From 801177d16ccc9eeb14d9ccc3278420b90e207639 Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Fri, 11 Aug 2017 13:19:12 +0200 Subject: o Initial import of configuration for knot. --- knot/README.md | 17 +++ knot/add-People.ldif | 4 + knot/add.ldif | 13 ++ knot/docker-compose.yml | 40 ++++++ knot/launch-ldap | 12 ++ knot/ssp/Dockerfile | 24 ++++ knot/ssp/build | 7 + knot/ssp/conf/000-default.conf | 19 +++ knot/ssp/conf/config.inc.php | 285 +++++++++++++++++++++++++++++++++++++++++ knot/ssp/launch | 9 ++ knot/ssp/self-service-password | 1 + 11 files changed, 431 insertions(+) create mode 100644 knot/README.md create mode 100644 knot/add-People.ldif create mode 100644 knot/add.ldif create mode 100644 knot/docker-compose.yml create mode 100755 knot/launch-ldap create mode 100644 knot/ssp/Dockerfile create mode 100755 knot/ssp/build create mode 100644 knot/ssp/conf/000-default.conf create mode 100644 knot/ssp/conf/config.inc.php create mode 100755 knot/ssp/launch create mode 160000 knot/ssp/self-service-password (limited to 'knot') diff --git a/knot/README.md b/knot/README.md new file mode 100644 index 0000000..75066cd --- /dev/null +++ b/knot/README.md @@ -0,0 +1,17 @@ + sudo docker network create --subnet=172.90.0.0/16 trygvis-net + +# Add new entry in LDAP + + dn: uid=trygvis,ou=People,dc=trygvis,dc=io + changetype: add + objectClass: top + objectClass: person + objectClass: organizationalPerson + objectClass: inetOrgPerson + uid: trygvis + givenName: Trygve + sn: Laugstøl + cn: Trygve Laugstøl + mail: trygvis@inamo.no + userPassword: password + diff --git a/knot/add-People.ldif b/knot/add-People.ldif new file mode 100644 index 0000000..f4bd9bd --- /dev/null +++ b/knot/add-People.ldif @@ -0,0 +1,4 @@ +dn: ou=People,dc=trygvis,dc=io +changetype: add +objectClass: top +objectClass: organizationalUnit diff --git a/knot/add.ldif b/knot/add.ldif new file mode 100644 index 0000000..9fdfbc3 --- /dev/null +++ b/knot/add.ldif @@ -0,0 +1,13 @@ +dn: uid=trygvis,ou=People,dc=trygvis,dc=io +changetype: add +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: inetOrgPerson +uid: trygvis +givenName: Trygve +sn: Laugstøl +cn: Trygve Laugstøl +mail: trygvis@inamo.no +userPassword: password + diff --git a/knot/docker-compose.yml b/knot/docker-compose.yml new file mode 100644 index 0000000..2a04626 --- /dev/null +++ b/knot/docker-compose.yml @@ -0,0 +1,40 @@ +version: "3" + +services: + t-ssp: + build: ssp + container_name: t-ssp +# ports: +# - "8010:80" + networks: + trygvis_net: + ipv4_address: 172.90.0.10 + env_file: + - ./secrets/t-ssp.env + t-ldap: + image: dinkel/openldap + container_name: t-openldap + environment: + SLAPD_PASSWORD: "secret" + SLAPD_DOMAIN: "trygvis.io" + SLAPD_CONFIG_PASSWORD: "secret" + networks: + trygvis_net: + ipv4_address: 172.90.0.20 + volumes: + - ssp-etc:/etc/ldap + - ssp-data:/var/lib/ldap + +networks: + trygvis_net: + ipam: + config: + - subnet: 172.90.0.0/16 + +volumes: + ssp-etc: + external: + name: t-ssp-etc + ssp-data: + external: + name: t-ssp-data diff --git a/knot/launch-ldap b/knot/launch-ldap new file mode 100755 index 0000000..123eea9 --- /dev/null +++ b/knot/launch-ldap @@ -0,0 +1,12 @@ +#!/bin/bash + +exec docker run -d \ + --name trygvis-openldap \ + --net trygvis-net \ + --ip 172.90.0.30 \ + --volume trygvis-openldap_etc_ldap:/etc/ldap \ + --volume trygvis-openldap_var_lib_ldap:/var/lib/ldap \ + -e SLAPD_PASSWORD=secret \ + -e SLAPD_DOMAIN=trygvis.io \ + -e SLAPD_CONFIG_PASSWORD=secret \ + dinkel/openldap diff --git a/knot/ssp/Dockerfile b/knot/ssp/Dockerfile new file mode 100644 index 0000000..6f19b9d --- /dev/null +++ b/knot/ssp/Dockerfile @@ -0,0 +1,24 @@ +FROM debian:stretch-slim + +MAINTAINER Trygve Laugstøl + +VOLUME /local + +ARG DEBIAN_FRONTEND=noninteractive +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + apache2 \ + aptitude \ + apt-utils \ + git \ + git \ + libapache2-mod-php \ + php-ldap \ + php-mbstring \ + php-xml + +COPY self-service-password /srv/self-service-password +COPY conf/000-default.conf /etc/apache2/sites-available/000-default.conf +COPY conf/config.inc.php /srv/self-service-password/conf/config.inc.php +CMD [] +ENTRYPOINT ["apachectl", "-DFOREGROUND"] diff --git a/knot/ssp/build b/knot/ssp/build new file mode 100755 index 0000000..2c2e62d --- /dev/null +++ b/knot/ssp/build @@ -0,0 +1,7 @@ +#!/bin/bash +set -x +set -e +name=trygvis-ssp +basedir=$(dirname $0) +cd $basedir +exec sudo docker build -t "$name" . diff --git a/knot/ssp/conf/000-default.conf b/knot/ssp/conf/000-default.conf new file mode 100644 index 0000000..7bccb8b --- /dev/null +++ b/knot/ssp/conf/000-default.conf @@ -0,0 +1,19 @@ + + ServerAdmin webmaster@trygvis.io + ServerName auth.trygvis.io + DocumentRoot /srv/self-service-password + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + DirectoryIndex index.php + AddDefaultCharset UTF-8 + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/knot/ssp/conf/config.inc.php b/knot/ssp/conf/config.inc.php new file mode 100644 index 0000000..90f0779 --- /dev/null +++ b/knot/ssp/conf/config.inc.php @@ -0,0 +1,285 @@ + diff --git a/knot/ssp/launch b/knot/ssp/launch new file mode 100755 index 0000000..9b2066b --- /dev/null +++ b/knot/ssp/launch @@ -0,0 +1,9 @@ +#!/bin/bash +set -x +sudo docker run -d \ + --net trygvis-net \ + --ip 172.90.0.10 \ + --hostname t-ssp \ + --name t-ssp \ + --link trygvis-openldap \ + trygvis-ssp diff --git a/knot/ssp/self-service-password b/knot/ssp/self-service-password new file mode 160000 index 0000000..6ddbc1b --- /dev/null +++ b/knot/ssp/self-service-password @@ -0,0 +1 @@ +Subproject commit 6ddbc1bd54e8511b2be95c9c66a1c304764300dd -- cgit v1.2.3