From b185374802082382d18374b70af8885b74245ae1 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Fri, 3 Apr 2026 21:38:55 +0000 Subject: [PATCH 01/18] Dockerfile aktualisiert --- Dockerfile | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index ef68339..b98e9bc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,12 +81,13 @@ RUN sed -i 's/^Types: deb$/Types: deb deb-src/' /etc/apt/sources.list.d/debian.s printf 'XKBMODEL="pc105"\nXKBLAYOUT="%s"\nXKBVARIANT=""\nXKBOPTIONS=""\nBACKSPACE="guess"\n' "${COUNTRY}" > /etc/default/keyboard && \ dpkg-reconfigure -f noninteractive keyboard-configuration -#COPY config/pam/ /etc/pam.d/ -#COPY config/nsswitch.conf /etc/nsswitch.conf -#COPY config/xrdp/ /etc/xrdp/ -#COPY config/ldap/ /etc/ldap/ -#COPY config/skel/ /etc/skel/ -#COPY config/sudoers /etc/sudoers +# NEU: Systemweite statische Konfigurationen für LDAP/PAM/Sudo +# 1. Entfernt die gefährliche %users Regel +# 2. Sagt nsswitch, dass Sudoers auch im SSS (LDAP) gesucht werden sollen +# 3. Aktiviert das automatische Erstellen von Home-Verzeichnissen (mkhomedir) +RUN sed -i '/%users/s/^/# /' /etc/sudoers && \ + echo "sudoers: files sss" >> /etc/nsswitch.conf && \ + echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" >> /etc/pam.d/common-session RUN chmod 440 /etc/sudoers && \ mkdir -p /etc/sssd && chown root:root /etc/sssd && chmod 755 /etc/sssd && \ From 36cc5f7402d048476ebbcb73828c1cf4757509a2 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Fri, 3 Apr 2026 21:40:15 +0000 Subject: [PATCH 02/18] entrypoint.sh aktualisiert --- entrypoint.sh | 71 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 64 insertions(+), 7 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 6a22a5e..3f2b134 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,8 +1,65 @@ -#!/bin/sh -service dbus start +#!/bin/bash +set -e + +# Standardwerte setzen, falls beim Containerstart keine Variablen übergeben wurden +LDAP_URI=${LDAP_URI:-"ldap://10.0.2.123:389"} +LDAP_BASE_DN=${LDAP_BASE_DN:-"dc=pi-farm,dc=de"} +LDAP_BIND_DN=${LDAP_BIND_DN:-"cn=admin,dc=pi-farm,dc=de"} +LDAP_SUDO_GROUP=${LDAP_SUDO_GROUP:-"sudo_users"} +# LDAP_BIND_PASSWORD muss übergeben werden! + +echo ">>> Erstelle SSSD Konfiguration..." +cat < /etc/sssd/sssd.conf +[sssd] +config_file_version = 2 +services = nss, pam, sudo +domains = LDAP + +[domain/LDAP] +id_provider = ldap +auth_provider = ldap +sudo_provider = ldap +chpass_provider = ldap + +ldap_uri = ${LDAP_URI} +ldap_search_base = ${LDAP_BASE_DN} +ldap_sudo_search_base = ou=SUDOers,${LDAP_BASE_DN} + +ldap_default_bind_dn = ${LDAP_BIND_DN} +ldap_default_authtok = ${LDAP_BIND_PASSWORD} + +ldap_schema = rfc2307bis +ldap_group_member = uniqueMember + +ldap_id_use_start_tls = false +ldap_tls_reqcert = never +ldap_auth_disable_tls_never_use_in_production = true + +cache_credentials = true +enumerate = false +EOF + +# Rechte zwingend auf 600, sonst startet SSSD nicht +chmod 600 /etc/sssd/sssd.conf +chown root:root /etc/sssd/sssd.conf + +echo ">>> Erstelle Sudoers-Regel für Gruppe: ${LDAP_SUDO_GROUP}..." +echo "%${LDAP_SUDO_GROUP} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ldap-admins +chmod 0440 /etc/sudoers.d/ldap-admins + +echo ">>> Leere alten SSSD Cache..." rm -f /var/lib/sss/db/* -sssd -i & -xrdp-sesman --nodaemon & -xrdp --nodaemon & -#service xrdp start -tail -f /var/log/xrdp.log +rm -f /var/lib/sss/mc/* + +echo ">>> Starte SSSD im Hintergrund..." +# Wir starten SSSD als Hintergrunddienst (ohne interaktives Log-Spamming) +sssd -D + +echo ">>> Starte XRDP..." +# dbus starten (oft wichtig