From d481e103106c0b6f77e143025912da1dbb9255c9 Mon Sep 17 00:00:00 2001 From: Ilya Semenov Date: Tue, 17 May 2016 20:48:24 +0600 Subject: [PATCH 1/5] Added option to trust reverse proxy X-Forwarded-Proto header (fixes #19) --- README.md | 3 +++ image/service/phpldapadmin/startup.sh | 7 +++++++ 2 files changed, 10 insertions(+) diff --git a/README.md b/README.md index 53ceaaa..4f3fdcb 100644 --- a/README.md +++ b/README.md @@ -182,6 +182,9 @@ HTTPS : - **PHPLDAPADMIN_HTTPS_KEY_FILENAME**: Apache ssl certificate private key filename. Defaults to `phpldapadmin.key` - **PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME**: Apache ssl CA certificate filename. Defaults to `ca.crt` +Reverse proxy HTTPS : +- **PHPLDAPADMIN_TRUST_PROXY_SSL**: Set to `true` to trust X-Forwarded-Proto header + Ldap client TLS/LDAPS : - **PHPLDAPADMIN_LDAP_CLIENT_TLS**: Enable ldap client tls config, ldap serveur certificate check and set client certificate. Defaults to `true` diff --git a/image/service/phpldapadmin/startup.sh b/image/service/phpldapadmin/startup.sh index 95df911..3b19936 100755 --- a/image/service/phpldapadmin/startup.sh +++ b/image/service/phpldapadmin/startup.sh @@ -31,6 +31,13 @@ else ln -sf ${CONTAINER_SERVICE_DIR}/phpldapadmin/assets/apache2/http.conf /etc/apache2/sites-available/phpldapadmin.conf fi +# +# Reverse proxy config +# +if [ "${PHPLDAPADMIN_TRUST_PROXY_SSL,,}" == "true" ]; then + echo 'SetEnvIf X-Forwarded-Proto "^https$" HTTPS=on' > /etc/apache2/mods-enabled/remoteip_ssl.conf +fi + a2ensite phpldapadmin | log-helper debug # From bf33b8132e0cc884decaf65fc60fe3611e8d9da8 Mon Sep 17 00:00:00 2001 From: Bertrand Gouny Date: Thu, 19 May 2016 14:50:54 +0200 Subject: [PATCH 2/5] [twgit] Init hotfix 'hotfix-0.6.9'. From 338060f0e7795788d1e62bcaede00cc99cae17a1 Mon Sep 17 00:00:00 2001 From: Bertrand Gouny Date: Thu, 19 May 2016 15:08:24 +0200 Subject: [PATCH 3/5] 0.6.9 --- CHANGELOG.md | 3 +++ Makefile | 2 +- README.md | 34 ++++++++++++------------- example/kubernetes/phpldapadmin-rc.yaml | 2 +- image/Dockerfile | 2 +- 5 files changed, 23 insertions(+), 20 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5e7cd20..ea1aae7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +## 0.6.9 + - Upgrade baseimage: web-baseimage:0.1.10 + ## 0.6.8 - Upgrade baseimage: web-baseimage:0.1.9 diff --git a/Makefile b/Makefile index f710dbc..5a6bd0f 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ NAME = osixia/phpldapadmin -VERSION = 0.6.8 +VERSION = 0.6.9 .PHONY: all build build-nocache test tag_latest release diff --git a/README.md b/README.md index 53ceaaa..5047150 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ [hub]: https://hub.docker.com/r/osixia/phpldapadmin/ -Latest release: 0.6.8 - phpLDAPadlin 1.2.3 (with php5.5 patch) - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/phpldapadmin/)  +Latest release: 0.6.9 - phpLDAPadlin 1.2.3 (with php5.5 patch) - [Changelog](CHANGELOG.md) | [Docker Hub](https://hub.docker.com/r/osixia/phpldapadmin/)  A docker image to run phpLDAPadmin. > [phpldapadmin.sourceforge.net](http://phpldapadmin.sourceforge.net) @@ -28,7 +28,7 @@ A docker image to run phpLDAPadmin. - [Link environment file](#link-environment-file) - [Make your own image or extend this image](#make-your-own image-or-extend-this-image) - [Advanced User Guide](#advanced-user-guide) - - [Extend osixia/phpldapadmin:0.6.8 image](#extend-osixiaphpldapadmin068-image) + - [Extend osixia/phpldapadmin:0.6.9 image](#extend-osixiaphpldapadmin069-image) - [Make your own phpLDAPadmin image](#make-your-own-phpldapadmin-image) - [Tests](#tests) - [Kubernetes](#kubernetes) @@ -41,7 +41,7 @@ Run a phpLDAPadmin docker image by replacing `ldap.example.com` with your ldap h docker run -p 6443:443 \ --env PHPLDAPADMIN_LDAP_HOSTS=ldap.example.com \ - --detach osixia/phpldapadmin:0.6.8 + --detach osixia/phpldapadmin:0.6.9 That's it :) you can access phpLDAPadmin on [https://localhost:6443](https://localhost:6443) @@ -52,7 +52,7 @@ Example script: #!