Same as sync-endpoint-containers
- Follow instructions on sync-endpoint-containers to build
odk/sync_endpoint
- Follow instructions on https://github.com/opendatakit/sync-endpoint-web-ui to build
odk/sync-web-ui
- Build
db-bootstrap
withdocker build -t odk/db-bootstrap db-bootstrap
- Build
openldap
withdocker build -t odk/openldap openldap
- Build
phpldapadmin
withdocker build -t odk/phpldapadmin phpldapadmin
docker stack deploy -c docker-compose.yml syncldap
to deploy all services- Navigate to
https://127.0.0.1:40000
and create a user, see the LDAP section below for detail
Note: Your browser might warn you about invalid certificate - The Sync Endpoint will take around 30s to start then it will be running at
http://127.0.0.1
If you don't want the database bootstrap script to run, set the DB_BOOTSTRAP
environment variable in db.env
to false
.
- Remove the stack with,
docker stack rm syncldap
- Remove volumes with,
docker volume rm $(docker volume ls -f "label=com.docker.stack.namespace=syncldap" -q)
config
and docker-compose.yml
hold configuration for different parts. Refer to the individual files for options.
jdbc.properties
and docker-compose.yml
are configured to use PostgreSQL by default but MySQL and MSSQL are also supported.
The default admin account is cn=admin,dc=example,dc=org
. The default password is admin
, it can be changed with the LDAP_ADMIN_PASSWORD
environment variable in ldap.env
.
The default readonly account is cn=readonly,dc=example,dc=org
. The defualt password is readonly
, it can be changed with the LDAP_READONLY_USER_PASSWORD
environment variable in ldap.env
. This account is used by the Sync Endpoint to retrieve user information.
- Click
login
on the right and login as admin - Expand the tree view on the right until you see
ou=people
- Click on
ou=people
and chooseCreate a child entry
- Choose the
Generic: User Account
template - Fill out the form and click create object
- Refer to the section below on assigning this user to groups
A password is required for users to log in to Sync endpoint.
The gidNumber
attribute is used by Sync endpoint to determine a user's default group.
- Click
login
on the right and login as admin - Expand the tree view on the right until you see
ou=groups
- Click on
ou=default_prefix
and chooseCreate a child entry
- Choose the
Generic: Posix Group
template - Fill out the form and click create object
Note: the group name must start with the group prefix, in this case the group prefix isdefault_prefix
, e.g.default_prefix my-new-group
- Click
login
on the right and login as admin - Expand the tree view on the right until you see
ou=default_prefix
, then expandou=default_prefix
- This list is all the groups under
ou=default_prefix
- Click on the group that you want to assign users to
- If the
memberUid
section is not present,- Choose
Add new attribute
- Choose
memberUid
from the dropdown, then enteruid
of the user you want to assign - Click update object at the bottom to update
- Choose
- If the
memberUid
section is present,- Navigate to the
memberUid
section - Click modify group members to manage members
- Navigate to the
The ldap-service
container has ldap-utils
installed. If you'd prefer, you may use that toolset to administer the LDAP directory as well. Use this command to access them, docker exec $(docker ps -f "label=com.docker.swarm.service.name=${STACK_NAME}_sync" --format '{{.ID}}') <LDAPTOOL> <ARGS>
The OpenLDAP container is from osixia/openldap
The phpLDAPadmin container is from osixia/phpldapadmin
Refer to their respecitve documentations for usage information.