wn/mariadb-with-ldap-pam
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ready for first build, I hope

Browse Source
This commit is contained in:
Wolfgang Hottgenroth 2019-09-02 10:48:39 +00:00
parent abc6d3949a
commit d17de44d8c
4 changed files with 36 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile
View File

@ -15,8 +15,9 @@ RUN \
env DEBIAN_FRONTEND=noninteractive apt-get -yq install pamtester env DEBIAN_FRONTEND=noninteractive apt-get -yq install pamtester
COPY docker-entrypoint.sh-head /usr/local/bin COPY docker-entrypoint.sh-head /usr/local/bin
COPY pam.conf-tail /etc/pam.conf-tail COPY pam.conf-tail /etc
COPY ldap.conf-tmpl /etc/ldap.conf-tmpl COPY ldap.conf-tmpl /etc
COPY load_pam_plugin.cnf /etc/mysql/conf.d
RUN \ RUN \
cd /usr/local/bin && \ cd /usr/local/bin && \

8
docker-entrypoint.sh-head
View File

@ -1,9 +1,7 @@
#!/bin/bash #!/bin/bash
echo "new docker-entrypoint.sh head" if [ `whoami` = 'root' ]; then
(cd /etc && cat ldap.conf-tmpl | sed -e "s/%LDAPBASE%/$LDAPBASE/" -e "s,%LDAPURI%,$LDAPURI," -e "s/%LDAPBINDDN%/$LDAPBINDDN/" -e "s/%LDAPBINDPW%/$LDAPBINDPW/" > ldap.conf)
pushd /etc fi
cat ldap.conf-tmpl | sed -e "s/%LDAPBASE%/$LDAPBASE/" -e "s,%LDAPURI%,$LDAPURI," -e "s/%LDAPBINDDN%/$LDAPBINDDN/" -e "s/%LDAPBINDPW%/$LDAPBINDPW/" > ldap.conf
popd

4
load_pam_plugin.cnf Normal file
View File

@ -0,0 +1,4 @@
[mariadb]
plugin_load=auth_pam.so

26
readme.md Normal file
View File

@ -0,0 +1,26 @@
# MariaDB with PAM authentication via LDAP against an ActiveDirectory server
This image directly derives from the official mariadb image from docker hub, (https://hub.docker.com/_/mariadb).
It is built via a CI/CD pipeline on Gitlab from the repository https://gitlab.com/wolutator/mariadb-with-ldap-pam.
The `libpam_ldap` package is installed and configured. Final values for the LDAP configuration are loaded at start time of the container from environment variables given on the command line.
These variables are
* `LDAPURI`: LDAP URI, like `ldap://dc.yourdomain.com:389`
* `LDAPBASE`: Search base, like `DC=YOURDOMAIN, DC=com`
* `LDAPBINDDN`: DN of a user to read on the ActiveDirectory server
* `LDAPBINDPW`: Password of that user
Start the container after creating the required volumes (see documentation of the original mariadb image) with something like this:
docker run --rm --name mariadb \
-e LDAPURI="ldap://dc.yourdomain.com:389" \
-e LDAPBASE="dc=YOURDOMAIN,dc=com" \
-e LDAPBINDDN="ldapbinddn" \
-e LDAPBINDPW="ldapbindpw" \
-e MYSQL_ROOT_PASSWORD=test123 \
wollud1969/mariadb-with-ldap-pam:latest