From 1e22db4245c2827965ba18f45ef2b1810442d18e Mon Sep 17 00:00:00 2001
From: Simon Bruder <simon@sbruder.de>
Date: Sat, 28 Dec 2019 10:43:56 +0000
Subject: [PATCH] init

---
 .drone.yml    | 13 +++++++++++++
 Dockerfile    | 10 ++++++++++
 entrypoint.sh |  9 +++++++++
 httpd.conf    | 39 +++++++++++++++++++++++++++++++++++++++
 4 files changed, 71 insertions(+)
 create mode 100644 .drone.yml
 create mode 100644 Dockerfile
 create mode 100755 entrypoint.sh
 create mode 100644 httpd.conf

diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..9223850
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,13 @@
+kind: pipeline
+name: default
+
+steps:
+- name: docker
+  image: plugins/docker
+  settings:
+    registry: r.sbruder.de
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+    repo: r.sbruder.de/ldap-forward-auth
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..ff07510
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,10 @@
+FROM httpd:alpine
+
+RUN mkdir /srv/www \
+    && touch /srv/www/index.html
+
+COPY httpd.conf /usr/local/apache2/conf/httpd.conf
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..55898ba
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,9 @@
+#!/bin/ash
+sed -i \
+    -e "s/@@LDAP_SERVER@@/$LDAP_SERVER/" \
+    -e "s/@@LDAP_BASE@@/$LDAP_BASE/" \
+    -e "s/@@LDAP_USER@@/$LDAP_USER/" \
+    -e "s/@@LDAP_PASSWORD@@/$LDAP_PASSWORD/" \
+    /usr/local/apache2/conf/httpd.conf
+
+exec httpd-foreground
diff --git a/httpd.conf b/httpd.conf
new file mode 100644
index 0000000..688c29e
--- /dev/null
+++ b/httpd.conf
@@ -0,0 +1,39 @@
+ServerRoot "/usr/local/apache2"
+ServerName "localhost"
+Listen 80
+
+LoadModule mpm_event_module modules/mod_mpm_event.so
+
+LoadModule auth_basic_module modules/mod_auth_basic.so
+LoadModule authn_core_module modules/mod_authn_core.so
+LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
+LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_user_module modules/mod_authz_user.so
+LoadModule ldap_module modules/mod_ldap.so
+
+LoadModule mime_module modules/mod_mime.so
+LoadModule unixd_module modules/mod_unixd.so
+LoadModule dir_module modules/mod_dir.so
+
+User daemon
+Group daemon
+
+DocumentRoot "/srv/www"
+<Directory "/srv/www">
+    AuthName "traefik forward auth"
+    AuthBasicProvider ldap
+    AuthType Basic
+
+    AuthLDAPURL "ldap://@@LDAP_SERVER@@/@@LDAP_BASE@@" "STARTTLS"
+    AuthLDAPBindDN "@@LDAP_USER@@"
+    AuthLDAPBindPassword "@@LDAP_PASSWORD@@"
+
+    DirectoryIndex index.html
+
+    Require valid-user
+</Directory>
+
+ErrorLog /proc/self/fd/2
+LogLevel warn
+
+TypesConfig conf/mime.types