From 550c8889be3f18a1444b2a9d784ba2cf7edb25dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Floure?= <timothee.floure@posteo.net>
Date: Wed, 23 Dec 2020 18:54:04 +0100
Subject: [PATCH] Add OpenLDAP playground environment

---
 openldap-playground/Dockerfile                 |  9 +++++++++
 openldap-playground/README.md                  |  4 ++++
 openldap-playground/ldif/10-refint_add.ldif    |  6 ++++++
 openldap-playground/ldif/11-refint_config.ldif |  7 +++++++
 openldap-playground/ldif/12-memberof_add.ldif  |  6 ++++++
 openldap-playground/ldif/13-refint_add.ldif    | 11 +++++++++++
 openldap-playground/ldif/20-ou_groups.ldif     |  3 +++
 openldap-playground/ldif/20-ou_hosts.ldif      |  3 +++
 openldap-playground/ldif/20-ou_services.ldif   |  3 +++
 openldap-playground/ldif/20-ou_users.ldif      |  3 +++
 openldap-playground/ldif/30-dummy_user.ldif    | 16 ++++++++++++++++
 openldap-playground/ldif/31-dummy_group.ldif   |  6 ++++++
 12 files changed, 77 insertions(+)
 create mode 100644 openldap-playground/Dockerfile
 create mode 100644 openldap-playground/README.md
 create mode 100644 openldap-playground/ldif/10-refint_add.ldif
 create mode 100644 openldap-playground/ldif/11-refint_config.ldif
 create mode 100644 openldap-playground/ldif/12-memberof_add.ldif
 create mode 100644 openldap-playground/ldif/13-refint_add.ldif
 create mode 100644 openldap-playground/ldif/20-ou_groups.ldif
 create mode 100644 openldap-playground/ldif/20-ou_hosts.ldif
 create mode 100644 openldap-playground/ldif/20-ou_services.ldif
 create mode 100644 openldap-playground/ldif/20-ou_users.ldif
 create mode 100644 openldap-playground/ldif/30-dummy_user.ldif
 create mode 100644 openldap-playground/ldif/31-dummy_group.ldif

diff --git a/openldap-playground/Dockerfile b/openldap-playground/Dockerfile
new file mode 100644
index 0000000..f59754a
--- /dev/null
+++ b/openldap-playground/Dockerfile
@@ -0,0 +1,9 @@
+# Dockerfile for the openldap container used in our CI process.
+# Based on https://github.com/osixia/docker-openldap
+
+FROM osixia/openldap:latest
+MAINTAINER Timothée Floure <t.floure@e-durable.ch>
+
+# Applied when the container start:
+# see https://github.com/osixia/docker-openldap#extend-osixiaopenldap121-image
+ADD ldif /container/service/slapd/assets/config/bootstrap/ldif/custom
diff --git a/openldap-playground/README.md b/openldap-playground/README.md
new file mode 100644
index 0000000..672dfab
--- /dev/null
+++ b/openldap-playground/README.md
@@ -0,0 +1,4 @@
+# OpenLDAP Playground
+
+This container provides an easy way to setup a playground or development
+environment including a fully-featured LDAP service.