für xfce im Container) +service dbus start + +# Startet den xrdp-sesman und anschließend xrdp im Vordergrund, +# damit der Container nicht stirbt +xrdp-sesman +exec xrdp -n \ No newline at end of file From 5ef6de93df614a9b29c2e73308a41fb9ab714ac1 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Fri, 3 Apr 2026 21:49:54 +0000 Subject: [PATCH 03/18] buildargs.env aktualisiert --- buildargs.env | 38 ++++++++++++++------------------------ 1 file changed, 14 insertions(+), 24 deletions(-) diff --git a/buildargs.env b/buildargs.env index 798f532..7957a0c 100644 --- a/buildargs.env +++ b/buildargs.env @@ -1,7 +1,7 @@ ## BUILD STAGE BUILD_BASE_IMAGE=debian:bookworm BUILD_COUNTRY=de -BUILD_TAG=bookworm-${BUILD_COUNTRY} +BUILD_TAG=bookworm-de BUILD_TAG_LATEST=y BUILD_LANG=de_DE.UTF-8 BUILD_LANGUAGE=de_DE:de @@ -9,29 +9,19 @@ BUILD_LC_ALL=de_DE.UTF-8 BUILD_TZ=Europe/Berlin BUILD_MAINTAINER=pi-farm BUILD_APP_NAME=baseimage-debian-rdp-ldap -BUILD_APP_VERSION=${BUILD_TAG}-${COUNTRY} +BUILD_APP_VERSION=1.0.0 PUSH=gitea -## ENV STAGE -ENV_SSSD_DEBUG_LEVEL=9 -ENV_LDAP_SCHEMA=rfc2307 -ENV_LDAP_AUTH_DISABLE_TLS=true -ENV_LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER -ENV_LDAP_BIND_USER=admin -ENV_LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM + +## ENV STAGE (Wichtig für deinen Gitea-Workflow) +ENV_SSSD_DEBUG_LEVEL=5 +ENV_LDAP_URI=ldap://10.0.2.123:389 +ENV_LDAP_BASE_DN=dc=pi-farm,dc=de +ENV_LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de ENV_LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD -ENV_LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM -ENV_LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM -ENV_LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM -ENV_LDAP_USER_PASSWORD_ATTRIBUTE=userPassword -ENV_LDAP_USER_OBJECT_CLASS=posixAccount -ENV_LDAP_USER_NAME=uid -ENV_LDAP_USER_DN_ATTRIBUTE=cn -ENV_LDAP_GROUP_OBJECTS_CLASS=posixGroup -ENV_LDAP_ID_USE_START_TLS=false -ENV_LDAP_AUTH_USE_START_TLS=false -ENV_LDAP_TLS_REQCERT=never -ENV_LDAP_SIMPLE_ALLOW_GROUPS=users -VOL_CONFIG=./sssd.conf:/etc/sssd/sssd.conf:ro +ENV_LDAP_SUDO_GROUP=sudo_users + +## DOCKER / COMPOSE CONFIG VOL_HOME=./home:/home -PORT_WEB=3889 -DESCRIPTION="Debian Desktop with LDAP-Auth to use with Guacamole as RDP-destination" \ No newline at end of file +PORT_RDP=3889 + +DESCRIPTION="Debian Desktop with LDAP-Auth, Gitea-Workflow compatible" \ No newline at end of file From 77d2ac3881592773f24dd6e264eb53bc53f0f786 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Fri, 3 Apr 2026 21:50:47 +0000 Subject: [PATCH 04/18] entrypoint.sh aktualisiert --- entrypoint.sh | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 3f2b134..00b70dc 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,12 +1,14 @@ #!/bin/bash set -e -# Standardwerte setzen, falls beim Containerstart keine Variablen übergeben wurden -LDAP_URI=${LDAP_URI:-"ldap://10.0.2.123:389"} -LDAP_BASE_DN=${LDAP_BASE_DN:-"dc=pi-farm,dc=de"} -LDAP_BIND_DN=${LDAP_BIND_DN:-"cn=admin,dc=pi-farm,dc=de"} -LDAP_SUDO_GROUP=${LDAP_SUDO_GROUP:-"sudo_users"} -# LDAP_BIND_PASSWORD muss übergeben werden! +# Mapping der Gitea-Workflow Variablen (ENV_...) auf interne Variablen +# Falls ENV_LDAP_URI nicht gesetzt ist, wird ein Fallback genutzt +LDAP_URI=${ENV_LDAP_URI:-"ldap://localhost:389"} +LDAP_BASE_DN=${ENV_LDAP_BASE_DN:-"dc=example,dc=com"} +LDAP_BIND_DN=${ENV_LDAP_BIND_DN:-"cn=admin,dc=example,dc=com"} +LDAP_BIND_PASSWORD=${ENV_LDAP_BIND_PASSWORD:-"password"} +LDAP_SUDO_GROUP=${ENV_LDAP_SUDO_GROUP:-"sudo_users"} +SSSD_DEBUG=${ENV_SSSD_DEBUG_LEVEL:-0} echo ">>> Erstelle SSSD Konfiguration..." cat < /etc/sssd/sssd.conf @@ -39,7 +41,6 @@ cache_credentials = true enumerate = false EOF -# Rechte zwingend auf 600, sonst startet SSSD nicht chmod 600 /etc/sssd/sssd.conf chown root:root /etc/sssd/sssd.conf @@ -47,19 +48,14 @@ echo ">>> Erstelle Sudoers-Regel für Gruppe: ${LDAP_SUDO_GROUP}..." echo "%${LDAP_SUDO_GROUP} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ldap-admins chmod 0440 /etc/sudoers.d/ldap-admins -echo ">>> Leere alten SSSD Cache..." +echo ">>> Bereinige SSSD Cache..." rm -f /var/lib/sss/db/* rm -f /var/lib/sss/mc/* -echo ">>> Starte SSSD im Hintergrund..." -# Wir starten SSSD als Hintergrunddienst (ohne interaktives Log-Spamming) -sssd -D +echo ">>> Starte Dienste..." +# SSSD mit dem gemappten Debug-Level starten +sssd -D --debug-level=${SSSD_DEBUG} -echo ">>> Starte XRDP..." -# dbus starten (oft wichtig für xfce im Container) service dbus start - -# Startet den xrdp-sesman und anschließend xrdp im Vordergrund, -# damit der Container nicht stirbt xrdp-sesman exec xrdp -n \ No newline at end of file From 9ce48ab14907579fd44a6af7fd3f4c4466540faa Mon Sep 17 00:00:00 2001 From: Gitea Action Date: Fri, 3 Apr 2026 22:31:26 +0000 Subject: [PATCH 05/18] [skip ci] --- README.md | 57 ++++++++++++---------------------------------- VERSION.history | 1 + docker-compose.yml | 24 ++++--------------- 3 files changed, 21 insertions(+), 61 deletions(-) diff --git a/README.md b/README.md index 2fed0ba..8e741af 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # baseimage-debian-rdp-ldap -Debian Desktop with LDAP-Auth to use with Guacamole as RDP-destination +Debian Desktop with LDAP-Auth, Gitea-Workflow compatible [![Build Status](https://git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap/actions/workflows/build-and-push.yaml/badge.svg)](https://git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap/actions) [![Gitea Repo](https://img.shields.io/badge/gitea-repository-blue?logo=gitea&logoColor=white)](__REPO_URL__) @@ -11,8 +11,8 @@ This repository is built and pushed automatically. ### 🏗️ Platform Support | Architecture | Status | Base Image | Build Date | | :--- | :--- | :--- | :--- | -| x86_64 (amd64) | ✅ Active | debian:bookworm | 02.04.2026 17:26 | -| aarch64 (arm64) | ✅ Active | debian:bookworm | 02.04.2026 17:26 | +| x86_64 (amd64) | ✅ Active | debian:bookworm | 04.04.2026 00:31 | +| aarch64 (arm64) | ✅ Active | debian:bookworm | 04.04.2026 00:31 | ### 🚀 Docker Pull ```bash @@ -28,27 +28,13 @@ services: ports: - 3889 environment: - - SSSD_DEBUG_LEVEL=9 - - LDAP_SCHEMA=rfc2307 - - LDAP_AUTH_DISABLE_TLS=true - - LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER - - LDAP_BIND_USER=admin - - LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM + - SSSD_DEBUG_LEVEL=5 + - LDAP_URI=ldap://10.0.2.123:389 + - LDAP_BASE_DN=dc=pi-farm,dc=de + - LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD - - LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM - - LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM - - LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM - - LDAP_USER_PASSWORD_ATTRIBUTE=userPassword - - LDAP_USER_OBJECT_CLASS=posixAccount - - LDAP_USER_NAME=uid - - LDAP_USER_DN_ATTRIBUTE=cn - - LDAP_GROUP_OBJECTS_CLASS=posixGroup - - LDAP_ID_USE_START_TLS=false - - LDAP_AUTH_USE_START_TLS=false - - LDAP_TLS_REQCERT=never - - LDAP_SIMPLE_ALLOW_GROUPS=users + - LDAP_SUDO_GROUP=sudo_users volumes: - - ./sssd.conf:/etc/sssd/sssd.conf:ro - ./home:/home ``` ### 🚀 Docker Run @@ -56,36 +42,23 @@ services: