A docker image to run Apache directory Server

start a new instance :

docker run -d -p 10389:10389 --name my-ldap-ds yvnicolas/apacheds

You can then access the ldap directory using Apache directory studio. Set up a connection to localhost:10389 using uid=admin,ou=system and default password secret.

Administrative password can be changed using the ADMINPWD environment variable :

docker run -d -p 10389:10389 --name my-ldap-ds -e ADMINPWD=my-super-secret yvnicolas/apacheds

If you have a preexisting Ldif file, use the LDIFINIT environment variable to populate the directory at start using a -v mount:

docker run -d -p 10389:10389 --name my-ldap-ds -v <path/to/dir/where/your/ldif/is>:/ldif -e LDIFINIT=/ldif/my-file.ldif yvnicolas/apacheds

Open a console

docker logs -f my-ldap-ds

Stop the server

docker stop my-ldap-ds

The initds.sh script, used as Entrypoint will check whether the /var/lib/apacheds/default has already something running by checking that the run/apacheds-default.pid files exists (typical case when a container has been stopped previously either purposedly either because of a reboot of the underlying server. If existing, the pid file will be deleted.

This enables the directory to restart gracefully and enables to use docker stop and docker start on the container.

Setting up the password with an environment variable is not ideally secure as the password will allways be readable by someone who has access to the machine on which the container runs. This is not recommended by docker anymore although used by official images like mysql. It is suitable for development though and I have not found a clear best practice recommendations for alternatives. docker engine issue 13490 seems to be a good discussion on the subject.