diff --git a/openldap-playground/ldif/10-refint_add.ldif b/openldap-playground/ldif/10-refint_add.ldif
new file mode 100644
index 0000000..ab3532f
--- /dev/null
+++ b/openldap-playground/ldif/10-refint_add.ldif
@@ -0,0 +1,6 @@
+dn: cn=module,cn=config
+cn: module
+objectclass: olcModuleList
+objectclass: top
+olcmodulepath: /usr/lib/ldap
+olcmoduleload: refint.la
diff --git a/openldap-playground/ldif/11-refint_config.ldif b/openldap-playground/ldif/11-refint_config.ldif
new file mode 100644
index 0000000..595a212
--- /dev/null
+++ b/openldap-playground/ldif/11-refint_config.ldif
@@ -0,0 +1,7 @@
+dn: olcOverlay={1}refint,olcDatabase={1}mdb,cn=config
+objectClass: olcConfig
+objectClass: olcOverlayConfig
+objectClass: olcRefintConfig
+objectClass: top
+olcOverlay: refint
+olcRefintAttribute: memberof member manager owner
diff --git a/openldap-playground/ldif/12-memberof_add.ldif b/openldap-playground/ldif/12-memberof_add.ldif
new file mode 100644
index 0000000..235520e
--- /dev/null
+++ b/openldap-playground/ldif/12-memberof_add.ldif
@@ -0,0 +1,6 @@
+dn: cn=module,cn=config
+cn: module
+objectClass: olcModuleList
+objectClass: top
+olcModulePath: /usr/lib/ldap
+olcModuleLoad: memberof.la
diff --git a/openldap-playground/ldif/13-refint_add.ldif b/openldap-playground/ldif/13-refint_add.ldif
new file mode 100644
index 0000000..da874a7
--- /dev/null
+++ b/openldap-playground/ldif/13-refint_add.ldif
@@ -0,0 +1,11 @@
+dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config
+objectClass: olcConfig
+objectClass: olcMemberOf
+objectClass: olcOverlayConfig
+objectClass: top
+olcOverlay: memberof
+olcMemberOfDangling: drop
+olcMemberOfRefInt: TRUE
+olcMemberOfGroupOC: groupOfNames
+olcMemberOfMemberAD: member
+olcMemberOfMemberOfAD: memberOf
diff --git a/openldap-playground/ldif/20-ou_groups.ldif b/openldap-playground/ldif/20-ou_groups.ldif
new file mode 100644
index 0000000..13264ca
--- /dev/null
+++ b/openldap-playground/ldif/20-ou_groups.ldif
@@ -0,0 +1,3 @@
+dn: ou=Groups,dc=example,dc=org
+ou: Groups
+objectclass: organizationalUnit
diff --git a/openldap-playground/ldif/20-ou_hosts.ldif b/openldap-playground/ldif/20-ou_hosts.ldif
new file mode 100644
index 0000000..1e30134
--- /dev/null
+++ b/openldap-playground/ldif/20-ou_hosts.ldif
@@ -0,0 +1,3 @@
+dn: ou=Hosts,dc=example,dc=org
+ou: Hosts
+objectclass: organizationalUnit
diff --git a/openldap-playground/ldif/20-ou_services.ldif b/openldap-playground/ldif/20-ou_services.ldif
new file mode 100644
index 0000000..8dca26a
--- /dev/null
+++ b/openldap-playground/ldif/20-ou_services.ldif
@@ -0,0 +1,3 @@
+dn: ou=Services,dc=example,dc=org
+ou: Services
+objectclass: organizationalUnit
diff --git a/openldap-playground/ldif/20-ou_users.ldif b/openldap-playground/ldif/20-ou_users.ldif
new file mode 100644
index 0000000..e4a0d6c
--- /dev/null
+++ b/openldap-playground/ldif/20-ou_users.ldif
@@ -0,0 +1,3 @@
+dn: ou=Users,dc=example,dc=org
+ou: Users
+objectclass: organizationalUnit
diff --git a/openldap-playground/ldif/30-dummy_user.ldif b/openldap-playground/ldif/30-dummy_user.ldif
new file mode 100644
index 0000000..b658014
--- /dev/null
+++ b/openldap-playground/ldif/30-dummy_user.ldif
@@ -0,0 +1,16 @@
+dn: uid=jdoe,ou=Users,dc=example,dc=org
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: shadowAccount
+cn: John Doe
+gidNumber: 5001
+givenName: John
+homeDirectory: /home/jdoe
+loginShell: /bin/zsh
+mail: john.doe@example.org
+mobile: 0041767780666
+sn: Doe
+uid: jdoe
+uidNumber: 5001
+userPassword: {SSHA}o0XxcHxqSyWTaWLIld3X6NSiZnKJdii4
+
diff --git a/openldap-playground/ldif/31-dummy_group.ldif b/openldap-playground/ldif/31-dummy_group.ldif
new file mode 100644
index 0000000..d0d5716
--- /dev/null
+++ b/openldap-playground/ldif/31-dummy_group.ldif
@@ -0,0 +1,6 @@
+dn: cn=peasants,ou=Groups,dc=example,dc=org
+objectClass: posixGroup
+cn: peasants
+description: the people of example.org
+gidNumber: 10000
+memberUid: jdoe