Update entrypoint.sh

entrypoint.sh

@@ -17,6 +17,8 @@ else
     echo "OpenLDAP slapd already running with PID: $SLAPD_PID"
 fi
 
+echo "Creating and enabling Administrator user..."
+
 # get a hashed password
 HASH_PWD="$(sh -c 'slappasswd -s 0p3nLd4p!')"
 
@@ -34,6 +36,44 @@ EOF
 # call the LDAP server to add it
 ldapadd -x -H ldap:/// -D "cn=admin,dc=example,dc=com" -w admin -f create_admin.ldif
 
+echo "Loading and enabling policies module..."
+
+# create a .ldif file to specify we are going to load the policies module
+cat > modify_ppolicy_module.ldif << EOF
+dn: cn=module{0},cn=config
+changetype: modify
+add: olcModuleLoad
+olcModuleLoad: ppolicy.so
+EOF
+
+# load the policies module in our openLDAP server
+ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f modify_ppolicy_module.ldif
+
+# we need to restart the openLDAP in order to enable the new module
+echo "Restarting slapd service to enable policies..."
+# we look for the pid of slapd, and kill it
+kill $(pidof slapd)
+# wait 3 seconds and restart it in background mode
+sleep 3
+/usr/sbin/slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d &
+# we wait 3 more seconds to continue
+sleep 3
+
+# we prepare the .ldif file to enable the policies module already loaded
+cat > enable_ppolicy.ldif << EOF
+dn: olcOverlay=ppolicy,olcDatabase={1}mdb,cn=config
+changetype: add
+objectClass: olcOverlayConfig
+objectClass: olcPPolicyConfig
+olcOverlay: ppolicy
+olcPPolicyDefault: cn=default,ou=policies,dc=example,dc=com
+EOF
+
+# enable the policies module
+ldapadd -Q -Y EXTERNAL -H ldapi:/// -f enable_ppolicy.ldif
+
+echo "openLDAP framework ready."
+
 # execute the command passed to the container
 # 'exec' replaces the script process with the command (e.g., /bin/bash),
 # ensuring the container stays alive as long as that command runs interactively.