Separated ldapadmin into panel.domain

fstack/lib/ldap.sh

@@ -53,35 +53,6 @@ services:
       - LDAP_TLS_CA_CRT_FILENAME=chain1.pem
       - LDAP_TLS_VERIFY_CLIENT=try
 
-  ldapadmin:
-    image: wheelybird/ldap-user-manager:latest
-    container_name: ldapadmin
-    hostname: ldapadmin.$DOMAIN
-    domainname: $DOMAIN
-    restart: always
-    networks:
-      fstack:
-        ipv4_address: 172.99.0.12
-    ports:
-      - 8080:80
-      - 8443:443
-    volumes:
-      - ./data/certs:/opt/ssl
-    environment:
-      - SERVER_HOSTNAME=ldapadmin.$DOMAIN
-      - LDAP_URI=ldap://ldap.$DOMAIN
-      - LDAP_BASE_DN=dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
-      - LDAP_REQUIRE_STARTTLS=true
-      - LDAP_ADMINS_GROUP=admins
-      - LDAP_ADMIN_BIND_DN=cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
-      - LDAP_ADMIN_BIND_PWD=$ADMINPASS
-      - NO_HTTPS=false
-      - SERVER_CERT_FILENAME=fullchain1.pem
-      - SERVER_KEY_FILENAME=privkey1.pem
-      - CA_CERT_FILENAME=chain1.pem
-    depends_on:
-      - ldap
-
 networks:
   fstack:
     external: true
@@ -183,7 +154,7 @@ start_ldap() {
   if [ $DEBUG ]; then
     # Start fstack/ldap with output to console for debug
     docker-compose -f fstack/ldap/docker-compose.yml -p ldap up
-    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/dns"
+    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/ldap"
   else
     docker-compose -f fstack/ldap/docker-compose.yml -p ldap up -d &> /dev/null
 

fstack/lib/panel.sh

@@ -0,0 +1,104 @@
+#!/bin/bash
+#
+# Federated Stack Control Panel 
+
+PATH=$HOME/.docker/cli-plugins:/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+config_panel() {
+  echo -ne "\n* Configuring fstack/panel container.."
+  spin &
+  SPINPID=$!
+
+  if [ ! -d "fstack/panel" ]; then
+    mkdir -p fstack/panel/data/root/certs &> /dev/null
+    cp -rf fstack/dns/data/etc/letsencrypt/archive/$DOMAIN/*.pem fstack/panel/data/root/certs/
+  fi
+
+  DOMAIN_ARRAY=(${DOMAIN//./ })
+  DOMAIN_FIRST=${DOMAIN_ARRAY[0]}
+  DOMAIN_LAST=${DOMAIN_ARRAY[1]}
+
+cat > fstack/panel/docker-compose.yml <<EOF
+version: '3.8'
+services:
+  panel:
+    image: wheelybird/ldap-user-manager:latest
+    container_name: panel
+    hostname: panel.$DOMAIN
+    domainname: $DOMAIN
+    restart: always
+    networks:
+      fstack:
+        ipv4_address: 172.99.0.12
+    ports:
+      - 8080:80
+      - 8443:443
+    volumes:
+      - ./data/root/certs:/opt/ssl
+    environment:
+      - SERVER_HOSTNAME=panel.$DOMAIN
+      - LDAP_URI=ldap://ldap.$DOMAIN
+      - LDAP_BASE_DN=dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+      - LDAP_REQUIRE_STARTTLS=true
+      - LDAP_ADMINS_GROUP=admins
+      - LDAP_ADMIN_BIND_DN=cn=admin,dc=$DOMAIN_FIRST,dc=$DOMAIN_LAST
+      - LDAP_ADMIN_BIND_PWD=$ADMINPASS
+      - LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES=PostfixBookMailAccount
+      - LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES=mailEnabled:Mail Enabled:TRUE,mailAlias+:Email aliases
+      - EMAIL_DOMAIN=$DOMAIN
+      - USERNAME_FORMAT={first_name}.{last_name}
+      - SITE_NAME=$COMPANY User Manager
+      - SMTP_HOSTNAME=mail.$DOMAIN
+      - SMTP_USERNAME=admin
+      - SMTP_PASSWORD=$ADMINPASS
+      - EMAIL_FROM_ADDRESS=admin@$DOMAIN
+      - SMTP_USE_TLS=true
+      - NO_HTTPS=false
+      - SERVER_CERT_FILENAME=fullchain1.pem
+      - SERVER_KEY_FILENAME=privkey1.pem
+      - CA_CERT_FILENAME=chain1.pem
+
+networks:
+  fstack:
+    external: true
+EOF
+ 
+kill -9 $SPINPID &> /dev/null
+echo -ne "done."
+}
+
+start_panel() {
+  # Start fstack/panel with output to /dev/null
+  echo -ne "\n* Starting fstack/panel service.."
+  spin &
+  SPINPID=$!
+
+  if [ $DEBUG ]; then
+    # Start fstack/panel with output to console for debug
+    docker-compose -f fstack/panel/docker-compose.yml -p panel up
+    [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service fstack/panel"
+  else
+    docker-compose -f fstack/panel/docker-compose.yml -p panel up -d &> /dev/null
+
+    # Keep trying panel port 443 to make sure it's up
+    # before we proceed
+    RETRY="23"
+    while [ $RETRY -gt 0 ]; do
+      nc -z 172.99.0.12 443 &> /dev/null
+      if [ $? -eq 0 ]; then
+        break
+      else
+        if [ "$RETRY" == 1 ]; then
+          docker-compose -f fstack/panel/docker-compose.yml -p panel down &> /dev/null
+          kill -9 $SPINPID &> /dev/null
+          fail "There was a problem starting service fstack/panel\nCheck the output of 'docker logs panel' or turn on\ndebug with -d"
+        fi
+        ((RETRY--))
+        sleep 7
+      fi
+    done
+  fi
+
+  kill -9 $SPINPID &> /dev/null
+  echo -ne "done."
+}

