Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| f9bb1bbc4a | |||
| 100b127a29 | |||
| 9369d15cff | |||
| c897b1104e | |||
| d73e43a7f5 | |||
| e0db93d31e | |||
| 854355071b | |||
| 511b1f51d4 | |||
| 6feb2e9aeb |
16
Dockerfile
16
Dockerfile
@@ -1,5 +1,5 @@
|
||||
FROM alpine:3.17.0
|
||||
#FROM alpine:edge
|
||||
#FROM alpine:3.17.0
|
||||
FROM alpine:edge
|
||||
MAINTAINER Rich Braun "docker@instantlinux.net"
|
||||
ARG BUILD_DATE
|
||||
ARG VCS_REF
|
||||
@@ -13,8 +13,6 @@ ENV ADMIN_PASSWORD_SECRET=samba-admin-password \
|
||||
ALLOW_DNS_UPDATES=secure \
|
||||
BIND_INTERFACES_ONLY=yes \
|
||||
DOMAIN_ACTION=provision \
|
||||
DOMAIN_LOGONS=yes \
|
||||
DOMAIN_MASTER=no \
|
||||
INTERFACES="lo eth0" \
|
||||
LOG_LEVEL=1 \
|
||||
MODEL=standard \
|
||||
@@ -23,14 +21,16 @@ ENV ADMIN_PASSWORD_SECRET=samba-admin-password \
|
||||
SERVER_STRING="Samba Domain Controller" \
|
||||
TZ=UTC \
|
||||
WINBIND_USE_DEFAULT_DOMAIN=yes \
|
||||
WORKGROUP=AD
|
||||
|
||||
#ARG SAMBA_VERSION=4.16.7-r1
|
||||
WORKGROUP=AD \
|
||||
SYSVOL_DISABLE_SYNC=no \
|
||||
SYSVOL_SSH_PORT=8322 \
|
||||
SYSVOL_SSH_KEY_SECRET=samba-ssh-key \
|
||||
SYSVOL_SSH_PUB_SECRET=samba-ssh-pub
|
||||
|
||||
COPY *.conf.j2 /root/
|
||||
COPY entrypoint.sh /usr/local/bin/
|
||||
RUN apk add --update --no-cache krb5 ldb-tools samba-dc tdb \
|
||||
bind bind-libs bind-tools libcrypto1.1 libxml2 tzdata && \
|
||||
bind bind-libs bind-tools libxml2 tzdata && \
|
||||
chmod 0755 /usr/local/bin/entrypoint.sh
|
||||
|
||||
VOLUME /etc/samba /var/lib/samba
|
||||
|
||||
@@ -6,6 +6,7 @@ else
|
||||
NETBIOS_NAME=$(echo $NETBIOS_NAME | tr [a-z] [A-Z])
|
||||
fi
|
||||
REALM=$(echo "$REALM" | tr [a-z] [A-Z])
|
||||
DOMAIN=$(echo "$REALM" | tr [A-Z] [a-z])
|
||||
|
||||
if [ ! -f /etc/timezone ] && [ ! -z "$TZ" ]; then
|
||||
echo 'Set timezone'
|
||||
@@ -43,16 +44,14 @@ if [ ! -f /var/lib/samba/registry.tdb ]; then
|
||||
echo 'root = administrator' > /etc/samba/smbusers
|
||||
fi
|
||||
mkdir -p -m 700 /etc/samba/conf.d
|
||||
for file in /etc/samba/smb.conf /etc/samba/conf.d/netlogon.conf \
|
||||
/etc/samba/conf.d/sysvol.conf; do
|
||||
for file in /etc/samba/smb.conf; do
|
||||
sed -e "s:{{ ALLOW_DNS_UPDATES }}:$ALLOW_DNS_UPDATES:" \
|
||||
-e "s:{{ BIND_INTERFACES_ONLY }}:$BIND_INTERFACES_ONLY:" \
|
||||
-e "s:{{ DOMAIN_LOGONS }}:$DOMAIN_LOGONS:" \
|
||||
-e "s:{{ DOMAIN_MASTER }}:$DOMAIN_MASTER:" \
|
||||
-e "s+{{ INTERFACES }}+$INTERFACES+" \
|
||||
-e "s:{{ LOG_LEVEL }}:$LOG_LEVEL:" \
|
||||
-e "s:{{ NETBIOS_NAME }}:$NETBIOS_NAME:" \
|
||||
-e "s:{{ REALM }}:$REALM:" \
|
||||
-e "s:{{ DOMAIN }}:$DOMAIN:" \
|
||||
-e "s:{{ SERVER_STRING }}:$SERVER_STRING:" \
|
||||
-e "s:{{ WINBIND_USE_DEFAULT_DOMAIN }}:$WINBIND_USE_DEFAULT_DOMAIN:" \
|
||||
-e "s:{{ WORKGROUP }}:$WORKGROUP:" \
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
[netlogon]
|
||||
path = /var/lib/samba/sysvol/{{ REALM }}/scripts
|
||||
read only = No
|
||||
14
smb.conf.j2
14
smb.conf.j2
@@ -10,10 +10,20 @@
|
||||
add machine script = /usr/sbin/adduser -D -H -G users -s /bin/false %u
|
||||
allow dns updates = {{ ALLOW_DNS_UPDATES }}
|
||||
bind interfaces only = {{ BIND_INTERFACES_ONLY }}
|
||||
domain logons = {{ DOMAIN_LOGONS }}
|
||||
domain master = {{ DOMAIN_MASTER }}
|
||||
interfaces = {{ INTERFACES }}
|
||||
log level = {{ LOG_LEVEL }}
|
||||
winbind refresh tickets = Yes
|
||||
winbind use default domain = {{ WINBIND_USE_DEFAULT_DOMAIN }}
|
||||
|
||||
acl_xattr:ignore system acls = yes
|
||||
acl_xattr:default acl style = windows
|
||||
|
||||
[sysvol]
|
||||
path = /var/lib/samba/sysvol
|
||||
read only = No
|
||||
|
||||
[netlogon]
|
||||
path = /var/lib/samba/sysvol/{{ DOMAIN }}/scripts
|
||||
read only = No
|
||||
|
||||
# Empty new-line must follow
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
[sysvol]
|
||||
path = /var/lib/samba/sysvol
|
||||
read only = No
|
||||
Reference in New Issue
Block a user