FROM ubuntu:22.04

# set non-interactive TERM for docker
ENV DEBIAN_FRONTEND=noninteractive

# install slapd, ldap-utils, and packages needed for ldapdock to work
RUN apt-get update && apt-get install -y --no-install-recommends \
slapd ldap-utils gnutls-bin ssl-cert ca-certificates schema2ldif vim mc && apt-get clean

# preconfigure slapd installation without using systemd
RUN echo "slapd slapd/password1 password admin" | debconf-set-selections && \
    echo "slapd slapd/password2 password admin" | debconf-set-selections && \
    echo "slapd slapd/domain string example.com" | debconf-set-selections && \
    echo "slapd slapd/no_configuration boolean false" | debconf-set-selections && \
    echo "slapd slapd/purge_database boolean true" | debconf-set-selections && \
    echo "slapd slapd/move_old_database boolean true" | debconf-set-selections

# make use of debconf-set-selections
RUN dpkg-reconfigure -f noninteractive slapd

# copy newest entrypoint.sh and run it
COPY entrypoint.sh ./entrypoint.sh
RUN chmod +x ./entrypoint.sh

# open up LDAP simple port
EXPOSE 389
EXPOSE 636

# Create directory for exporting certs to host
RUN mkdir -p /export-certs

# set salvable volumes for LDAP data, configuration, certs
VOLUME ["/var/lib/ldap", "/etc/ldap/slapd.d", "/etc/ldap/certs","/export-certs"]

# set correct permissions for openldap user
RUN chown -R openldap:openldap /var/lib/ldap /etc/ldap/slapd.d

# ENTRYPOINT ensures this sh file ALWAYS runs first before any CMD or command line instruction
ENTRYPOINT ["./entrypoint.sh"]

# CMD provides the default command (/bin/bash) which is passed as an argument to the ENTRYPOINT script
CMD ["/bin/bash"]