docker run -d \ --name baseimage-debian-rdp-ldap \ --restart unless-stopped \ - -e SSSD_DEBUG_LEVEL=9 \ - -e LDAP_SCHEMA=rfc2307 \ - -e LDAP_AUTH_DISABLE_TLS=true \ - -e LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER \ - -e LDAP_BIND_USER=admin \ - -e LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM \ + -e SSSD_DEBUG_LEVEL=5 \ + -e LDAP_URI=ldap://10.0.2.123:389 \ + -e LDAP_BASE_DN=dc=pi-farm,dc=de \ + -e LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de \ -e LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD \ - -e LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM \ - -e LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM \ - -e LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM \ - -e LDAP_USER_PASSWORD_ATTRIBUTE=userPassword \ - -e LDAP_USER_OBJECT_CLASS=posixAccount \ - -e LDAP_USER_NAME=uid \ - -e LDAP_USER_DN_ATTRIBUTE=cn \ - -e LDAP_GROUP_OBJECTS_CLASS=posixGroup \ - -e LDAP_ID_USE_START_TLS=false \ - -e LDAP_AUTH_USE_START_TLS=false \ - -e LDAP_TLS_REQCERT=never \ - -e LDAP_SIMPLE_ALLOW_GROUPS=users \ - -v ./sssd.conf:/etc/sssd/sssd.conf:ro \ + -e LDAP_SUDO_GROUP=sudo_users \ -v ./home:/home \ -p 3889 \ git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de ``` -*Last updated on: 02.04.2026 17:26* +*Last updated on: 04.04.2026 00:31* ### 📜 Version History | Version | Date | Status | | :--- | :--- | :--- | +| **bookworm-de** | 04.04.2026 00:31 | ✅ | | **bookworm-de** | 02.04.2026 17:26 | ✅ | | **bookworm-de** | 02.04.2026 16:44 | ✅ | | **bookworm-de** | 02.04.2026 15:37 | ✅ | diff --git a/VERSION.history b/VERSION.history index a60b796..46295ea 100644 --- a/VERSION.history +++ b/VERSION.history @@ -1,3 +1,4 @@ +| **bookworm-de** | 04.04.2026 00:31 | ✅ | | **bookworm-de** | 02.04.2026 17:26 | ✅ | | **bookworm-de** | 02.04.2026 16:44 | ✅ | | **bookworm-de** | 02.04.2026 15:37 | ✅ | diff --git a/docker-compose.yml b/docker-compose.yml index 9b3a2f4..f0d5728 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,25 +6,11 @@ services: ports: - 3889 environment: - - SSSD_DEBUG_LEVEL=9 - - LDAP_SCHEMA=rfc2307bis - - LDAP_AUTH_DISABLE_TLS=true - - LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER - - LDAP_BIND_USER=admin - - LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM + - SSSD_DEBUG_LEVEL=5 + - LDAP_URI=ldap://10.0.2.123:389 + - LDAP_BASE_DN=dc=pi-farm,dc=de + - LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD - - LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM - - LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM - - LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM - - LDAP_USER_PASSWORD_ATTRIBUTE=userPassword - - LDAP_USER_OBJECT_CLASS=posixAccount - - LDAP_USER_NAME=uid - - LDAP_USER_DN_ATTRIBUTE=cn - - LDAP_GROUP_OBJECTS_CLASS=posixGroup - - LDAP_ID_USE_START_TLS=false - - LDAP_AUTH_USE_START_TLS=false - - LDAP_TLS_REQCERT=never - - LDAP_SIMPLE_ALLOW_GROUPS=users + - LDAP_SUDO_GROUP=sudo_users volumes: - - ./sssd.conf:/etc/sssd/sssd.conf:ro - ./home:/home From 310c87f4af3cb4449ae70fdaf6fed72ec149ca14 Mon Sep 17 00:00:00 2001 From: Gitea Action Date: Sun, 5 Apr 2026 09:20:35 +0000 Subject: [PATCH 06/18] [skip ci] --- README.md | 7 ++++--- VERSION.history | 1 + 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 8e741af..62cf69f 100644 --- a/README.md +++ b/README.md @@ -11,8 +11,8 @@ This repository is built and pushed automatically. ### 🏗️ Platform Support | Architecture | Status | Base Image | Build Date | | :--- | :--- | :--- | :--- | -| x86_64 (amd64) | ✅ Active | debian:bookworm | 04.04.2026 00:31 | -| aarch64 (arm64) | ✅ Active | debian:bookworm | 04.04.2026 00:31 | +| x86_64 (amd64) | ✅ Active | debian:bookworm | 05.04.2026 11:20 | +| aarch64 (arm64) | ✅ Active | debian:bookworm | 05.04.2026 11:20 | ### 🚀 Docker Pull ```bash @@ -53,11 +53,12 @@ docker run -d \ git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de ``` -*Last updated on: 04.04.2026 00:31* +*Last updated on: 05.04.2026 11:20* ### 📜 Version History | Version | Date | Status | | :--- | :--- | :--- | +| **bookworm-de** | 05.04.2026 11:20 | ✅ | | **bookworm-de** | 04.04.2026 00:31 | ✅ | | **bookworm-de** | 02.04.2026 17:26 | ✅ | | **bookworm-de** | 02.04.2026 16:44 | ✅ | diff --git a/VERSION.history b/VERSION.history index 46295ea..4142c51 100644 --- a/VERSION.history +++ b/VERSION.history @@ -1,3 +1,4 @@ +| **bookworm-de** | 05.04.2026 11:20 | ✅ | | **bookworm-de** | 04.04.2026 00:31 | ✅ | | **bookworm-de** | 02.04.2026 17:26 | ✅ | | **bookworm-de** | 02.04.2026 16:44 | ✅ | From 86a3df69a856f2b0fb1b94818b45fab8b0df307d Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Sun, 5 Apr 2026 09:28:24 +0000 Subject: [PATCH 07/18] buildargs.env aktualisiert --- buildargs.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buildargs.env b/buildargs.env index 7957a0c..9756ef3 100644 --- a/buildargs.env +++ b/buildargs.env @@ -8,7 +8,7 @@ BUILD_LANGUAGE=de_DE:de BUILD_LC_ALL=de_DE.UTF-8 BUILD_TZ=Europe/Berlin BUILD_MAINTAINER=pi-farm -BUILD_APP_NAME=baseimage-debian-rdp-ldap +BUILD_APP_NAME=base-image-debian-rdp-ldap BUILD_APP_VERSION=1.0.0 PUSH=gitea From ff92457c85803e3a3fac555f350ee70516417ba9 Mon Sep 17 00:00:00 2001 From: Gitea Action Date: Sun, 5 Apr 2026 09:47:30 +0000 Subject: [PATCH 08/18] [skip ci] --- README.md | 23 ++++++++++++----------- VERSION.history | 1 + docker-compose.yml | 6 +++--- 3 files changed, 16 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 62cf69f..86a8440 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ -# baseimage-debian-rdp-ldap +# base-image-debian-rdp-ldap Debian Desktop with LDAP-Auth, Gitea-Workflow compatible -[![Build Status](https://git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap/actions/workflows/build-and-push.yaml/badge.svg)](https://git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap/actions) +[![Build Status](https://git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap/actions/workflows/build-and-push.yaml/badge.svg)](https://git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap/actions) [![Gitea Repo](https://img.shields.io/badge/gitea-repository-blue?logo=gitea&logoColor=white)](__REPO_URL__) This repository is built and pushed automatically. @@ -11,19 +11,19 @@ This repository is built and pushed automatically. ### 🏗️ Platform Support | Architecture | Status | Base Image | Build Date | | :--- | :--- | :--- | :--- | -| x86_64 (amd64) | ✅ Active | debian:bookworm | 05.04.2026 11:20 | -| aarch64 (arm64) | ✅ Active | debian:bookworm | 05.04.2026 11:20 | +| x86_64 (amd64) | ✅ Active | debian:bookworm | 05.04.2026 11:47 | +| aarch64 (arm64) | ✅ Active | debian:bookworm | 05.04.2026 11:47 | ### 🚀 Docker Pull ```bash -docker pull git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de +docker pull git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de ``` ### 🚀 Docker Compose ```yaml services: - baseimage-debian-rdp-ldap: - image: git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de - container_name: baseimage-debian-rdp-ldap + base-image-debian-rdp-ldap: + image: git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de + container_name: