Dockerfile to build a OpenLDAP Server with Fusion Directory Schema's Included. It includes all the functions in the OpenLDAP Image such as Multi-Master Replication, TLS, and other features.
This Container uses tiredofit/openldap as a base.
- [Dave Conroy](dave at tiredofit dot ca)
- Introduction
- Prerequisites
- Dependencies
- Installation
- Quick Start
- Configuration
- Maintenance
- References
To build this image you must have the OpenLDAP Image built and available. To utilize, you must also have the Fusion Directory Image image built and available.
Automated builds of the image are available on Registry and is the recommended method of installation.
docker pull tiredofit/openldap-fusiondirectory-
The quickest way to get started is using docker-compose. See the examples folder for a working docker-compose.yml that can be modified for development or production use.
-
Set various environment variables to understand the capabilities of this image.
-
Map persistent storage for access to configuration and data files for backup.
-
Map Network Ports to allow external access.
Start openldap-fusiondirectory using:
docker-compose upNOTE: Please allow up to 3 minutes for the application to start.
- Please see OpenLDAP Image for Data Volume Configuration.
There is an additional data volume exposed:
| Directory | Description |
|---|---|
/assets/fusiondirectory-custom/ |
Place Schema files here to be imported into FusionDirectory |
- Please see OpenLDAP Image for Environment Variables Configuration
- There are specific environment variables to this image:
| Variable | Description |
|---|---|
FUSIONDIRECTORY_ADMIN_USER |
Default FD Admin User - Default fd-admin |
FUSIONDIRECTORY_ADMIN_PASS |
Default FD Admin Password - Default admin |
ORGANIZATION |
Organization Name Default: Example Organization |
Depending on your choices, the following schemas are available for installation. You must have these also enabled on the FusionDirectory application image to make use of it. If you would like to reapply the schemas set REAPPLY_PLUGIN_SCHEMAS to TRUE.
| Variable | Description |
|---|---|
REAPPLY_PLUGIN_SCHEMAS |
Reapply Plugin Schemas TRUE or FALSE - Default: FALSE |
PLUGIN_ALIAS |
Mail Aliases - Default: FALSE |
PLUGIN_APPLICATIONS |
Applications - Default: FALSE |
PLUGIN_ARGONAUT |
Argonaut - Default: FALSE |
PLUGIN_AUDIT |
Audit Trail - Default: TRUE |
PLUGIN_AUTOFS |
AutoFS - Default: FALSE |
PLUGIN_CERTIFICATES |
Manage Certificates - Default: FALSE |
PLUGIN_COMMUNITY |
Community Plugin - Default: FALSE |
PLUGIN_CYRUS |
Cyrus IMAP - Default: FALSE |
PLUGIN_DEBCONF |
Argonaut Debconf - Default: FALSE |
PLUGIN_DEVELOPERS |
Developers Plugin - Default: FALSE |
PLUGIN_DHCP |
Manage DHCP - Default: FALSE |
PLUGIN_DNS |
Manage DNS - Default: TRUE |
PLUGIN_DOVECOT |
Dovecot IMAP - Default: FALSE |
PLUGIN_DSA |
System Accounts - Default: TRUE |
PLUGIN_EJBCA |
Unknown - Default: FALSE |
PLUGIN_FAI |
Unknown - Default: FALSE |
PLUGIN_FREERADIUS |
FreeRadius Management - Default: FALSE |
PLUGIN_FUSIONINVENTORY |
Inventory Plugin - Default: FALSE |
PLUGIN_GPG |
Manage GPG Keys - Default: FALSE |
PLUGIN_IPMI |
IPMI Management - Default: FALSE |
PLUGIN_KOPANO |
Kopano - Default: FALSE |
PLUGIN_MAIL |
Mail Attributes - Default: TRUE |
PLUGIN_MIXEDGROUPS |
Unix/LDAP Groups - Default: FALSE |
PLUGIN_NAGIOS |
Nagios Monitoring - Default: FALSE |
PLUGIN_NETGROUPS |
NIS - Default: FALSE |
PLUGIN_NEXTCLOUD |
Nextcloud - Default: FALSE |
PLUGIN_NEWSLETTER |
Manage Newsletters - Default: FALSE |
PLUGIN_OPSI |
Inventory - Default: FALSE |
PLUGIN_PERSONAL |
Personal Details - Default: TRUE |
PLUGIN_POSIX |
Posix Groups - Default: FALSE |
PLUGIN_POSTFIX |
Postfix SMTP - Default: FALSE |
PLUGIN_PPOLICY |
Password Policy - Default: TRUE |
PLUGIN_PUPPET |
Puppet CI - Default: FALSE |
PLUGIN_PUREFTPD |
FTP Server - Default: FALSE |
PLUGIN_QUOTA |
Manage Quotas - Default: FALSE |
PLUGIN_RENATER_PARTAGE |
Unknown - Default: FALSE |
PLUGIN_REPOSITORY |
Argonaut Deployment Registry - Default: FALSE |
PLUGIN_SAMBA |
File Sharing - Default: FALSE |
PLUGIN_SEAFILE |
Seafile - Default: FALSE |
PLUGIN_SOGO |
Groupware - Default: FALSE |
PLUGIN_SPAMASSASSIN |
Anti Spam - Default: FALSE |
PLUGIN_SQUID |
Proxy - Default: FALSE |
PLUGIN_SSH |
Manage SSH Keys - Default: TRUE |
PLUGIN_SUBCONTRACTING |
Unknown - Default: FALSE |
PLUGIN_SUDO |
Manage SUDO on Hosts - Default: FALSE |
PLUGIN_SUPANN |
SUPANN - Default: FALSE |
PLUGIN_SYMPA |
Sympa Mailing List - Default: FALSE |
PLUGIN_SYSTEMS |
Systems Management - Default: TRUE |
PLUGIN_USER_REMINDER |
Password Expiry - Default: FALSE |
PLUGIN_WEBLINK |
Display Weblink - Default: FALSE |
- Please see OpenLDAP Image for Networking Configuration
For debugging and maintenance purposes you may want access the containers shell.
docker exec -it openldap-fusiondirectory bashIf you are experiencing issues with adding users prompted by an error with a password policy, enter the container and type fix-ppolicy