forked from GuyBarros/nomad_jobs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathldap-server.nomad
131 lines (117 loc) · 2.67 KB
/
ldap-server.nomad
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
job "LDAP" {
datacenters = ["eu-west-2a","eu-west-2b","eu-west-2c","eu-west-2","dc1"]
type = "service"
group "openldap" {
count = 1
restart {
attempts = 10
interval = "5m"
delay = "25s"
mode = "delay"
}
network {
port "LDAP" {
static = 389
}
}
task "ldap-service" {
driver = "docker"
config {
image = "osixia/openldap"
network_mode = "host"
volumes = [
"local:/container/service/slapd/assets/config/bootstrap/ldif/custom"
]
}
env {
LDAP_TLS = "false"
LDAP_REMOVE_CONFIG_AFTER_SETUP = "false"
}
logs {
max_files = 5
max_file_size = 15
}
resources {
cpu = 1000
memory = 1024
}
service {
name = "ldap-service"
tags = ["urlprefix-/ldap-service strip=/ldap-service"]
port = "LDAP"
check {
name = "alive"
type = "tcp"
interval = "10s"
timeout = "2s"
}
}
template {
change_mode = "noop"
perms = "755"
destination = "local/bootstrapp.ldif"
data = <<EOH
# Entry 3: ou=Groups,dc=example,dc=org
dn: ou=Groups,dc=example,dc=org
objectclass: organizationalUnit
objectclass: top
ou: Groups
# Entry 4: cn=approvers,ou=Groups,dc=example,dc=org
dn: cn=approvers,ou=Groups,dc=example,dc=org
cn: approvers
gidnumber: 501
memberuid: andre
objectclass: posixGroup
objectclass: top
# Entry 5: cn=requesters,ou=Groups,dc=example,dc=org
dn: cn=requesters,ou=Groups,dc=example,dc=org
cn: requesters
gidnumber: 500
memberuid: ricardo
objectclass: posixGroup
objectclass: top
# Entry 6: ou=Users,dc=example,dc=org
dn: ou=Users,dc=example,dc=org
objectclass: organizationalUnit
objectclass: top
ou: Users
# Entry 7: cn=Andre Pimentel,ou=Users,dc=example,dc=org
dn: cn=Andre Pimentel,ou=Users,dc=example,dc=org
cn: Andre Pimentel
displayname: @Andre
gidnumber: 501
givenname: Andre
homedirectory: /home/users/andre
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: Andre
uid: andre
uidnumber: 1001
userpassword: password
# Entry 8: cn=Ricardo Oliveira,ou=Users,dc=example,dc=org
dn: cn=Ricardo Oliveira,ou=Users,dc=example,dc=org
cn: Ricardo Oliveira
displayname: @Ricardo
gidnumber: 500
givenname: Ricardo
homedirectory: /home/users/ricardo
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: Ricardo
uid: ricardo
uidnumber: 1000
userpassword: password
EOH
}
}
}
update {
max_parallel = 1
min_healthy_time = "5s"
healthy_deadline = "3m"
auto_revert = false
canary = 0
}
}