replication

image/service/slapd/assets/config/replication/repl-bdd-disable.ldif

@@ -0,0 +1,8 @@
+dn: olcDatabase={1}hdb,cn=config
+changetype: modify
+delete: olcSyncRepl
+-
+delete: olcMirrorMode
+
+dn: olcOverlay=syncprov,olcDatabase={2}bdb,cn=config
+changetype: delete

image/service/slapd/assets/config/replication/repl-bdd.ldif → image/service/slapd/assets/config/replication/repl-bdd-enable.ldif

@@ -1,8 +1,8 @@
-dn: olcDatabase={2}bdb,cn=config
+dn: olcDatabase={1}hdb,cn=config
 changetype: modify
 add: olcSyncRepl
-olcSyncRepl: rid=003 provider=ldap://ldap1.example.org binddn="cn=replicator,ou=Admins,dc=example,dc=org" bindmethod=simple credentials=Secret123 searchbase="dc=example,dc=org" type=refreshAndPersist retry="5 5 5 +" timeout=3
-olcSyncRepl: rid=004 provider=ldap://ldap2.example.org binddn="cn=replicator,ou=Admins,dc=example,dc=org" bindmethod=simple credentials=Secret123 searchbase="dc=example,dc=org" type=refreshAndPersist retry="5 5 5 +" timeout=3
+olcSyncRepl: rid=003 provider=ldap://ldap1.example.org binddn="cn=replicator,ou=Admins,dc=example,dc=org" bindmethod=simple credentials=Secret123 searchbase="dc=example,dc=org" type=refreshAndPersist retry="5 5 5 +" timeout=3 attrs="*,+"
+olcSyncRepl: rid=004 provider=ldap://ldap2.example.org binddn="cn=replicator,ou=Admins,dc=example,dc=org" bindmethod=simple credentials=Secret123 searchbase="dc=example,dc=org" type=refreshAndPersist retry="5 5 5 +" timeout=3 attrs="*,+"
 -
 add: olcMirrorMode
 olcMirrorMode: TRUE

image/service/slapd/assets/config/replication/repl-config-disable.ldif

@@ -0,0 +1,15 @@
+#Specify ServerID for both the masters
+dn: cn=config
+changetype: modify
+delete: olcServerID
+
+#Enable Syncprov Overlay for config database
+dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
+changetype: delete
+
+#Configure SyncRepl for config database
+dn: olcDatabase={0}config,cn=config
+changetype: modify
+delete: olcSyncRepl
+-
+delete: olcMirrorMode

image/service/slapd/assets/config/replication/repl-config.ldif → image/service/slapd/assets/config/replication/repl-config-enable.ldif

@@ -16,8 +16,8 @@ olcOverlay: syncprov
 dn: olcDatabase={0}config,cn=config
 changetype: modify
 add: olcSyncRepl
-olcSyncRepl: rid=001 provider=ldap://ldap1.example.org binddn="cn=admin,cn=config" bindmethod=simple credentials=config searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1
-olcSyncRepl: rid=002 provider=ldap://ldap2.example.org binddn="cn=admin,cn=config" bindmethod=simple credentials=config searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1
+olcSyncRepl: rid=001 provider=ldap://ldap1.example.org binddn="cn=admin,cn=config" bindmethod=simple credentials=config searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 attrs="*,+"
+olcSyncRepl: rid=002 provider=ldap://ldap2.example.org binddn="cn=admin,cn=config" bindmethod=simple credentials=config searchbase="cn=config" type=refreshAndPersist retry="5 5 300 5" timeout=1 attrs="*,+"
 -
 add: olcMirrorMode
 olcMirrorMode: TRUE

image/service/slapd/assets/config/replication/repl-user-disable.ldif

@@ -0,0 +1,2 @@
+dn: cn=replicator,dc=example,dc=org
+changetype: delete

image/service/slapd/assets/config/replication/repl-user-enable.ldif

@@ -0,0 +1,8 @@
+dn: cn=replicator,dc=example,dc=org
+changetype: add
+objectClass: top
+objectClass: person
+cn: synchronisator
+sn: synchronisator
+description: LDAP synchronisator
+userPassword: {SSHA}hAUGoGZEFAyJnZg/Q/aTWGnpdDv9edCh

image/service/slapd/assets/config/replication/repl-user.ldif

@@ -1,8 +0,0 @@
-dn: cn=replicator,dc=example,dc=org
-  changetype: add
-  objectClass: top
-  objectClass: person
-  cn: synchronisator
-  sn: synchronisator
-  description: LDAP synchronisator
-  userPassword: {SSHA}hAUGoGZEFAyJnZg/Q/aTWGnpdDv9edCh

image/service/slapd/assets/schema/README.md

@@ -0,0 +1 @@
+Bootstrap schemas, for a container started without an existing ldap config.

image/service/slapd/container-start.sh

@@ -187,6 +187,11 @@ EOF
 
   else
 
+    # disable replication
+    for f in $(find /osixia/slapd/config/replication -name \*-disable.ldif -type f); do
+      echo "Processing file ${f}"
+      ldapmodify -Y EXTERNAL -Q -H ldapi:/// -f $f
+    done
 
   fi