Added schema

djthorpe · djthorpe · commit 7ee187a8076c · 2024-01-24T17:32:42.000+01:00
diff --git a/openldap/ldif/group.ldif b/openldap/ldif/group.ldif
@@ -0,0 +1,8 @@
+dn: cn={{ env "NOMAD_META_group" }},ou={{ env "NOMAD_META_groups" }},{{ env "NOMAD_META_basedn" }}
+cn: {{ env "NOMAD_META_group" }}
+gidNumber: {{ env "NOMAD_META_gid" }}
+objectClass: posixGroup
+objectClass: groupOfMembers
+objectClass: top
+description: {{ env "NOMAD_META_description" }}
+
diff --git a/openldap/ldif/root.ldif b/openldap/ldif/root.ldif
@@ -11,6 +11,7 @@ dn: ou={{ env "NOMAD_META_groups" }},{{ env "NOMAD_META_basedn" }}
 ou: {{ env "NOMAD_META_groups" }}
 objectClass: top
 objectClass: organizationalUnit
+objectClass: groupOfMembers
 description: User groups
 
 # Users
diff --git a/openldap/main.tf b/openldap/main.tf
@@ -21,7 +21,9 @@ resource "nomad_job" "ldap" {
       ldif = jsonencode({
         "root" = file("${path.module}/ldif/root.ldif")
       })
-      schema = jsonencode({})
+      schema = jsonencode({
+        "rfc2307bis" = file("${path.module}/schema/rfc2307bis.ldif")
+      })
     }
   }
 }
diff --git a/openldap/nomad/openldap.hcl b/openldap/nomad/openldap.hcl
@@ -60,6 +60,12 @@ variable "schema" {
   type        = map(string)
 }
 
+variable "extra_schemas" {
+  description = "Extra schemas, optional"
+  type        = string
+  default     = "cosine, inetorgperson"
+}
+
 variable "admin_password" {
   description = "LDAP admin password"
   type        = string
@@ -115,7 +121,7 @@ job "openldap" {
     network {
       port "ldap" {
         static = var.port
-        to     = 1389
+        to     = 389
       }
     }
 
@@ -165,7 +171,7 @@ job "openldap" {
         LDAP_PORT_NUMBER       = NOMAD_PORT_ldap
         LDAP_ROOT              = var.basedn
         LDAP_ADD_SCHEMAS       = "yes"
-        LDAP_EXTRA_SCHEMAS     = "cosine, inetorgperson, nis"
+        LDAP_EXTRA_SCHEMAS     = var.extra_schemas
         LDAP_SKIP_DEFAULT_TREE = "yes"
         LDAP_CUSTOM_LDIF_DIR   = local.ldif_path
         LDAP_CUSTOM_SCHEMA_DIR = local.schema_path
@@ -174,9 +180,9 @@ job "openldap" {
       config {
         image      = var.docker_image
         force_pull = var.docker_always_pull
-        volumes = compact([
-          format("%s:%s/data", var.data, local.data_path),
-        ])
+        //volumes = compact([
+        //  format("%s:%s/data", var.data, local.data_path),
+        //])
         ports = ["ldap"]
       }
 
diff --git a/openldap/schema/rfc2307bis.ldif b/openldap/schema/rfc2307bis.ldif

Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,9 @@ resource "nomad_job" "ldap" {`
`21`	`21`	`ldif = jsonencode({`
`22`	`22`	`"root" = file("${path.module}/ldif/root.ldif")`
`23`	`23`	`})`
`24`		`- schema = jsonencode({})`
	`24`	`+ schema = jsonencode({`
	`25`	`+ "rfc2307bis" = file("${path.module}/schema/rfc2307bis.ldif")`
	`26`	`+ })`
`25`	`27`	`}`
`26`	`28`	`}`
`27`	`29`	`}`