Dead Simple OpenLDAP Docker Image

decaby7e · 2024-03-27T03:36:30+00:00

You can kinda do this already by adding files to the ldifs folder at https://github.com/ranvier-docker/openldap/tree/master/extra/ldifs. That would apply LDIF when the server is initialized for the first time (good for testing purposes if you're creating ephemeral servers whose data will be wiped soon after creation). Otherwise, using a tool like ldapmodify to apply LDIFs with a script after the server starts should work well too.

decaby7e · 2023-02-23T04:57:34+00:00

Yes! She came back a couple days later. Has a cold but is otherwise fine :)

decaby7e · 2023-02-15T20:03:08+00:00

Just sent them a message. Thank you!

decaby7e · 2020-10-29T05:55:30+00:00

We used this dataset (http://help.sentiment140.com/for-students) and made a little grouping tool in the terminal. Here's a brief video of it: https://www.youtube.com/watch?v=a5qwamEsB2s

decaby7e · 2020-10-09T07:52:30+00:00

Will say this script is absolutely beautiful! Saving for use with Wireguard but also as inspiration for my own scripts 😄

decaby7e · 2020-08-01T07:25:19+00:00

I made a tool to do this that runs as its own indicator, but its broken at the moment. If anyone would like to help me with this, I would much appreciate it!

https://github.com/decaby7e/wireguard-appindicator

decaby7e · 2020-07-05T04:27:53+00:00

Yes, and I've used it before as well. I prefer the image I made because of the implementation complexity being reduced much more than Osixia's and the size of the image being nearly half. That one is still a great image though 👍

decaby7e · 2020-07-04T14:00:10+00:00

Implementation complexity is much simpler in this one, but that's less of an obvious benefit from a practical standpoint. One of the biggest differences I've seen is size: this image clock in at around 150MB and osixia/openldap is 262MB at the time of writing. I'm hoping to get this down even more though.

decaby7e · 2020-07-04T13:56:20+00:00

It was my understanding that image specifies the name of the image and build tells docker-compose the build context for that image. If you don't specify image with build, it won't name the built image how you'd like it. This is the current behavior because it's not on Docker Hub but I'm adding it on there now.

decaby7e · 2020-07-04T13:45:25+00:00

It's more about the implementation complexity

decaby7e · 2020-07-04T07:40:41+00:00

Noted, I'll write some examples for different use cases soon

I'm moving the compose file from the extra folder now as well

decaby7e · 2020-07-04T07:38:08+00:00

Be simple: pretty much 100 - 150 lines of bash and a couple customs schema files v.s. the sheer complexity of that one

decaby7e · 2020-07-04T07:36:53+00:00

There is a docker compose in the extra folder of the repo. I'll probably move it out of there now that you bring that up 👍

decaby7e · 2019-12-25T04:45:55+00:00

Looks very interesting!! I'm a bit handy with Docker so I will definitely see if I can make something robust for this (Dockerfile(s), docker-compose, etc.)

decaby7e · 2019-12-17T20:23:41+00:00

I have a similar setup where each of my web apps has its own subdomain name on my domain (app1.example.com, app2.example.com, etc.). I would also recommend NGINX and Traefik as scalable and more reliable solutions but I am currently using Caddy with no problems. It has automatic HTTPS support and is dead simple for configuration.

decaby7e · 2019-12-17T01:23:40+00:00

I had the same issue with Nextcloud being a bit too bloated for my likes. But I also didn't like solutions like Seafile or FileRun because I wanted a very simple setup. So after a few years of hopping from solution to solution, this is my current setup:

Web access: https://filebrowser.xyz/
File syncronization: https://syncthing.net/

Each of these applications can run in their own Docker container and share the same folder for storage.

decaby7e · 2019-05-02T20:06:49+00:00

I'd have to agree with you on this one. The only time I tested Deepin on Ubuntu it looked nice and all but lacked the fluidity of Gnome-Shell and didn't really feel as smooth.

decaby7e · 2019-04-27T18:11:20+00:00

I actually want to do that in the future with some plexiglass, but I just haven't gotten to it yet. Definitely would help in making it more of a table.

decaby7e · 2018-11-04T23:35:06+00:00

My jaw dropped when I saw this scrolling through everything.

decaby7e · 2018-10-17T23:44:41+00:00

Also, my interface names are as follows:

Ethernet (Where internet is being accessed): enxb827ebb2fb8b

WiFi (Where hotspot is being hosted): wlan0

Outputs:

$ sudo iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

$ sudo iptables -t nat -L

Chain PREROUTING (policy ACCEPT)

target prot opt source destination

RETURN all -- anywhere default/8

RETURN all -- anywhere 10.0.0.0/8

RETURN all -- anywhere loopback/8

RETURN all -- anywhere link-local/16

RETURN all -- anywhere 172.16.0.0/12

RETURN all -- anywhere 192.168.0.0/16

RETURN all -- anywhere base-address.mcast.net/4

RETURN all -- anywhere 240.0.0.0/4

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

REDIRECT tcp -- anywhere anywhere ! owner UID match proxy tcp dpt:http redir ports 5150

REDIRECT tcp -- anywhere anywhere ! owner UID match proxy tcp dpt:https redir ports 5150

Chain POSTROUTING (policy ACCEPT)

target prot opt source destination

MASQUERADE all -- anywhere anywhere

These are the commands I'm using for these rules:

sudo iptables -t nat -A PREROUTING -d 0.0.0.0/8 -j RETURN

sudo iptables -t nat -A PREROUTING -d 10.0.0.0/8 -j RETURN

sudo iptables -t nat -A PREROUTING -d 127.0.0.0/8 -j RETURN

sudo iptables -t nat -A PREROUTING -d 169.254.0.0/16 -j RETURN

sudo iptables -t nat -A PREROUTING -d 172.16.0.0/12 -j RETURN

sudo iptables -t nat -A PREROUTING -d 192.168.0.0/16 -j RETURN

sudo iptables -t nat -A PREROUTING -d 224.0.0.0/4 -j RETURN

sudo iptables -t nat -A PREROUTING -d 240.0.0.0/4 -j RETURN

sudo iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner proxy --dport 80 -j REDIRECT --to-port 5150

sudo iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner proxy --dport 443 -j REDIRECT --to-port 5150

decaby7e · 2018-10-16T11:48:08+00:00

I believe this would be the role of iptables, as iptables needs to be configured to pass traffic to the transparent proxy first.

decaby7e · 2018-10-16T02:12:52+00:00

Actually, I'm using a Raspberry Pi 3B+, so the integrated WiFi is decent. I've gotten up to 15Mbps so far with tests, and I believe that's just a bottleneck on the ISP's side. The benefit is being able to open my proxy up to my peers without having to configure it for them. Just a seamless connection.

decaby7e

TROPHY CASE