...
 
Commits (2)
version: '3'
services:
ldap:
container_name: ddev-${DDEV_SITENAME}-ldap
image: osixia/openldap
ports:
- "389"
- "636"
labels:
# These labels ensure this service is discoverable by ddev
com.ddev.site-name: ${DDEV_SITENAME}
com.ddev.approot: $DDEV_APPROOT
com.ddev.app-url: $DDEV_URL
volumes:
- "../.data/ldap/configuration:/etc/ldap/slapd.d"
- "../.data/ldap/database:/var/lib/ldap"
web:
links:
- ldap:$DDEV_HOSTNAME
phpldapadmin:
image: osixia/phpldapadmin
labels:
# These labels ensure this service is discoverable by ddev
com.ddev.site-name: ${DDEV_SITENAME}
com.ddev.approot: $DDEV_APPROOT
com.ddev.app-url: $DDEV_URL
ports:
- "8040:443"
volumes:
- "./ldap/data/environment/my-env.yaml:/container/environment/01-custom/env.yaml"
FROM osixia/openldap:1.2.1
MAINTAINER T3O Team
ADD bootstrap /container/service/slapd/assets/config/bootstrap
ADD certs /container/service/slapd/assets/certs
ADD environment /container/environment/01-custom
EXPOSE 389 636
NAME = typo3/ldap
VERSION = 0.1.0
.PHONY: all build build-nocache
all: build
build:
docker build -t $(NAME):$(VERSION) --rm .
build-nocache:
docker build -t $(NAME):$(VERSION) --no-cache --rm .
dn: uid=billy,dc=example,dc=org
changetype: add
uid: billy
cn: billy
sn: 3
objectClass: top
objectClass: posixAccount
objectClass: inetOrgPerson
loginShell: /bin/bash
homeDirectory: /home/billy
uidNumber: 14583102
gidNumber: 14564100
userPassword: {SSHA}j3lBh1Seqe4rqF1+NuWmjhvtAni1JC5A
mail: billy@example.org
gecos: Billy User
# TYPO3 LDAP Schema
#
# 1.0 - 2016 Andreas Beutel <Andreas.Beutel@mehrwert.de>
#
# 1.3.6.1.4.1 - IANA-assigned company OIDs, used for private MIBs and such things
# see https://de.wikipedia.org/wiki/Object_Identifier
#
# @todo 99999 is used as Placeholder here
#
# attributeTypes
attributetype ( 1.3.6.1.4.1.99999.2.1.1
NAME 'typo3Test'
DESC 'Test'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
attributetype ( 1.3.6.1.4.1.99999.2.1.2
NAME 'typo3slack'
DESC 'SLACK Username'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# ObjectClasses
objectClass ( 1.3.6.1.4.1.99999.2.2.1
NAME 'typo3Person'
DESC 'TYPO3 person object'
SUP top AUXILIARY
MUST uid
MAY ( typo3slack ) )
This diff is collapsed.
