Add: docker-collections from mrjk

2022-07-19 01:06:13 -04:00 · 2022-07-19 01:06:13 -04:00 · fb9ebb5380
commit fb9ebb5380
parent cc0a2fb2a8
6 changed files with 113 additions and 15 deletions
--- a/ldap-user-manager/.env
+++ b/ldap-user-manager/.env
@ -0,0 +1,11 @@
+APP_IMAGE=traefik
+APP_VERSION=v2.6.1
+
+APP_PUBLIC_IP="127.0.0.1"
+APP_NETWORK=''
+
+APP_DOMAIN=dev
+APP_ADMIN_EMAIL=admin@dev
+
+TRAEFIK_CERTRESOLV=default
+TRAEFIK_CERTRESOLV_PROVIDER=''
--- a/ldap-user-manager/README.md
+++ b/ldap-user-manager/README.md
@ -0,0 +1,10 @@
+# OpenLDAP Server
+
+
+## Self-serve configuration
+
+## LUM configuration
+
+For lUM, an initial config step is required:
+
+https://lum.dev.box/setup/
--- a/ldap-user-manager/docker-compose.debug.yml
+++ b/ldap-user-manager/docker-compose.debug.yml
@ -0,0 +1,9 @@
+
+
+services:
+    manager:
+      environment:
+        - LDAP_DEBUG=true
+        - LDAP_VERBOSE_CONNECTION_LOGS=true
+        - SESSION_DEBUG=true
+        - SMTP_LOG_LEVEL=4
--- a/ldap-user-manager/docker-compose.traefik.yml
+++ b/ldap-user-manager/docker-compose.traefik.yml
@ -0,0 +1,17 @@
+networks:
+  proxy:
+    external: true
+    name: ${APP_PROXY_NETWORK}
+
+services:
+
+  manager:
+  
+    labels:
+      traefik.enable: "true"
+      traefik.http.routers.lum.entrypoints: front-http,front-https
+      traefik.http.routers.lum.rule: Host(`lum.$APP_TOP_DOMAIN`)
+      traefik.http.routers.lum.service: lum
+      traefik.http.routers.lum.tls: "true"
+      traefik.http.routers.lum.tls.certresolver: $TRAEFIK_CERTRESOLV
+      traefik.http.services.lum.loadbalancer.server.port: '80'
--- a/ldap-user-manager/docker-compose.yml
+++ b/ldap-user-manager/docker-compose.yml
@ -1,18 +1,18 @@
-
+version: "3.9"

 networks:
-  proxy:
-    name: ${APP_PROXY_NETWORK}
+  ldap:
+    external: true
+    name: ${APP_LDAP_NETWORK}

 services:

  manager:
    image: wheelybird/ldap-user-manager:latest
-    restart: always
+    #restart: always

    networks:
-      proxy:
-      default:
+      ldap:

    environment:
      - "SERVER_HOSTNAME=lum.$APP_TOP_DOMAIN"
@ -29,12 +29,3 @@ services:
      # MrJK Tweaking
      - "USERNAME_REGEX=^[a-z][a-zA-Z0-9._-]{2,32}$$"

-    labels:
-      traefik.enable: "true"
-      traefik.http.routers.lum.entrypoints: front-http,front-https
-      traefik.http.routers.lum.rule: Host(`lum.$APP_TOP_DOMAIN`)
-      traefik.http.routers.lum.service: lum
-      traefik.http.routers.lum.tls: "true"
-      traefik.http.routers.lum.tls.certresolver: $TRAEFIK_CERTRESOLV
-      traefik.http.services.lum.loadbalancer.server.port: '80'
-
--- a/traefik/init.sh
+++ b/traefik/init.sh
@ -0,0 +1,60 @@
+#!/bin/bash
+
+install_mkcert ()
+{
+  local url=https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64
+  local file=${url##*/}
+
+  if [[ -f mkcert ]]; then
+    MKCERT=$PWD/mkcert
+    return
+  fi
+  if command -v mkcert >&/dev/null; then
+    MKCERT=$(command -v mkcert)
+    return
+  fi
+
+  # Install mkcert in PWD
+  wget "$url"
+  mv "$file" mkcert
+  chmod +x mkcert
+}
+
+gen_certs ()
+{
+  install_mkcert
+  DOMAIN1="domain1.org"
+  DOMAIN2="domain2.org"
+  SUBDOMAINS=$( echo {infra,paas,apps,iaas,dev,cloud,lab,adm,sv,mgmt}.$DOMAIN1 {infra,paas,apps,iaas,dev,cloud,lab,adm,sv,mgmt}.$DOMAIN2 )
+  DOMAIN=$DOMAIN1
+
+  echo $MKCERT "$DOMAIN" "*.$DOMAIN" $SUBDOMAINS
+  (
+    cd config/
+    $MKCERT "$DOMAIN" "*.$DOMAIN" $SUBDOMAINS
+  )
+  echo "INFO: Certificates has bee generated."
+  tree config
+
+}
+
+gen_htpassword ()
+{
+  CONFIG="admin:admin"
+  local dst="./config/htpasswd"
+  set -x
+
+  while IFS=: read -r user pass; do
+    ! grep -sq "^$user:" $dst  >&/dev/null || continue
+    echo "Add: $user to $dst"
+    printf "$user:$(openssl passwd -apr1 $pass)\n" >> "$dst"
+  done <<< "$CONFIG"
+}
+
+main ()
+{
+  gen_certs
+  gen_htpassword
+}
+
+main