ldap)
+  --ldapPort XXX        - LDAP port (default: 389)
+  --ldapSecure          - use if you want to use LDAP with ldaps protocol
+  --ldapBindUser XXX    - User for LDAP connexion
+  --ldapBindPass XXX    - Password for LDAP connexion
+  --ldapFilter XXX      - LDAP filter
+  --ldapBaseDN XXX      - LDAP base DN
+  --ldapUidTag XXX      - LDAP UID tag (e.g. uid/cn/username)
 EOF

    exit 1
@ -22,6 +31,15 @@ urlBaseTrusted=http://localhost:3000
 urlBaseSandbox=http://localhost:3003
 urlBasePublic=http://localhost:3004
 wwwProxy=false
+withLdap=false
+ldapHost=ldap
+ldapPort=389
+ldapSecure=false
+ldapBindUser=""
+ldapBindPass=""
+ldapFilter=""
+ldapBaseDN=""
+ldapUidTag=""
 mongoHost=mongo
 redisHost=redis
 mySqlHost=mysql
@ -59,12 +77,73 @@ while [ $# -gt 0 ]; do
            mySqlHost="$2"
            shift 2
            ;;
+        --withLdap)
+            withLdap=true
+            shift 1
+            ;;
+        --ldapHost)
+            ldapHost="$2"
+            shift 2
+            ;;
+        --ldapPort)
+            ldapPort="$2"
+            shift 2
+            ;;
+        --ldapSecure)
+            ldapSecure=true
+            shift 1
+            ;;
+        --ldapBindUser)
+            ldapBindUser="$2"
+            shift 2
+            ;;
+        --ldapBindPass)
+            ldapBindPass="$2"
+            shift 2
+            ;;
+        --ldapFilter)
+            ldapFilter="$2"
+            shift 2
+            ;;
+        --ldapBaseDN)
+            ldapBaseDN="$2"
+            shift 2
+            ;;
+        --ldapUidTag)
+            ldapUidTag="$2"
+            shift 2
+            ;;
        *)
            echo "Error: unrecognized option $1."
            printHelp
    esac
 done

+if [ "$ldapBindUser" == "" ]; then
+  ldapBindUserLine=""
+else
+  ldapBindUserLine="bindUser: $ldapBindUser"
+fi
+if [ "$ldapBindPass" == "" ]; then
+  ldapBindPassLine=""
+else
+  ldapBindPassLine="bindPassword: $ldapBindPass"
+fi
+if [ "$ldapFilter" == "" ]; then
+  ldapFilterLine=""
+else
+  ldapFilterLine="filter: $ldapFilter"
+fi
+if [ "$ldapBaseDN" == "" ]; then
+  ldapBaseDNLine=""
+else
+  ldapBaseDNLine="baseDN: $ldapBaseDN"
+fi
+if [ "$ldapUidTag" == "" ]; then
+  ldapUidTagLine=""
+else
+  ldapUidTagLine="uidTag: $ldapUidTag"
+fi

 cat > server/config/production.yaml <<EOT
 www:
@ -93,6 +172,17 @@ builtinZoneMTA:

 queue:
  processes: 5
+
+ldap:
+  enabled: $withLdap
+  host: $ldapHost
+  port: $ldapPort
+  secure: $ldapSecure
+  $ldapBindUserLine
+  $ldapBindPassLine
+  $ldapFilterLine
+  $ldapBaseDNLine
+  $ldapUidTagLine
 EOT

 cat > server/services/workers/reports/config/production.yaml <<EOT