# Copyright (c) 2000-2002, 2005 Sendmail, Inc. and its suppliers.
# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
# $Id: sendmail.schema,v 8.22 2005/09/16 20:18:14 ca Exp $
# Note that this schema is experimental at this point as it has had little
# public review. Therefore, it may change in future versions. Feedback
# via sendmail-YYYY@support.sendmail.org is encouraged (replace YYYY with
# the current year, e.g., 2005).
# OID arcs for Sendmail
# enterprise: 1.3.6.1.4.1
# sendmail: enterprise.6152
# sendmail-at: sendmail.3.1
# sendmail-oc: sendmail.3.2
###########################################################################
#
# The Sendmail MTA attributes and objectclass
#
###########################################################################
# attribute sendmailMTACluster cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.10
NAME 'sendmailMTACluster'
DESC 'cluster name associated with a set of MTAs'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
# attribute sendmailMTAHost cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.11
NAME 'sendmailMTAHost'
DESC 'host name associated with a MTA cluster'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
#objectClass sendmailMTA
# requires
# objectClass
# allows
# sendmailMTACluster,
# sendmailMTAHost,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.10
NAME 'sendmailMTA'
SUP top STRUCTURAL
DESC 'Sendmail MTA definition'
MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) )
###########################################################################
#
# The Sendmail MTA shared attributes
#
###########################################################################
# attribute sendmailMTAKey cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.13
NAME 'sendmailMTAKey'
DESC 'key (left hand side) of an aliases or map entry'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
###########################################################################
#
# The Sendmail MTA Map attributes and objectclasses
#
###########################################################################
# attribute sendmailMTAMapName cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.14
NAME 'sendmailMTAMapName'
DESC 'identifier for the particular map'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE )
# attribute sendmailMTAMapValue cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.16
NAME 'sendmailMTAMapValue'
DESC 'value (right hand side) of a map entry'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
# attribute sendmailMTAMapSearch cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.24
NAME 'sendmailMTAMapSearch'
DESC 'recursive search for values of a map entry'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
# attribute sendmailMTAMapURL cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.25
NAME 'sendmailMTAMapURL'
DESC 'recursive search URL for values of a map entry'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
#objectClass sendmailMTAMap
# requires
# objectClass,
# sendmailMTAMapName,
# allows
# sendmailMTACluster,
# sendmailMTAHost,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.11
NAME 'sendmailMTAMap'
SUP sendmailMTA STRUCTURAL
DESC 'Sendmail MTA map definition'
MUST sendmailMTAMapName
MAY ( sendmailMTACluster $ sendmailMTAHost $ Description ) )
#objectClass sendmailMTAObject
# requires
# objectClass,
# sendmailMTAMapName,
# sendmailMTAKey,
# allows
# sendmailMTACluster,
# sendmailMTAHost,
# sendmailMTAMapValue,
# sendmailMTAMapSearch,
# sendmailMTAMapURL,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.12
NAME 'sendmailMTAMapObject'
SUP sendmailMTAMap STRUCTURAL
DESC 'Sendmail MTA map object'
MUST ( sendmailMTAMapName $ sendmailMTAKey )
MAY ( sendmailMTACluster $ sendmailMTAHost $
sendmailMTAMapValue $ sendmailMTAMapSearch $
sendmailMTAMapURL $ Description ) )
###########################################################################
#
# The Sendmail MTA Alias attributes and objectclasses
#
###########################################################################
# attribute sendmailMTAAliasGrouping cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.18
NAME 'sendmailMTAAliasGrouping'
DESC 'name that identifies a particular aliases grouping'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
# attribute sendmailMTAAliasValue cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.20
NAME 'sendmailMTAAliasValue'
DESC 'value (right hand side) of an alias'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# attribute sendmailMTAAliasSearch cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.26
NAME 'sendmailMTAAliasSearch'
DESC 'recursive search for values of an alias'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
# attribute sendmailMTAAliasURL cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.27
NAME 'sendmailMTAAliasURL'
DESC 'recursive search URL for values of an alias'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
#objectClass sendmailMTAAlias
# requires
# objectClass,
# allows
# sendmailMTAAliasGrouping,
# sendmailMTACluster,
# sendmailMTAHost,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.13
NAME 'sendmailMTAAlias'
SUP sendmailMTA STRUCTURAL
DESC 'Sendmail MTA alias definition'
MAY ( sendmailMTAAliasGrouping $
sendmailMTACluster $ sendmailMTAHost $ Description ) )
#objectClass sendmailMTAAliasObject
# requires
# objectClass,
# sendmailMTAKey,
# allows
# sendmailMTAAliasGrouping,
# sendmailMTACluster,
# sendmailMTAHost,
# sendmailMTAAliasValue,
# sendmailMTAAliasSearch,
# sendmailMTAAliasURL,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.14
NAME 'sendmailMTAAliasObject'
SUP sendmailMTAAlias STRUCTURAL
DESC 'Sendmail MTA alias object'
MUST sendmailMTAKey
MAY ( sendmailMTAAliasGrouping $ sendmailMTACluster $
sendmailMTAHost $ sendmailMTAAliasValue $
sendmailMTAAliasSearch $ sendmailMTAAliasURL $ Description ) )
###########################################################################
#
# The Sendmail MTA Class attributes and objectclass
#
###########################################################################
# attribute sendmailMTAClassName cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.22
NAME 'sendmailMTAClassName'
DESC 'identifier for the class'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} SINGLE-VALUE )
# attribute sendmailMTAClassValue cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.23
NAME 'sendmailMTAClassValue'
DESC 'member of a class'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
# attribute sendmailMTAClassSearch cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.28
NAME 'sendmailMTAClassSearch'
DESC 'recursive search for members of a class'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
# attribute sendmailMTAClassURL cis
attributetype ( 1.3.6.1.4.1.6152.10.3.1.29
NAME 'sendmailMTAClassURL'
DESC 'recursive search URL for members of a class'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
#objectClass sendmailMTAClass
# requires
# objectClass,
# sendmailMTAClassName,
# allows
# sendmailMTACluster,
# sendmailMTAHost,
# sendmailMTAClassValue,
# sendmailMTAClassSearch,
# sendmailMTAClassURL,
# Description
objectclass ( 1.3.6.1.4.1.6152.10.3.2.15
NAME 'sendmailMTAClass'
SUP sendmailMTA STRUCTURAL
DESC 'Sendmail MTA class definition'
MUST sendmailMTAClassName
MAY ( sendmailMTACluster $ sendmailMTAHost $
sendmailMTAClassValue $ sendmailMTAClassSearch $
sendmailMTAClassURL $ Description ) )
-----BEGIN CERTIFICATE-----
MIIC0zCCAlmgAwIBAgIUCfQ+m0pgZ/BjYAJvxrn/bdGNZokwCgYIKoZIzj0EAwMw
gZYxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxBMUEgQ2FyIFdhc2gxJDAiBgNVBAsT
G0luZm9ybWF0aW9uIFRlY2hub2xvZ3kgRGVwLjEUMBIGA1UEBxMLQWxidXF1ZXJx
dWUxEzARBgNVBAgTCk5ldyBNZXhpY28xHzAdBgNVBAMTFmRvY2tlci1saWdodC1i
YXNlaW1hZ2UwHhcNMTUxMjIzMTM1MzAwWhcNMjAxMjIxMTM1MzAwWjCBljELMAkG
A1UEBhMCVVMxFTATBgNVBAoTDEExQSBDYXIgV2FzaDEkMCIGA1UECxMbSW5mb3Jt
YXRpb24gVGVjaG5vbG9neSBEZXAuMRQwEgYDVQQHEwtBbGJ1cXVlcnF1ZTETMBEG
A1UECBMKTmV3IE1leGljbzEfMB0GA1UEAxMWZG9ja2VyLWxpZ2h0LWJhc2VpbWFn
ZTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMZf/12pupAgl8Sm+j8GmjNeNbSFAZWW
oTmIvf2Mu4LWPHy4bTldkQgHUbBpT3xWz8f0lB/ru7596CHsGoL2A28hxuclq5hb
Ux1yrIt3bJIY3TuiX25HGTe6kGCJPB1aLaNmMGQwDgYDVR0PAQH/BAQDAgEGMBIG
A1UdEwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFE+l6XolXDAYnGLTl4W6ULKHrm74
MB8GA1UdIwQYMBaAFE+l6XolXDAYnGLTl4W6ULKHrm74MAoGCCqGSM49BAMDA2gA
MGUCMQCXLZj8okyxW6UTL7hribUUbu63PbjuwIXnwi420DdNsvA9A7fcQEXScWFL
XAGC8rkCMGcqwXZPSRfwuI9r+R11gTrP92hnaVxs9sjRikctpkQpOyNlIXFPopFK
