Commit 1eb0c594 authored by Felix Bartels's avatar Felix Bartels

some ldap work

Signed-off-by: Felix Bartels's avatarFelix Bartels <felix@host-consultants.de>
parent ea5dd2b1
FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
ENV ROCKET_ENV "staging"
ENV ROCKET_PORT=80
ENV ROCKET_PORT=3000
ENV ROCKET_WORKERS=10
ENV DATA_FOLDER=/app/data
......@@ -16,6 +16,8 @@ COPY --from=mprasil/bitwarden:1.8.0 /web-vault /app/code/web-vault
COPY --from=mprasil/bitwarden:1.8.0 /bitwarden_rs /app/code/
COPY --from=mprasil/bitwarden:1.8.0 /Rocket.toml /app/code/
WORKDIR /app/code
ADD apache.conf /etc/apache2/sites-enabled/bitwarden.conf
RUN a2enmod ldap authnz_ldap proxy proxy_http rewrite
ADD start.sh /app/code/start.sh
CMD [ "/app/code/start.sh" ]
<VirtualHost *:80>
DocumentRoot /app/code
ErrorLog "/dev/stderr"
CustomLog "/dev/stdout" combined
<Location /admin>
AllowOverride None
Order deny,allow
Deny from All
ProxyPreserveHost On
ProxyErrorOverride Off
ProxyPass http://127.0.0.1:3000/
</Location>
<Location /admin>
AllowOverride None
Order deny,allow
Deny from All
AuthType Basic
AuthBasicProvider ldap
AuthName "Use your Cloudron admin account to login"
AuthLDAPURL ${LDAP_URL}/${LDAP_USERS_BASE_DN}?username?sub?(objectclass=user)
AuthLDAPBindDN "${LDAP_BIND_DN}"
AuthLDAPBindPassword "{LDAP_BIND_PASSWORD}"
Require valid-user
Satisfy any
ProxyPreserveHost On
ProxyErrorOverride Off
ProxyPass http://127.0.0.1:3000/
</Location>
<Location /healthcheck>
Order allow,deny
Allow from all
Satisfy Any
ErrorDocument 200 "ok"
RewriteEngine On
RewriteRule "/healthcheck" - [R=200]
</Location>
</VirtualHost>
......@@ -2,10 +2,10 @@
set -eu
#echo "=> Starting apache"
#APACHE_CONFDIR="" source /etc/apache2/envvars
#rm -f "${APACHE_PID_FILE}"
#/usr/sbin/apache2 -DFOREGROUND &
echo "=> Starting apache"
APACHE_CONFDIR="" source /etc/apache2/envvars
rm -f "${APACHE_PID_FILE}"
/usr/sbin/apache2 -DFOREGROUND &
echo "=> Starting bitwarden_rs"
exec /app/code/bitwarden_rs
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment