From de20d8a64cf9dccabeb1b84c0fa765e8eb0f9968 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guillaume=20R=C3=A9my?= <guillaume.remy@csi-remy.pro>
Date: Wed, 14 Aug 2019 13:32:20 +0200
Subject: [PATCH] Added new parameters for LDAP in docker-entrypoint.sh

---
 docker-entrypoint.sh | 90 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 90 insertions(+)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 6914d668..52c6ff1e 100644
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -12,6 +12,15 @@ Optional parameters:
   --mongoHost XXX       - sets mongo host (default: mongo)
   --redisHost XXX       - sets redis host (default: redis)
   --mySqlHost XXX       - sets mysql host (default: mysql)
+  --withLdap            - use if you want to enable LDAP authentication
+  --ldapHost XXX        - LDAP Host for authentication (default: ldap)
+  --ldapPort XXX        - LDAP port (default: 389)
+  --ldapSecure          - use if you want to use LDAP with ldaps protocol
+  --ldapBindUser XXX    - User for LDAP connexion
+  --ldapBindPass XXX    - Password for LDAP connexion
+  --ldapFilter XXX      - LDAP filter
+  --ldapBaseDN XXX      - LDAP base DN
+  --ldapUidTag XXX      - LDAP UID tag (e.g. uid/cn/username)
 EOF
 
     exit 1
@@ -22,6 +31,15 @@ urlBaseTrusted=http://localhost:3000
 urlBaseSandbox=http://localhost:3003
 urlBasePublic=http://localhost:3004
 wwwProxy=false
+withLdap=false
+ldapHost=ldap
+ldapPort=389
+ldapSecure=false
+ldapBindUser=""
+ldapBindPass=""
+ldapFilter=""
+ldapBaseDN=""
+ldapUidTag=""
 mongoHost=mongo
 redisHost=redis
 mySqlHost=mysql
@@ -59,12 +77,73 @@ while [ $# -gt 0 ]; do
             mySqlHost="$2"
             shift 2
             ;;
+        --withLdap)
+            withLdap=true
+            shift 1
+            ;;
+        --ldapHost)
+            ldapHost="$2"
+            shift 2
+            ;;
+        --ldapPort)
+            ldapPort="$2"
+            shift 2
+            ;;
+        --ldapSecure)
+            ldapSecure=true
+            shift 1
+            ;;
+        --ldapBindUser)
+            ldapBindUser="$2"
+            shift 2
+            ;;
+        --ldapBindPass)
+            ldapBindPass="$2"
+            shift 2
+            ;;
+        --ldapFilter)
+            ldapFilter="$2"
+            shift 2
+            ;;
+        --ldapBaseDN)
+            ldapBaseDN="$2"
+            shift 2
+            ;;
+        --ldapUidTag)
+            ldapUidTag="$2"
+            shift 2
+            ;;
         *)
             echo "Error: unrecognized option $1."
             printHelp
     esac
 done
 
+if [ "$ldapBindUser" == "" ]; then
+  ldapBindUserLine=""
+else
+  ldapBindUserLine="bindUser: $ldapBindUser"
+fi
+if [ "$ldapBindPass" == "" ]; then
+  ldapBindPassLine=""
+else
+  ldapBindPassLine="bindPassword: $ldapBindPass"
+fi
+if [ "$ldapFilter" == "" ]; then
+  ldapFilterLine=""
+else
+  ldapFilterLine="filter: $ldapFilter"
+fi
+if [ "$ldapBaseDN" == "" ]; then
+  ldapBaseDNLine=""
+else
+  ldapBaseDNLine="baseDN: $ldapBaseDN"
+fi
+if [ "$ldapUidTag" == "" ]; then
+  ldapUidTagLine=""
+else
+  ldapUidTagLine="uidTag: $ldapUidTag"
+fi
 
 cat > server/config/production.yaml <<EOT
 www:
@@ -93,6 +172,17 @@ builtinZoneMTA:
 
 queue:
   processes: 5
+
+ldap:
+  enabled: $withLdap
+  host: $ldapHost
+  port: $ldapPort
+  secure: $ldapSecure
+  $ldapBindUserLine
+  $ldapBindPassLine
+  $ldapFilterLine
+  $ldapBaseDNLine
+  $ldapUidTagLine
 EOT
 
 cat > server/services/workers/reports/config/production.yaml <<EOT