Przeglądaj źródła

Update to light-baseimage:0.2.5

Bertrand Gouny 9 lat temu
rodzic
commit
1de6fd652f

+ 2 - 0
CHANGELOG.md

@@ -2,6 +2,8 @@
 
 ## 1.1.6
 
+Update to light-baseimage:0.2.5
+
 ## 1.1.5
 Fix :
   - Restarting container with new environment #44

+ 2 - 2
README.md

@@ -279,7 +279,7 @@ Replication options:
 
 Other environment variables:
 - **LDAP_REMOVE_CONFIG_AFTER_SETUP**: delete config folder after setup. Defaults to `true`
-- **LDAP_CFSSL_PREFIX**: cfssl environment variables prefix. Defaults to `ldap`, cfssl-helper first search config from LDAP_CFSSL_* variables, before CFSSL_* variables.
+- **LDAP_SSL_HELPER_PREFIX**: ssl-helper environment variables prefix. Defaults to `ldap`, ssl-helper first search config from LDAP_SSL_HELPER_* variables, before SSL_HELPER_* variables.
 
 
 ### Set your own environment variables
@@ -383,7 +383,7 @@ osixia-openldap kubernetes examples are available in **example/kubernetes**
 This image is based on osixia/light-baseimage.
 It uses the following features:
 
-- **cfssl** service to generate tls certificates
+- **ssl-tools** service to generate tls certificates
 - **log-helper** tool to print log messages based on the log level
 - **run** tool as entrypoint to init the container environment
 

+ 1 - 1
example/docker-compose.yml

@@ -27,7 +27,7 @@ services:
       #LDAP_REPLICATION_DB_SYNCPROV: "binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical"
       #LDAP_REPLICATION_HOSTS: "#PYTHON2BASH:['ldap://ldap.example.org','ldap://ldap2.example.org']"
       LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
-      LDAP_CFSSL_PREFIX: "ldap"
+      LDAP_SSL_HELPER_PREFIX: "ldap"
     tty: true
     stdin_open: true
     volumes:

+ 1 - 1
example/kubernetes/simple/ldap-rc.yaml

@@ -69,7 +69,7 @@ spec:
               value: "#PYTHON2BASH:['ldap://ldap-one-service', 'ldap://ldap-two-service']"
             - name: LDAP_REMOVE_CONFIG_AFTER_SETUP
               value: "true"
-            - name: LDAP_CFSSL_PREFIX
+            - name: LDAP_SSL_HELPER_PREFIX
               value: "ldap"
         - name: ldap-backup
           image: osixia/openldap-backup:0.1.11

+ 2 - 2
example/kubernetes/using-secrets/environment/my-env.yaml.startup

@@ -49,5 +49,5 @@ LDAP_REPLICATION_HOSTS:
 # Remove config after setup
 LDAP_REMOVE_CONFIG_AFTER_SETUP: true
 
-# cfssl environment variables prefix
-LDAP_CFSSL_PREFIX: ldap # cfssl-helper first search config from LDAP_CFSSL_* variables, before CFSSL_* variables.
+# ssl-helper environment variables prefix
+LDAP_SSL_HELPER_PREFIX: ldap # ssl-helper first search config from LDAP_SSL_HELPER_* variables, before SSL_HELPER_* variables.

+ 4 - 4
image/Dockerfile

@@ -1,16 +1,16 @@
 # Use osixia/light-baseimage
 # sources: https://github.com/osixia/docker-light-baseimage
-FROM osixia/light-baseimage:0.2.4
+FROM osixia/light-baseimage:0.2.5
 MAINTAINER Bertrand Gouny <[email protected]>
 
 # Add openldap user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
 RUN groupadd -r openldap && useradd -r -g openldap openldap
 
-# Install OpenLDAP, ldap-utils and cfssl from baseimage and clean apt-get files
+# Install OpenLDAP, ldap-utils and ssl-tools from baseimage and clean apt-get files
 # sources: https://github.com/osixia/docker-light-baseimage/blob/stable/image/tool/add-service-available
-#          https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:cfssl/download.sh
+#          https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:ssl-tools/download.sh
 RUN apt-get -y update \
-    && /container/tool/add-service-available :cfssl \
+    && /container/tool/add-service-available :ssl-tools \
 	  && LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y --force-yes --no-install-recommends \
        ldap-utils \
        openssl \

+ 2 - 2
image/environment/default.yaml.startup

@@ -49,5 +49,5 @@ LDAP_REPLICATION_HOSTS:
 # Remove config after setup
 LDAP_REMOVE_CONFIG_AFTER_SETUP: true
 
-# cfssl environment variables prefix
-LDAP_CFSSL_PREFIX: ldap # cfssl-helper first search config from LDAP_CFSSL_* variables, before CFSSL_* variables.
+# ssl-helper environment variables prefix
+LDAP_SSL_HELPER_PREFIX: ldap # ssl-helper first search config from LDAP_SSL_HELPER_* variables, before SSL_HELPER_* variables.

+ 4 - 4
image/service/slapd/startup.sh

@@ -132,7 +132,7 @@ EOF
 
     log-helper debug "Check previous TLS certificates..."
 
-    cfssl-helper $LDAP_CFSSL_PREFIX $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH
+    ssl-helper $LDAP_SSL_HELPER_PREFIX $PREVIOUS_LDAP_TLS_CRT_PATH $PREVIOUS_LDAP_TLS_KEY_PATH $PREVIOUS_LDAP_TLS_CA_CRT_PATH
     [ -f ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH} ] || openssl dhparam -out ${LDAP_TLS_DH_PARAM_PATH} 2048
 
     chmod 600 ${PREVIOUS_LDAP_TLS_DH_PARAM_PATH}
@@ -248,9 +248,9 @@ EOF
     LDAP_TLS_KEY_PATH="${CONTAINER_SERVICE_DIR}/slapd/assets/certs/$LDAP_TLS_KEY_FILENAME"
     LDAP_TLS_DH_PARAM_PATH="${CONTAINER_SERVICE_DIR}/slapd/assets/certs/dhparam.pem"
 
-    # generate a certificate and key with cfssl tool if LDAP_CRT and LDAP_KEY files don't exists
-    # https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:cfssl/assets/tool/cfssl-helper
-    cfssl-helper $LDAP_CFSSL_PREFIX $LDAP_TLS_CRT_PATH $LDAP_TLS_KEY_PATH $LDAP_TLS_CA_CRT_PATH
+    # generate a certificate and key with ssl-helper tool if LDAP_CRT and LDAP_KEY files don't exists
+    # https://github.com/osixia/docker-light-baseimage/blob/stable/image/service-available/:ssl-tools/assets/tool/ssl-helper
+    ssl-helper $LDAP_SSL_HELPER_PREFIX $LDAP_TLS_CRT_PATH $LDAP_TLS_KEY_PATH $LDAP_TLS_CA_CRT_PATH
 
     # create DHParamFile if not found
     [ -f ${LDAP_TLS_DH_PARAM_PATH} ] || openssl dhparam -out ${LDAP_TLS_DH_PARAM_PATH} 2048