8FdfWPypvA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIC8TCCAnegAwIBAgIIXM3vfP16npQwCgYIKoZIzj0EAwMwgZYxCzAJBgNVBAYT
AlVTMRUwEwYDVQQKEwxBMUEgQ2FyIFdhc2gxJDAiBgNVBAsTG0luZm9ybWF0aW9u
IFRlY2hub2xvZ3kgRGVwLjEUMBIGA1UEBxMLQWxidXF1ZXJxdWUxEzARBgNVBAgT
Ck5ldyBNZXhpY28xHzAdBgNVBAMTFmRvY2tlci1saWdodC1iYXNlaW1hZ2UwHhcN
MTYwMTEwMDk1OTAwWhcNMTcwMTA5MDk1OTAwWjCBjDELMAkGA1UEBhMCVVMxFTAT
BgNVBAoTDEExQSBDYXIgV2FzaDEkMCIGA1UECxMbSW5mb3JtYXRpb24gVGVjaG5v
bG9neSBEZXAuMRQwEgYDVQQHEwtBbGJ1cXVlcnF1ZTETMBEGA1UECBMKTmV3IE1l
eGljbzEVMBMGA1UEAxMMZTNkMTNlZmQ5YjMxMHYwEAYHKoZIzj0CAQYFK4EEACID
YgAElkKdHmSbyRwpEGkaMW4Hq9XHpEWLnet7mkqpigQMCMNhuUKLThKYWOm8ZLK3
Yo21jeb/dXF2LiXgd/Jjaenas3KXkb/FMJESQVTvZ3dwcQwOgyEpCTbjs2GSbiK7
1JuNo4GZMIGWMA4GA1UdDwEB/wQEAwIAoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUtXICfw5YqIkZi83qxOpB
P5UaHXcwHwYDVR0jBBgwFoAUT6XpeiVcMBicYtOXhbpQsoeubvgwFwYDVR0RBBAw
DoIMZTNkMTNlZmQ5YjMxMAoGCCqGSM49BAMDA2gAMGUCMQC20jjmVWusnspeGSOr
Yk+pWNdbTKzNLaU8mR3X2gCs07xrws6cFJBdx/lx8KxE05YCMEaD5kdea/HkaBzy
5xJZJAuIMpj56AR3J4od9aa3x74NDpgOObRDc4Y7ErAWqjsf3A==
-----END CERTIFICATE-----
-----BEGIN EC PRIVATE KEY-----
MIGkAgEBBDAXhGbcS1lHXUJ6cvJZHlm/nHmjJ+wzj+REhgIlQUhf+mDELlwgJEJo
Hnag8Ow0xMygBwYFK4EEACKhZANiAASWQp0eZJvJHCkQaRoxbger1cekRYud63ua
SqmKBAwIw2G5QotOEphY6bxksrdijbWN5v91cXYuJeB38mNp6dqzcpeRv8UwkRJB
VO9nd3BxDA6DISkJNuOzYZJuIrvUm40=
-----END EC PRIVATE KEY-----
-----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA7adhygsX/CvbcQBlSEKBmm0D0+hVfIttcftyFTuDPNok4yDJUBUF
zzc7X/i3PUMzANhShBrngBaXbOhVk3QcjMC623TPhFmILx0r236+aQEUGnlwN73M
RUFM6EblYgH4+E4nv+JLwzHdO72+qMAd92rtzVMiaDlCWghH6wdAFoasTsT6Posc
F5T8WCkzFAZeVhNGRKPP6k3l2BjvRJzkwYMMJrxaIYznMEK6H5CYIqZcpeAB3d2B
NaZXLxFCemLrSS16UHrH1modEe8yjrOaE5+ZesGAA9onsNRZkAJp0x/pRaO/+rHn
Q5QVCQCzxY16UsLzH0q/P80xPMU7BMoocwIBAg==
-----END DH PARAMETERS-----
# This is the default image startup configuration file
# this file define environment variables used during the container **first start** in **startup files**.
# This file is deleted right after startup files are processed for the first time,
# after that all these values will not be available in the container environment.
# This helps to keep your container configuration secret.
# more information : https://github.com/osixia/docker-light-baseimage
# Required and used for new ldap server only
LDAP_ORGANISATION: TYPO3
LDAP_DOMAIN: typo3.org
LDAP_ADMIN_PASSWORD: Adm1n!
LDAP_CONFIG_PASSWORD: c0nfig
LDAP_READONLY_USER: true
LDAP_READONLY_USER_USERNAME: readonly
LDAP_READONLY_USER_PASSWORD: passwr0rd!
# Tls
LDAP_TLS: true
LDAP_TLS_CRT_FILENAME: cert.crt
LDAP_TLS_KEY_FILENAME: cert.key
LDAP_TLS_CA_CRT_FILENAME: ca.crt
LDAP_TLS_ENFORCE: false
LDAP_TLS_CIPHER_SUITE: SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC
LDAP_TLS_VERIFY_CLIENT: never
# Replication
LDAP_REPLICATION: false
# variables $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD, $LDAP_CONFIG_PASSWORD
# are automaticaly replaced at run time
# if you want to add replication to an existing ldap
# adapt LDAP_REPLICATION_CONFIG_SYNCPROV and LDAP_REPLICATION_DB_SYNCPROV to your configuration
# avoid using $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD and $LDAP_CONFIG_PASSWORD variables
LDAP_REPLICATION_CONFIG_SYNCPROV: binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical
LDAP_REPLICATION_DB_SYNCPROV: binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical
LDAP_REPLICATION_HOSTS:
- ldap://ldap.example.org # The order must be the same on all ldap servers
- ldap://ldap2.example.org
# Remove config after setup
LDAP_REMOVE_CONFIG_AFTER_SETUP: false
# This is the default image configuration file
# These values will persists in container environment.
# All environment variables used after the container first start
# must be defined here.
# more information : https://github.com/osixia/docker-light-baseimage
# General container configuration
# see table 5.1 in http://www.openldap.org/doc/admin24/slapdconf2.html for the available log levels.
LDAP_LOG_LEVEL: 0
...@@ -15,3 +15,9 @@ html/typo3temp/ ...@@ -15,3 +15,9 @@ html/typo3temp/
html/uploads/ html/uploads/
/auth.json /auth.json
/html/typo3conf/realurl_autoconf.php /html/typo3conf/realurl_autoconf.php
# Do not version persistet ddev/ docker data
.data/*
# Ignore sequelpro config from ddev
.ddev/sequelpro.spf