init

.drone.yml

@@ -0,0 +1,13 @@
+kind: pipeline
+name: default
+
+steps:
+- name: docker
+  image: plugins/docker
+  settings:
+    registry: r.sbruder.de
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+    repo: r.sbruder.de/ldap-forward-auth

Dockerfile

@@ -0,0 +1,10 @@
+FROM httpd:alpine
+
+RUN mkdir /srv/www \
+    && touch /srv/www/index.html
+
+COPY httpd.conf /usr/local/apache2/conf/httpd.conf
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

entrypoint.sh

@@ -0,0 +1,9 @@
+#!/bin/ash
+sed -i \
+    -e "s/@@LDAP_SERVER@@/$LDAP_SERVER/" \
+    -e "s/@@LDAP_BASE@@/$LDAP_BASE/" \
+    -e "s/@@LDAP_USER@@/$LDAP_USER/" \
+    -e "s/@@LDAP_PASSWORD@@/$LDAP_PASSWORD/" \
+    /usr/local/apache2/conf/httpd.conf
+
+exec httpd-foreground

httpd.conf

@@ -0,0 +1,39 @@
+ServerRoot "/usr/local/apache2"
+ServerName "localhost"
+Listen 80
+
+LoadModule mpm_event_module modules/mod_mpm_event.so
+
+LoadModule auth_basic_module modules/mod_auth_basic.so
+LoadModule authn_core_module modules/mod_authn_core.so
+LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
+LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_user_module modules/mod_authz_user.so
+LoadModule ldap_module modules/mod_ldap.so
+
+LoadModule mime_module modules/mod_mime.so
+LoadModule unixd_module modules/mod_unixd.so
+LoadModule dir_module modules/mod_dir.so
+
+User daemon
+Group daemon
+
+DocumentRoot "/srv/www"
+<Directory "/srv/www">
+    AuthName "traefik forward auth"
+    AuthBasicProvider ldap
+    AuthType Basic
+
+    AuthLDAPURL "ldap://@@LDAP_SERVER@@/@@LDAP_BASE@@" "STARTTLS"
+    AuthLDAPBindDN "@@LDAP_USER@@"
+    AuthLDAPBindPassword "@@LDAP_PASSWORD@@"
+
+    DirectoryIndex index.html
+
+    Require valid-user
+</Directory>
+
+ErrorLog /proc/self/fd/2
+LogLevel warn
+
+TypesConfig conf/mime.types