openvpn-ldap-testbed/scripts/server.example.test/usr/sbin/entrypoint.sh

#!/bin/sh
set -e
mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 600 /dev/net/tun

auth_ldap_url=$(cat /run/secrets/auth_ldap_url)
auth_ldap_bind_dn=$(cat /run/secrets/auth_ldap_bind_dn)
auth_ldap_password=$(cat /run/secrets/auth_ldap_password)
auth_ldap_base_dn=$(cat /run/secrets/auth_ldap_base_dn)
auth_ldap_group_base_dn=$(cat /run/secrets/auth_ldap_group_base_dn)
auth_ldap_group_search_filter=$(cat /run/secrets/auth_ldap_group_search_filter)

cat > /etc/openvpn/server/server.example.test/auth-ldap.conf << EOF
<LDAP>
	URL $auth_ldap_url
	BindDN $auth_ldap_bind_dn
	Password $auth_ldap_password
	Timeout 15
	TLSEnable no
	FollowReferrals no
</LDAP>
<Authorization>
	BaseDN "$auth_ldap_base_dn"
	SearchFilter "(uid=%u)"
	RequireGroup false
	PasswordIsCR false
	<Group>
        RFC2307bis false
	    UseCompareOperation true
		BaseDN "$auth_ldap_group_base_dn"
		SearchFilter "$auth_ldap_group_search_filter"
		MemberAttribute	memberUid
	</Group>
</Authorization>
EOF

chmod 600 /etc/openvpn/server/server.example.test/auth-ldap.conf

/usr/sbin/openvpn --config /etc/openvpn/server/server.example.test.conf
initial commit 2023-10-04 00:36:16 +02:00			`#!/bin/sh`
			`set -e`
			`mkdir -p /dev/net`
			`mknod /dev/net/tun c 10 200`
			`chmod 600 /dev/net/tun`

			`auth_ldap_url=$(cat /run/secrets/auth_ldap_url)`
			`auth_ldap_bind_dn=$(cat /run/secrets/auth_ldap_bind_dn)`
			`auth_ldap_password=$(cat /run/secrets/auth_ldap_password)`
			`auth_ldap_base_dn=$(cat /run/secrets/auth_ldap_base_dn)`
			`auth_ldap_group_base_dn=$(cat /run/secrets/auth_ldap_group_base_dn)`
			`auth_ldap_group_search_filter=$(cat /run/secrets/auth_ldap_group_search_filter)`

			`cat > /etc/openvpn/server/server.example.test/auth-ldap.conf << EOF`
			`<LDAP>`
			`URL $auth_ldap_url`
			`BindDN $auth_ldap_bind_dn`
			`Password $auth_ldap_password`
			`Timeout 15`
			`TLSEnable no`
			`FollowReferrals no`
			`</LDAP>`
			`<Authorization>`
			`BaseDN "$auth_ldap_base_dn"`
			`SearchFilter "(uid=%u)"`
			`RequireGroup false`
			`PasswordIsCR false`
			`<Group>`
			`RFC2307bis false`
			`UseCompareOperation true`
			`BaseDN "$auth_ldap_group_base_dn"`
			`SearchFilter "$auth_ldap_group_search_filter"`
			`MemberAttribute memberUid`
			`</Group>`
			`</Authorization>`
			`EOF`

			`chmod 600 /etc/openvpn/server/server.example.test/auth-ldap.conf`

			`/usr/sbin/openvpn --config /etc/openvpn/server/server.example.test.conf`