RE: Environment variable in slapd config

["Marc Roos" <M.Roos@f1-outsourcing.eu>]

> You're just replacing once constant with another here, why not just 
set it correctly once, in the source file?

Because the destination field is not always the same, it is different 
for different vm groups.


> Why use a rootpw at all?

I though I cannot get around using this when changing the log level or 
acls during runtime for instance?


> Why aren't you using slapadd to initialize the config?

No specific reason. 

>>  
>> Cool thanks! I am more fan of Centos because then I can fall back on 
>> RedHat support, especially for production environments. I am not sure 

>> your script is takling the issue described here, but looking at it, I 

>> think you can add also --no-cache. You should beware of ENV 
>> LDAP_ROOTPASS that stays when the task is launched (at least on 
>> mesos), better work with the hashes. Furthermore I try to run as less 

>> tasks as possible under root so I am binding to a high port ;) I also 

>> need to be able to use slapadd otherwise syncing will take to long.
>> 
>> So at the moment mine looks like this ;)
>> 
>> 
>> # Version: 0.0.1 - openldap
>> FROM centos:7
>> 
>> ENV SLAPD_USER="ldap" \
>>     SLAPD_UID=10061 \
>>     SLAPD_CFG_DIR="/etc/openldap/" \
>>     SLAPD_DATA_DIR="/var/lib/ldap" \
>>     SLAPD_KEY_DIR="/etc/pki/tls/private" \
>>     SLAPD_CRT_DIR="/etc/pki/tls/certs" \
>>     SLAPD_OPTS="-d 0 -4 -u ldap" \ 
>>     SLAPD_URLS="ldap://0.0.0.0:8443/"; 
>> 
>> # create user/group
>> RUN groupadd $SLAPD_USER -g $SLAPD_UID \
>     && useradd $SLAPD_USER -u $SLAPD_UID -g $SLAPD_UID --system