From 3aced04f4c555c09c350ecdb5b407d75c21940d2 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Wed, 27 Sep 2023 17:39:35 +0200 Subject: [PATCH] enh(389ds): add ldap container with test data Signed-off-by: Arthur Schiwon --- user_saml-dirsrv/Dockerfile | 29 +++++++++ user_saml-dirsrv/conf/98nextcloud-schema.ldif | 13 ++++ user_saml-dirsrv/conf/entries.ldif | 65 +++++++++++++++++++ 3 files changed, 107 insertions(+) create mode 100644 user_saml-dirsrv/Dockerfile create mode 100644 user_saml-dirsrv/conf/98nextcloud-schema.ldif create mode 100644 user_saml-dirsrv/conf/entries.ldif diff --git a/user_saml-dirsrv/Dockerfile b/user_saml-dirsrv/Dockerfile new file mode 100644 index 00000000..682cc699 --- /dev/null +++ b/user_saml-dirsrv/Dockerfile @@ -0,0 +1,29 @@ +FROM quay.io/389ds/dirsrv:latest + +ENV DS_DM_PASSWORD admin +ENV DS_SUFFIX_NAME dc=idptestbed + +ADD conf/* /var/opt/ + +RUN rm -Rf /data/* +RUN /usr/libexec/dirsrv/dscontainer -r & \ + sleep 60; \ + WAIT_TIME=60; \ + while : ; do \ + if /usr/libexec/dirsrv/dscontainer -H; then \ + break; \ + fi; \ + sleep 5; \ + WAIT_TIME=$((WAIT_TIME + 5)); \ + if [ ${WAIT_TIME} -gt 180 ]; then \ + echo "dirsrv not ready – giving up checking after 3min"; \ + exit 3 ;\ + fi; \ + done; \ + dsconf localhost backend create --suffix dc=idptestbed --be-name ci_root; \ + mv /var/opt/98nextcloud-schema.ldif /etc/dirsrv/slapd-localhost/schema/; \ + dsconf localhost schema reload; \ + dsconf localhost backend import "dc=idptestbed" /var/opt/entries.ldif; \ + rm /var/opt/entries.ldif; + +EXPOSE 3389 diff --git a/user_saml-dirsrv/conf/98nextcloud-schema.ldif b/user_saml-dirsrv/conf/98nextcloud-schema.ldif new file mode 100644 index 00000000..12114945 --- /dev/null +++ b/user_saml-dirsrv/conf/98nextcloud-schema.ldif @@ -0,0 +1,13 @@ +dn: cn=schema +objectClass: top +objectClass: ldapSubentry +objectClass: subschema +cn: schema +aci: (target="ldap:///cn=schema")(targetattr !="aci")(version 3.0;acl "anonymous, no acis"; allow (read, search, compare) userdn = "ldap:///anyone";) +modifiersName: cn=Directory Manager +modifyTimestamp: 20230412120423Z +objectClasses: ( 1.3.6.1.4.1.49213.1.2.1 NAME 'nextcloudUser' AUXILIARY MUST cn MAY (nextcloudEnabled $ nextcloudQuota ) X-ORIGIN 'user defined' ) +objectClasses: ( 1.3.6.1.4.1.49213.1.2.2 NAME 'nextcloudGroup' AUXILIARY MUST cn MAY nextcloudEnabled X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.49213.1.1.1 NAME 'nextcloudEnabled' DESC 'whether user or group should be available in Nextcloud' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'user defined' ) +attributeTypes: ( 1.3.6.1.4.1.49213.1.1.2 NAME 'nextcloudQuota' DESC 'defines how much disk space is available for the user (e.g. 2 GB)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' ) +nsSchemaCSN: 64369e47000000000000 diff --git a/user_saml-dirsrv/conf/entries.ldif b/user_saml-dirsrv/conf/entries.ldif new file mode 100644 index 00000000..3ba1998a --- /dev/null +++ b/user_saml-dirsrv/conf/entries.ldif @@ -0,0 +1,65 @@ + +dn: dc=idptestbed +objectClass: top +objectClass: domain +dc: idptestbed +description: dc=idptestbed +aci: (targetattr = *) (targetfilter = "(objectclass=*)") (version 3.0; acl "Any read"; allow (search, read, compare) (userdn = "ldap:///anyone" );) + +dn: cn=admin,dc=idptestbed +objectClass: simpleSecurityObject +objectClass: organizationalRole +cn: admin +userPassword: password +description: LDAP administrator + +dn: ou=Groups,dc=idptestbed +objectClass: top +objectClass: organizationalunit +ou: Groups + +dn: ou=People,dc=idptestbed +objectClass: top +objectClass: organizationalunit +ou: People + +dn: uid=student1,ou=People,dc=idptestbed +objectClass: organizationalPerson +objectClass: person +objectClass: top +objectClass: inetOrgPerson +objectClass: nextcloudUser +givenName: Stud +uid: student1 +sn: Ent +cn: Stud Ent +mail: student1@idptestbed.edu +userPassword: password +nextcloudQuota: 200 MB + +dn: uid=student2,ou=People,dc=idptestbed +objectClass: organizationalPerson +objectClass: person +objectClass: top +objectClass: inetOrgPerson +objectClass: nextcloudUser +givenName: Stud +uid: student2 +sn: Ent2 +cn: Stud Ent2 +mail: student2@idptestbed.edu +userPassword: password +nextcloudQuota: 1 GB + +dn: uid=staff1,ou=People,dc=idptestbed +objectClass: organizationalPerson +objectClass: person +objectClass: top +objectClass: inetOrgPerson +objectClass: nextcloudUser +givenName: St +uid: staff1 +sn: aff +cn: St aff +mail: staff1@idptestbed.edu +userPassword: password