added ldap-dev, phpldapadmin and samba containers to get samba containerised. This verison has a working ldap-dev, phpldapadmin pointing to it, and samba is now working pointing to prod. Also made pybook run as user 2000 instead of root

2024-02-25 21:04:11 +11:00
parent e7c6f83a86
commit 16b5f8624d
1 changed files with 87 additions and 6 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -279,6 +279,37 @@ services:
    cap_add:
      - NET_ADMIN

+  ldap-dev:
+    image: bitnami/openldap
+    user: "2000"
+    container_name: ldap-dev
+    restart: always
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+    environment:
+      BITNAMI_DEBUG: "true"
+      LDAP_ROOT: "dc=depaoli,dc=id,dc=au"
+      LDAP_ADMIN_USERNAME: "admin"
+      LDAP_SKIP_DEFAULT_TREE: "yes"
+#      LDAP_CUSTOM_SCHEMA_FILE: "/schemas/postfix-book.ldif"
+#      LDAP_CUSTOM_SCHEMA_FILE: "/schemas/samba.ldif"
+      LDAP_CUSTOM_SCHEMA_DIR: "/schemas"
+      LDAP_CUSTOM_LDIF_DIR: "/ldifs"
+      LDAP_LOGLEVEL: "256"
+    env_file:
+        - /srv/docker/config/secrets/ldap-mail-common
+    tty: true
+    stdin_open: true
+    depends_on:
+      - pihole
+    volumes:
+      - /srv/docker/container/ldap-dev/:/bitnami/openldap/
+      - /srv/docker/container/ldap-dev/bootstrap-schema:/schemas
+      - /srv/docker/container/ldap-dev/bootstrap-ldifs:/ldifs
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "2389:1389"
+
  openldap:
    image: bitnami/openldap
    user: "2000"
@@ -291,7 +322,7 @@ services:
      LDAP_ROOT: "dc=depaoli,dc=id,dc=au"
      LDAP_ADMIN_USERNAME: "admin"
      LDAP_SKIP_DEFAULT_TREE: "yes"
-      LDAP_CUSTOM_SCHEMA_FILE: "/schema/postfix-book.ldif"
+      LDAP_CUSTOM_SCHEMA_DIR: "/schemas"
      LDAP_CUSTOM_LDIF_DIR: "/ldifs"
      LDAP_LOGLEVEL: "256"
    env_file:
@@ -302,7 +333,7 @@ services:
      - pihole
    volumes:
      - /srv/docker/container/ldap/:/bitnami/openldap/
-      - /srv/docker/container/ldap/bootstrap-schema:/schema
+      - /srv/docker/container/ldap/bootstrap-schema:/schemas
      - /srv/docker/container/ldap/bootstrap-ldifs:/ldifs
      - /etc/localtime:/etc/localtime:ro
    ports:
@@ -493,7 +524,7 @@ services:
    image: telegraf:latest
    container_name: telegraf
    # needs to be 0 / root to run smartmontools / nvme
-    user: 0:139
+    user: "0:139"
    entrypoint: /root/mara-init/entrypoint-wrapper.sh
    volumes:
      - /srv/docker/container/telegraf:/etc/telegraf
@@ -619,9 +650,14 @@ services:
    container_name: bookdb_webdev
    restart: always
    environment:
-        FLASK_ENV: "container"
+      FLASK_ENV: "container"
    build:
      context: '/home/ddp/src/pybook'
+      args:
+        ENV: "container"
+        USERID: "2000"
+        GROUPID: "2000"
+    user: "2000:2000"
    depends_on:
      - bookdb_dev
      - pihole
@@ -708,7 +744,7 @@ services:
        PJM_UID: 500
        PJM_GID: 500
    environment:
-        ENV: "production"
+      ENV: "production"
    depends_on:
      - padb
    volumes:
@@ -726,9 +762,13 @@ services:
    container_name: tix
    restart: always
    environment:
-        ENV: "production"
+      ENV: "production"
    build: 
      context: '/home/ddp/src/snow-ticket-analysis'
+      args:
+        USERID: "2000"
+        GROUPID: "2000"
+    user: "2000:2000"
    volumes:
      - /home/ddp/src/snow-ticket-analysis/stats.db:/stats.db
      - /etc/localtime:/etc/localtime:ro
@@ -1031,3 +1071,44 @@ services:
      - "traefik.http.routers.depweb.entrypoints=secureweb"
      - "traefik.http.routers.depweb.tls.certresolver=myresolver"

+  phpldapadmin:
+    image: ghcr.io/colibris-xyz/phpldapadmin
+    container_name: phpldapadmin
+    restart: always
+    environment:
+      LDAP_HOST: "openldap"
+      LDAP_USE_TLS: "false"
+      LDAP_BASE: "dc=depaoli,dc=id,dc=au"
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+      - "traefik.enable=true"
+      - "traefik.http.routers.phpldapadmin.rule=PathPrefix(`/phpldapadmin/`)"
+      - "traefik.http.middlewares.stripprefix-phpldapadmin.stripprefix.prefixes=/phpldapadmin"
+      - "traefik.http.routers.phpldapadmin.middlewares=stripprefix-phpldapadmin@docker"
+      - "traefik.http.routers.phpldapadmin.entrypoints=web"
+    depends_on:
+      - pihole
+      - openldap
+    volumes:
+      - /srv/docker/container/phpldapadmin/var/www/phpldapadmin:/var/www/html
+      - /etc/localtime:/etc/localtime:ro
+
+  samba:
+    image: ubuntu:latest
+    container_name: samba
+    entrypoint: /root/mara-init/entrypoint.sh
+    restart: always
+    # forcing hostname so the samba sid is reliable
+    hostname: sambacontainer
+    ports:
+      - "139:139"
+      - "445:445"
+    volumes:
+      - /export:/export
+      - /srv/docker/container/samba/mara-init:/root/mara-init
+    depends_on:
+      - pihole
+      - ldap-dev
+    labels:
+      - "com.centurylinklabs.watchtower.enable=true"
+      - "traefik.enable=false"