Skip to content

Commit

Permalink
Add Initial Templates
Browse files Browse the repository at this point in the history
  • Loading branch information
ingalls committed Oct 22, 2024
1 parent d82ebc9 commit 1e51fb4
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 3 deletions.
8 changes: 5 additions & 3 deletions cloudformation/lib/api.js
Original file line number Diff line number Diff line change
Expand Up @@ -47,14 +47,14 @@ export default {
LDAPSVCSecret: {
Type: 'AWS::SecretsManager::Secret',
Properties: {
Description: cf.join([cf.stackName, ' LDAP Master Password']),
Description: cf.join([cf.stackName, ' LDAP SVC Account Password']),
GenerateSecretString: {
SecretStringTemplate: '{"username": "admin"}',
SecretStringTemplate: '{"username": "svcaccount"}',
GenerateStringKey: 'password',
ExcludePunctuation: true,
PasswordLength: 32
},
Name: cf.join([cf.stackName, '/admin']),
Name: cf.join([cf.stackName, '/svc']),
KmsKeyId: cf.ref('KMS')
}
},
Expand Down Expand Up @@ -236,6 +236,8 @@ export default {
{ Name: 'LDAP_DOMAIN', Value: cf.ref('LDAPDomain') },
{ Name: 'LDAP_ADMIN_USERNAME', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:username:AWSCURRENT}}') },
{ Name: 'LDAP_ADMIN_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:password:AWSCURRENT}}') },
{ Name: 'LDAP_SVC_USERNAME', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/svc:SecretString:password:AWSCURRENT}}') },
{ Name: 'LDAP_SVC_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/svc:SecretString:password:AWSCURRENT}}') },
{ Name: 'LDAP_CONFIG_PASSWORD', Value: cf.sub('{{resolve:secretsmanager:${AWS::StackName}/admin:SecretString:password:AWSCURRENT}}') }
],
LogConfiguration: {
Expand Down
3 changes: 3 additions & 0 deletions start
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,14 @@ TLD="$(echo "${LDAP_DOMAIN}" | sed 's/^.*\.//')"
echo "ORG: ${ORG}"
echo "TLD: ${TLD}"

SERVICE_PASSWORD="$(slappasswd -s ${LDAP_SVC_PASSWORD})"

for filename in /container/templates/*.ldif; do
echo "Building ${filename}"

sed -i "s/CUSTOM_ORG/${ORG}/" "${filename}"
sed -i "s/CUSTOM_TLD/${TLD}/" "${filename}"
sed -i "s/CUSTOM_SERVICE_PASSWORD/${SERVICE_PASSWORD}/" "${filename}"

cp "${filename}" "/container/service/slapd/assets/config/bootstrap/ldif/"
done
Expand Down
11 changes: 11 additions & 0 deletions templates/05-svc-service.ldif
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# Update the userPassword below with the hash
dn: uid=ldapsvcaccount,dc=CUSTOM_ORG,dc=CUSTOM_TLD
uid: ldapsvcaccount
description: This account is used to query the LDAP Database
cn: ldapsvcaccount
sn: ldapquery-svcaccount
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
userPassword: CUSTOM_SERVICE_PASSWORD
File renamed without changes.

0 comments on commit 1e51fb4

Please sign in to comment.