install-federated.sh

@@ -33,16 +33,16 @@ failcheck() {
   exit 2;
 }
 get_config() {
-#  FSTACKURL="http://137.184.95.3:8000"
+  FSTACKURL="http://137.184.95.3:8000"
-#  [ ! -d "fstack/lib" ] && mkdir -p fstack/lib
+  [ ! -d "fstack/lib" ] && mkdir -p fstack/lib
 
   # Download each library file
-#  for i in checks network dns ldap mail; do
+  for i in checks network dns ldap mail; do
-#    if [ ! -f "fstack/lib/$i.sh" ]; then
+    if [ ! -f "fstack/lib/$i.sh" ]; then
-#      curl $FSTACKURL/$i.sh -o fstack/lib/$i.sh -s -f &> /dev/null
+      curl $FSTACKURL/$i.sh -o fstack/lib/$i.sh -s -f &> /dev/null
-#      [ $? -ne 0 ] && failcheck "Couldn't download $i.sh"
+      [ $? -ne 0 ] && failcheck "Couldn't download $i.sh"
-#    fi
+    fi
-#  done
+  done
 
   . fstack/lib/checks.sh
   . fstack/lib/network.sh
@@ -50,6 +50,7 @@ get_config() {
   . fstack/lib/ldap.sh
   . fstack/lib/mail.sh
   . fstack/lib/nextcloud.sh
+  . fstack/lib/panel.sh
 
   echo -ne "\nFederated Stack install script\n\n"
   read -p '* Enter domain name (domain.com): ' DOMAIN
@@ -95,6 +96,10 @@ start_mail
 config_nextcloud
 start_nextcloud
 
+# Configure fstack/panel container and start it
+config_panel
+start_panel
+
 # Print out fstack environment details
 echo -ne "\n\nInstall completed successfully.\n\n" 
 echo -ne "Certificates at fstack/dns/data/etc/letsencrypt/archive/$DOMAIN\n"