Containerization
To run GLAuth in a container, you have three choices:
- Fetch and instantiate an image from Docker Hub (the most popular approach)
- Clone the GLAuth repository and manually create your image
- Use Kubernetes’s Helm chart
The default approach looks like this:
1docker run -d glauth/glauthor to run GLAuth with its plugins:
1docker run -d glauth/glauth-pluginsTo specify your own config file (which is the most likely scenario):
1docker run -d \2 -v <path>/config.cfg:/app/config/config.cfg \3 glauth/glauthAnd to expose port numbers (unless you are using a reverse proxy):
1docker run -d \2 -p 389:3893 \3 -p 636:3894 \4 -p 5555:5555 \5 glauth/glauthsqlite
If you are using sqlite, please follow these instructions to avoid losing your data!
You sqlite database must be made permanent. It can either be stored on the host, on in a dedicated volume (more difficult)
You database will be clobbered if you do not specify a configuration file. Unless…
Method #1: configuration file + database file on host
Retrieve a base database file from https://github.com/glauth/glauth/raw/master/v2/scripts/docker/gl.db
1docker run -d \2 -v <path>/config.cfg:/app/config/config.cfg \3 -v <path>/gl.db:/app/config/gl.db \4 glauth/glauthMethod #2: no configuration file, but database file on host
In this scenario, the container’s startup script will copy the database file over its working file.
1docker run -d \2 -v <path>/gl.db:/app/docker/gl.db \3 glauth/glauthLDAP certificates
You definitely should not be using the default certificates in production!
First, modify your configuration file to point to where your certificate files will be mounted in your container. /app/config is a good option.
Then:
1docker run -d \2 -v <path>/config.cfg:/app/config/config.cfg \3 -v <path>/cert.pem:/app/config/cert.pem \4 -v <path>/key.pem:/app/config/key.pem \5 glauth/glauth