Installation via Docker
Beschreibung:
Ein ldap Server für Adressbücher mit carddav sync.
Installation:
Docker installieren
apt install docker.io docker-compose curlNun Projektverzeichnisse erstellen
ldap-carddav-stack/
├── docker-compose.yml
├── .env
├── ldap-carddav/
│ └── config.php # deine Konfiguration
├── Dockerfile # für ldap-carddavmkdir -p /root/ldap-carddav-stack/ldap-carddavDockerfile erstellen zum image bauen
nano /root/ldap-carddav-stack/DockerfileInhalt
FROM debian:bookworm
ENV DEBIAN_FRONTEND=noninteractive
# Abhängigkeiten installieren
RUN apt-get update && apt-get install -y \
apache2 \
php \
php-ldap \
php-xml \
php-mbstring \
git \
unzip \
php-sqlite3 \
curl \
composer \
&& apt-get clean
# ldap-carddav klonen
RUN git clone https://github.com/isubsoft/ldap-carddav.git /var/www/html/ldap-carddav
# Composer-Abhängigkeiten installieren
WORKDIR /var/www/html/ldap-carddav
RUN composer install
# Apache konfigurieren
RUN echo "<Directory /var/www/html/ldap-carddav>\n\
AllowOverride All\n\
Require all granted\n\
</Directory>" >> /etc/apache2/apache2.conf
RUN a2enmod rewrite
CMD ["apachectl", "-D", "FOREGROUND"]
EXPOSE 80
Die .env Datei
nano /root/ldap-carddav-stack/.envInhalt
LDAP_ORGANISATION=ExampleCorp
LDAP_DOMAIN=example
LDAP_TOP_DOMAIN=local
LDAP_ADMIN_PASSWORD=admin
Die compose Datei
nano /root/ldap-carddav-stack/docker-compose.ymlInhalt
version: '3.8'
services:
ldap:
image: osixia/openldap:1.5.0
container_name: ldap
environment:
LDAP_ORGANISATION: ${LDAP_ORGANISATION}
LDAP_DOMAIN: ${LDAP_DOMAIN}.${LDAP_TOP_DOMAIN}
LDAP_ADMIN_PASSWORD: ${LDAP_ADMIN_PASSWORD}
volumes:
- ./ldap_data:/var/lib/ldap
- ./ldap_config:/etc/ldap/slapd.d
ports:
- "389:389"
phpldapadmin:
image: osixia/phpldapadmin:0.9.0
container_name: phpldapadmin
environment:
PHPLDAPADMIN_LDAP_HOSTS: ldap
ports:
- "6443:443"
carddav:
build:
context: .
dockerfile: Dockerfile
container_name: ldap-carddav
ports:
- "8080:80"
volumes:
- ./ldap-carddav/conf.php:/var/www/html/ldap-carddav/conf/conf.php:ro
depends_on:
- ldap
environment:
- LDAP_HOST=ldap
- LDAP_BASE_DN=ou=${LDAP_ORGANISATION},dc=${LDAP_DOMAIN},dc=${LDAP_TOP_DOMAIN}
- LDAP_BIND_DN=cn=admin,ou=${LDAP_ORGANISATION},dc=${LDAP_DOMAIN},dc=${LDAP_TOP_DOMAIN}
- LDAP_BIND_PASSWORD=${LDAP_ADMIN_PASSWORD}
PHP File
nano /root/ldap-carddav-stack/ldap-carddav/conf.phpInhalt
<?php
$config = [];
// === TEMP / DATA ===
$config['tmpdir'] = '%systempdir';
$config['datadir'] = '/var/lib/ldap_carddav';
// === DATABASE ===
$config['sync_database'] = [
'dsn' => 'sqlite:%datadir/sync/syncdb/sqlite/cards.db',
'username' => '',
'password' => '',
'options' => [],
'init_commands' => []
];
// === LDAP SERVER CONFIG ===
$config['server']['ldap'] = [
'host' => getenv('LDAP_HOST') ?: 'localhost',
'network_timeout' => 10,
'connection_security' => 'none'
];
// === LDAP AUTH ===
$config['auth']['ldap'] = [
'base_dn' => getenv('LDAP_BASE_DN') ?: 'ou=People,dc=example,dc=org',
'bind_dn' => '%dn',
'bind_pass' => '%p',
'search_base_dn' => '',
'search_filter' => '(&(objectclass=inetOrgPerson)(uid=%u))',
'search_bind_dn' => getenv('LDAP_BIND_DN') ?: 'cn=admin,ou=People,dc=example,dc=org',
'search_bind_pw' => getenv('LDAP_BIND_PASSWORD') ?: 'admin',
'scope' => 'list'
];
// === PRINCIPAL SEARCH ===
$config['principal']['ldap'] = [
'base_dn' => getenv('LDAP_BASE_DN') ?: 'ou=People,dc=example,dc=org',
'search_base_dn' => '',
'search_filter' => '(&(objectclass=inetOrgPerson)(uid=*))',
'search_bind_dn' => getenv('LDAP_BIND_DN') ?: 'cn=admin,ou=People,dc=example,dc=org',
'search_bind_pw' => getenv('LDAP_BIND_PASSWORD') ?: 'admin',
'scope' => 'list',
'fieldmap' => [
'id' => 'uid',
'displayname' => 'cn',
'mail' => 'mail'
]
];
// Hinweis: Die folgenden Einträge sind stark gekürzt. Siehe Original für volle Struktur.
// Du kannst z. B. $config['card']['addressbook']['ldap']['me'], ['global'], ['personal'] wie oben mit getenv() einbinden.
// Beispiel für ein Adressbuch-Eintrag mit bind_dn über ENV
$config['card']['addressbook']['ldap']['global'] = [
'name' => 'Global Address Book',
'description' => 'Globale Kontakte',
'user_specific' => false,
'writable' => false,
'base_dn' => getenv('LDAP_BASE_DN') ?: 'ou=People,dc=example,dc=org',
'filter' => '(objectClass=inetOrgPerson)',
'bind_dn' => getenv('LDAP_BIND_DN') ?: 'cn=admin,ou=People,dc=example,dc=org',
'bind_pass' => getenv('LDAP_BIND_PASSWORD') ?: 'admin',
'scope' => 'sub',
'LDAP_Object_Classes' => ['inetOrgPerson'],
'required_fields' => ['cn', 'sn'],
'LDAP_rdn' => 'uid',
'fieldmap' => [
'FN' => ['field_name' => 'cn'],
'EMAIL' => ['field_name' => 'mail'],
'TEL' => [[ 'field_name' => 'telephoneNumber' ]]
]
];
Aufrufen
-
phpLDAPadmin:
https://localhost:6443
Benutzername aus unserem Beispiel : cn=admin,dc=example,dc=local
Passwort aus unserem Beispiel : admin -
ldap-carddav WebDAV/CardDAV:
http://localhost:8080/ldap-carddav/
Datenbank initialiseren
docker-compose exec carddav /bin/bash
cd src/App
php /var/www/html/ldap-carddav/src/App/syncdb.php