FROM alpine:latest

RUN apk --no-cache add php7-apache2 phpldapadmin

ENV LDAP_SERVER='ldaps:\/\/ldap.slurm.ch:636'
ENV LDAPROOT=dc=slurm,dc=ch
ENV LDAP_PORT=0
ENV LDAP_TLS=false
ENV LDAP_SERVER_NAME="Slurm Data Center"

# Link the LDAP gui from the install dir to the Apache default HTML directory 
RUN mkdir -p /run/apache2 &&\
    rm -rf /var/www/localhost/htdocs &&\
    ln -sf /usr/share/webapps/phpldapadmin/htdocs/ /var/www/localhost/

# Change the default config. Key points:
# - Config the server, the bind_id
# - TLS must be false for ldaps://
# - Allow .htaccess in Apache2.
RUN cp /etc/phpldapadmin/config.php.example /etc/phpldapadmin/config.php &&\
    sed -i "/'server','host','127.0.0.1'/ s#// ##" /etc/phpldapadmin/config.php && \
    sed -i "s/127.0.0.1/${LDAP_SERVER}/" /etc/phpldapadmin/config.php && \ 
    sed -i "/'server','base'/ s/array('')/array('${LDAPROOT}')/" /etc/phpldapadmin/config.php && \ 
    sed -i "/'server','port'/ s/389/${LDAP_PORT}/" /etc/phpldapadmin/config.php && \ 
    sed -i "/'login','bind_id'/ s/''/'cn=Manager,${LDAPROOT}'/" /etc/phpldapadmin/config.php && \ 
    sed -i "/'server','tls'/ s/false/${LDAP_TLS}/" /etc/phpldapadmin/config.php && \ 
    sed -i "s/My LDAP Server/${LDAP_SERVER_NAME}/" /etc/phpldapadmin/config.php && \
    sed -i "s#AllowOverride none#AllowOverride All#" /etc/apache2/httpd.conf

# Tell the ldap client about the self-signed TLS CA certificate
RUN echo "TLS_CACERT /etc/ssl/certs/CAself-cert.pem" >> /etc/openldap/ldap.conf

CMD ["httpd","-D","FOREGROUND"]