/bin/bash -e docker run --name ldap-service --hostname ldap-service --detach osixia/openldap:1.1.1 - docker run --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.6.8 + docker run --name phpldapadmin-service --hostname phpldapadmin-service --link ldap-service:ldap-host --env PHPLDAPADMIN_LDAP_HOSTS=ldap-host --detach osixia/phpldapadmin:0.6.9 PHPLDAP_IP=$(docker inspect -f "{{ .NetworkSettings.IPAddress }}" phpldapadmin-service) @@ -69,7 +69,7 @@ but setting your own config.php is possible. 2 options: - Link your config file at run time to `/container/service/phpldapadmin/assets/config.php` : - docker run --volume /data/my-config.php:/container/service/phpldapadmin/assets/config.php --detach osixia/phpldapadmin:0.6.8 + docker run --volume /data/my-config.php:/container/service/phpldapadmin/assets/config.php --detach osixia/phpldapadmin:0.6.9 - Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide) @@ -78,7 +78,7 @@ but setting your own config.php is possible. 2 options: #### Use autogenerated certificate By default HTTPS is enable, a certificate is created with the container hostname (it can be set by docker run --hostname option eg: phpldapadmin.my-company.com). - docker run --hostname phpldapadmin.my-company.com --detach osixia/phpldapadmin:0.6.8 + docker run --hostname phpldapadmin.my-company.com --detach osixia/phpldapadmin:0.6.9 #### Use your own certificate @@ -88,14 +88,14 @@ You can set your custom certificate at run time, by mounting a directory contain --env PHPLDAPADMIN_HTTPS_CRT_FILENAME=my-cert.crt \ --env PHPLDAPADMIN_HTTPS_KEY_FILENAME=my-cert.key \ --env PHPLDAPADMIN_HTTPS_CA_CRT_FILENAME=the-ca.crt \ - --detach osixia/phpldapadmin:0.6.8 + --detach osixia/phpldapadmin:0.6.9 Other solutions are available please refer to the [Advanced User Guide](#advanced-user-guide) #### Disable HTTPS Add --env PHPLDAPADMIN_HTTPS=false to the run command : - docker run --env PHPLDAPADMIN_HTTPS=false --detach osixia/phpldapadmin:0.6.8 + docker run --env PHPLDAPADMIN_HTTPS=false --detach osixia/phpldapadmin:0.6.9 ### Fix docker mounted file problems @@ -103,7 +103,7 @@ You may have some problems with mounted files on some systems. The startup scrip To fix that run the container with `--copy-service` argument : - docker run [your options] osixia/phpldapadmin:0.6.8 --copy-service + docker run [your options] osixia/phpldapadmin:0.6.9 --copy-service ### Debug @@ -112,11 +112,11 @@ Available levels are: `none`, `error`, `warning`, `info`, `debug` and `trace`. Example command to run the container in `debug` mode: - docker run --detach osixia/phpldapadmin:0.6.8 --loglevel debug + docker run --detach osixia/phpldapadmin:0.6.9 --loglevel debug See all command line options: - docker run osixia/phpldapadmin:0.6.8 --help + docker run osixia/phpldapadmin:0.6.9 --help ## Environment Variables @@ -169,7 +169,7 @@ See how to [set your own environment variables](#set-your-own-environment-variab If you want to set this variable at docker run command add the tag `#PYTHON2BASH:` and convert the yaml in python: - docker run --env PHPLDAPADMIN_LDAP_HOSTS="#PYTHON2BASH:[{'ldap.example.org': [{'server': [{'tls': True}]},{'login': [{'bind_id': 'cn=admin,dc=example,dc=org'}]}]}, 'ldap2.example.org', 'ldap3.example.org']" --detach osixia/phpldapadmin:0.6.8 + docker run --env PHPLDAPADMIN_LDAP_HOSTS="#PYTHON2BASH:[{'ldap.example.org': [{'server': [{'tls': True}]},{'login': [{'bind_id': 'cn=admin,dc=example,dc=org'}]}]}, 'ldap2.example.org', 'ldap3.example.org']" --detach osixia/phpldapadmin:0.6.9 To convert yaml to python online: http://yaml-online-parser.appspot.com/ @@ -202,14 +202,14 @@ Other environment variables: Environment variables can be set by adding the --env argument in the command line, for example: docker run --env PHPLDAPADMIN_LDAP_HOSTS="ldap.example.org" \ - --detach osixia/phpldapadmin:0.6.8 + --detach osixia/phpldapadmin:0.6.9 #### Link environment file For example if your environment file is in : /data/environment/my-env.yaml docker run --volume /data/environment/my-env.yaml:/container/environment/01-custom/env.yaml \ - --detach osixia/phpldapadmin:0.6.8 + --detach osixia/phpldapadmin:0.6.9 Take care to link your environment file to `/container/environment/XX-somedir` (with XX < 99 so they will be processed before default environment files) and not directly to `/container/environment` because this directory contains predefined baseimage environment files to fix container environment (INITRD, LANG, LANGUAGE and LC_CTYPE). @@ -219,13 +219,13 @@ This is the best solution if you have a private registry. Please refer to the [A ## Advanced User Guide -### Extend osixia/phpldapadmin:0.6.8 image +### Extend osixia/phpldapadmin:0.6.9 image If you need to add your custom TLS certificate, bootstrap config or environment files the easiest way is to extends this image. Dockerfile example: - FROM osixia/phpldapadmin:0.6.8 + FROM osixia/phpldapadmin:0.6.9 MAINTAINER Your Name ADD https-certs /container/service/phpldapadmin/assets/apache2/certs @@ -244,7 +244,7 @@ Clone this project : Adapt Makefile, set your image NAME and VERSION, for example : NAME = osixia/phpldapadmin - VERSION = 0.6.8 + VERSION = 0.6.9 becomes : NAME = billy-the-king/phpldapadmin diff --git a/example/kubernetes/phpldapadmin-rc.yaml b/example/kubernetes/phpldapadmin-rc.yaml index eb84b4e..035e8b6 100644 --- a/example/kubernetes/phpldapadmin-rc.yaml +++ b/example/kubernetes/phpldapadmin-rc.yaml @@ -15,7 +15,7 @@ spec: spec: containers: - name: phpldapadmin - image: osixia/phpldapadmin:0.6.8 + image: osixia/phpldapadmin:0.6.9 volumeMounts: - name: phpldapadmin-certs mountPath: /container/service/phpldapadmin/assets/apache2/certs diff --git a/image/Dockerfile b/image/Dockerfile index f510e20..5caf213 100644 --- a/image/Dockerfile +++ b/image/Dockerfile @@ -1,4 +1,4 @@ -FROM osixia/web-baseimage:0.1.9 +FROM osixia/web-baseimage:0.1.10 MAINTAINER Bertrand Gouny # phpLDAPadmin version From 8ee72f308b5f29e8f86721b6c5e08d0d4ca3dd83 Mon Sep 17 00:00:00 2001 From: Peter Butkovic Date: Tue, 7 Jun 2016 12:28:22 +0200 Subject: [PATCH 4/5] doc(readme) fix formatting --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 53ceaaa..8d35e31 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ but setting your own config.php is possible. 2 options: - Link your config file at run time to `/container/service/phpldapadmin/assets/config.php` : - docker run --volume /data/my-config.php:/container/service/phpldapadmin/assets/config.php --detach osixia/phpldapadmin:0.6.8 + docker run --volume /data/my-config.php:/container/service/phpldapadmin/assets/config.php --detach osixia/phpldapadmin:0.6.8 - Add your config file by extending or cloning this image, please refer to the [Advanced User Guide](#advanced-user-guide) From a27dee8a55c13cb91402f3077436823ac264f212 Mon Sep 17 00:00:00 2001 From: Bertrand Gouny Date: Thu, 9 Jun 2016 16:20:54 +0200 Subject: [PATCH 5/5] doc --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 93c126a..288b45f 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,6 @@ [![Docker Pulls](https://img.shields.io/docker/pulls/osixia/phpldapadmin.svg)][hub] [![Docker Stars](https://img.shields.io/docker/stars/osixia/phpldapadmin.svg)][hub] -[![Image Size](https://img.shields.io/imagelayers/image-size/osixia/phpldapadmin/latest.svg)](https://imagelayers.io/?images=osixia/phpldapadmin:latest) -[![Image Layers](https://img.shields.io/imagelayers/layers/osixia/phpldapadmin/latest.svg)](https://imagelayers.io/?images=osixia/phpldapadmin:latest) [hub]: https://hub.docker.com/r/osixia/phpldapadmin/ @@ -237,6 +235,9 @@ Dockerfile example: ADD environment /container/environment/01-custom +Warning: if you want to install new packages from debian repositories, this image has a configuration to prevent documentation and locales to be installed. If you need documentation and locales remove the following files : +**/etc/dpkg/dpkg.cfg.d/01_nodoc** and **/etc/dpkg/dpkg.cfg.d/01_nolocales** + ### Make your own phpLDAPadmin image Clone this project :