-
Notifications
You must be signed in to change notification settings - Fork 30
Expand file tree
/
Copy pathDockerfile
More file actions
61 lines (50 loc) · 2.69 KB
/
Dockerfile
File metadata and controls
61 lines (50 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
FROM debian:trixie-slim
LABEL org.opencontainers.image.authors="Clément OUDOT" \
name="lemonldap-ng-nginx" \
version="v2.0"
ENV SSODOMAIN=example.com \
LOGLEVEL=info \
DEBIAN_FRONTEND=noninteractive
# Keep documentation files for Lemonldap that are normally removed by the
# debian-slim image
COPY lemonldap.dpkg.cfg /etc/dpkg/dpkg.cfg.d/lemonldap
RUN echo "# Install LemonLDAP::NG source repo" && \
apt -y update && \
apt -y install wget apt-transport-https gnupg dumb-init curl && \
curl https://lemonldap-ng.org/lemonldap-debian-packages-pub.gpg | gpg --dearmor > /usr/share/keyrings/lemonldap-debian-packages-pub.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/lemonldap-debian-packages-pub.gpg] https://lemonldap-ng.org/deb 2.0 main" >/etc/apt/sources.list.d/lemonldap-ng.list
RUN apt -y update && \
echo "# Install LemonLDAP::NG packages" && \
apt -y install nginx lemonldap-ng cron anacron liblasso-perl libio-string-perl && \
echo "# Install LemonLDAP::NG TOTP requirements" && \
apt -y install libconvert-base32-perl libdigest-hmac-perl && \
echo "# Install LemonLDAP::NG WebAuthn requirements" && \
apt -y install libauthen-webauthn-perl && \
echo "# Install YAML library" && \
apt -y install libyaml-perl && \
echo "# Install some DB drivers" && \
apt -y install libdbd-mysql-perl libdbd-pg-perl && \
echo "# Install vim required for lmConfigEditor" && \
apt -y install vim && \
echo "\ndaemon off;" >> /etc/nginx/nginx.conf
RUN echo "# Clean up image" && \
apt clean && \
apt autoremove --yes && \
rm -rf /var/lib/{apt,dpkg,cache,log}/
COPY docker-entrypoint.sh /
RUN echo '# Copy orignal configuration' && \
cp -a /etc/lemonldap-ng /etc/lemonldap-ng-orig && \
cp -a /var/lib/lemonldap-ng/conf /var/lib/lemonldap-ng/conf-orig && \
cp -a /var/lib/lemonldap-ng/sessions /var/lib/lemonldap-ng/sessions-orig && \
cp -a /var/lib/lemonldap-ng/psessions /var/lib/lemonldap-ng/psessions-orig
RUN echo "# Reverse proxy clean up" && \
rm /etc/lemonldap-ng-orig/*-apache2.conf && \
rm /etc/nginx/sites-enabled/default && \
mkdir /etc/nginx/sites-enabled-orig && \
mv /etc/lemonldap-ng-orig/*-nginx.conf /etc/nginx/sites-enabled-orig/ && \
cp /etc/nginx/sites-enabled-orig/* /etc/nginx/sites-enabled/
RUN echo "# Configure nginx to log to standard streams" && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log
VOLUME ["/etc/lemonldap-ng","/var/lib/lemonldap-ng/conf", "/var/lib/lemonldap-ng/sessions", "/var/lib/lemonldap-ng/psessions", "/etc/nginx/sites-enabled/"]
ENTRYPOINT ["dumb-init","--","/bin/sh", "/docker-entrypoint.sh"]