Update ldap container

docker-compose.yml

@@ -43,7 +43,7 @@ services:
       - docker/lama/dev.env
 
   ldap:
-    image: docker.clkl.de/ldap/ldap:0.1-lama
+    image: docker.clkl.de/ldap/ldap:0.3-lama
     build:
       context: docker/ldap
       dockerfile: Dockerfile.ldap

docker/ldap/Dockerfile.ldap

@@ -1,4 +1,50 @@
-FROM alpine:3.7
+FROM alpine:3.9
+
+RUN apk add --upgrade --no-cache build-base groff libtool openldap openssl-dev cyrus-sasl-dev util-linux-dev
+
+WORKDIR /openldap
+RUN wget https://github.com/openldap/openldap/archive/OPENLDAP_REL_ENG_2_4_47.zip\
+  && unzip -d /openldap OPENLDAP_REL_ENG_2_4_47.zip\
+  && rm OPENLDAP_REL_ENG_2_4_47.zip\
+  && mv openldap-OPENLDAP_REL_ENG_2_4_47/* .\
+  && rm -r openldap-OPENLDAP_REL_ENG_2_4_47/
+
+RUN ./configure --prefix=/usr	\
+	--sysconfdir=/etc	\
+	--localstatedir=/var/lib/openldap	\
+	--libexecdir=/usr/lib	\
+		--enable-slapd \
+		--enable-crypt \
+		--enable-modules \
+		--enable-dynamic \
+		--enable-bdb=no \
+		--enable-dnssrv=mod \
+		--enable-hdb=no \
+		--enable-ldap=mod \
+		--enable-mdb=mod \
+		--enable-meta=mod \
+		--enable-monitor=mod \
+		--enable-null=mod \
+		--enable-passwd=mod \
+		--enable-relay=mod \
+		--enable-shell=mod \
+		--enable-sock=mod \
+		--enable-sql=no \
+		--enable-overlays=mod \
+		--with-tls=openssl \
+		--with-cyrus-sasl
+RUN make depend \
+	&& make \
+	&& make prefix=/usr libexec=/usr/lib -C contrib/slapd-modules/lastbind \
+	&& make install \
+	&& make prefix=/usr libexec=/usr/lib -C contrib/slapd-modules/lastbind install 
+
+
+#RUN adduser ldap -D
+
+#EXPOSE 389
+
+#CMD ["slapd", "-u", "ldap", "-g", "ldap", "-d", "32768"]
 
 WORKDIR /
 
@@ -6,7 +52,6 @@ ENV dc=stuve
 ENV dcr=test
 COPY entrypoint.sh /
 
-RUN apk add --update --no-cache openldap openldap-back-mdb openldap-overlay-ppolicy
 RUN sed -i 's!/run/openldap/slapd.pid!/tmp/openladp.pid!' /etc/openldap/slapd.conf
 RUN sed -i 's!/run/openldap/slapd.args!/tmp/openladp.args!' /etc/openldap/slapd.conf
 

docker/ldap/slapd.conf

@@ -12,7 +12,6 @@ include		/etc/openldap/schema/ppolicy.schema
 # Do not enable referrals until AFTER you have a working directory
 # service AND an understanding of referrals.
 #referral	ldap://root.openldap.org
-moduleload	ppolicy.so
 
 # If you change this, adjust pidfile path also in runscript!
 pidfile		/tmp/slapd.pid
@@ -21,6 +20,9 @@ argsfile	/tmp/slapd.args
 # Load dynamic backend modules:
 modulepath	/usr/lib/openldap
 moduleload	back_mdb.so
+moduleload	ppolicy.so
+modulepath	/usr/libexec/openldap
+moduleload	lastbind.so
 # moduleload	back_hdb.so
 # moduleload	back_bbd.so
 # moduleload	back_ldap.so
@@ -72,6 +74,10 @@ rootpw		secret
 directory	/var/lib/openldap/openldap-data
 
 # Indices to maintain
+index	default pres,eq
+index	uid pres,eq
+index	cn,sn pres,eq,sub
+index	member eq
 index	objectClass eq
 
 overlay ppolicy
@@ -81,3 +87,6 @@ ppolicy_hash_cleartext
 
 password-hash {CRYPT}
 password-crypt-salt-format "$6$%.12s"
+
+overlay	lastbind
+lastbind-precision 60

src/core/docker_settings.py

@@ -216,13 +216,13 @@ LOGGING = {
             'handlers': ['console', ],
             'level': 'DEBUG',
         },
-        # 'django_auth_ldap': {
-        #     'level': 'WARNING',
-        #     'handlers': ['console'],
-        # },
-        # 'django': {
-        #     'handlers': ['console'],
-        #     'level': 'DEBUG',
-        # }
+        'django_auth_ldap': {
+            'level': 'WARNING',
+            'handlers': ['console'],
+        },
+        'django': {
+            'handlers': ['console'],
+            'level': 'DEBUG',
+        }
     },
 }