base-image-debian-rdp-ldap restart: unless-stopped ports: - 3889 @@ -40,7 +40,7 @@ services: ### 🚀 Docker Run ```bash docker run -d \ - --name baseimage-debian-rdp-ldap \ + --name base-image-debian-rdp-ldap \ --restart unless-stopped \ -e SSSD_DEBUG_LEVEL=5 \ -e LDAP_URI=ldap://10.0.2.123:389 \ @@ -50,14 +50,15 @@ docker run -d \ -e LDAP_SUDO_GROUP=sudo_users \ -v ./home:/home \ -p 3889 \ - git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de + git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de ``` -*Last updated on: 05.04.2026 11:20* +*Last updated on: 05.04.2026 11:47* ### 📜 Version History | Version | Date | Status | | :--- | :--- | :--- | +| **bookworm-de** | 05.04.2026 11:47 | ✅ | | **bookworm-de** | 05.04.2026 11:20 | ✅ | | **bookworm-de** | 04.04.2026 00:31 | ✅ | | **bookworm-de** | 02.04.2026 17:26 | ✅ | diff --git a/VERSION.history b/VERSION.history index 4142c51..0e59310 100644 --- a/VERSION.history +++ b/VERSION.history @@ -1,3 +1,4 @@ +| **bookworm-de** | 05.04.2026 11:47 | ✅ | | **bookworm-de** | 05.04.2026 11:20 | ✅ | | **bookworm-de** | 04.04.2026 00:31 | ✅ | | **bookworm-de** | 02.04.2026 17:26 | ✅ | diff --git a/docker-compose.yml b/docker-compose.yml index f0d5728..6ae0d12 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ services: - baseimage-debian-rdp-ldap: - image: git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de - container_name: baseimage-debian-rdp-ldap + base-image-debian-rdp-ldap: + image: git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de + container_name: base-image-debian-rdp-ldap restart: unless-stopped ports: - 3889 From 09449c4da2cdfe73917832033d871d016bdd8687 Mon Sep 17 00:00:00 2001 From: Gitea Action Date: Tue, 7 Apr 2026 15:38:29 +0000 Subject: [PATCH 09/18] [skip ci] --- README.md | 7 ++++--- VERSION.history | 1 + 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 86a8440..457d994 100644 --- a/README.md +++ b/README.md @@ -11,8 +11,8 @@ This repository is built and pushed automatically. ### 🏗️ Platform Support | Architecture | Status | Base Image | Build Date | | :--- | :--- | :--- | :--- | -| x86_64 (amd64) | ✅ Active | debian:bookworm | 05.04.2026 11:47 | -| aarch64 (arm64) | ✅ Active | debian:bookworm | 05.04.2026 11:47 | +| x86_64 (amd64) | ✅ Active | debian:bookworm | 07.04.2026 17:38 | +| aarch64 (arm64) | ✅ Active | debian:bookworm | 07.04.2026 17:38 | ### 🚀 Docker Pull ```bash @@ -53,11 +53,12 @@ docker run -d \ git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de ``` -*Last updated on: 05.04.2026 11:47* +*Last updated on: 07.04.2026 17:38* ### 📜 Version History | Version | Date | Status | | :--- | :--- | :--- | +| **bookworm-de** | 07.04.2026 17:38 | ✅ | | **bookworm-de** | 05.04.2026 11:47 | ✅ | | **bookworm-de** | 05.04.2026 11:20 | ✅ | | **bookworm-de** | 04.04.2026 00:31 | ✅ | diff --git a/VERSION.history b/VERSION.history index 0e59310..ef10293 100644 --- a/VERSION.history +++ b/VERSION.history @@ -1,3 +1,4 @@ +| **bookworm-de** | 07.04.2026 17:38 | ✅ | | **bookworm-de** | 05.04.2026 11:47 | ✅ | | **bookworm-de** | 05.04.2026 11:20 | ✅ | | **bookworm-de** | 04.04.2026 00:31 | ✅ | From c25bbbd5c931907358115957255cce4c96d52642 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Tue, 7 Apr 2026 16:55:47 +0000 Subject: [PATCH 10/18] entrypoint.sh aktualisiert --- entrypoint.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/entrypoint.sh b/entrypoint.sh index 00b70dc..3fa5b1a 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -3,12 +3,12 @@ set -e # Mapping der Gitea-Workflow Variablen (ENV_...) auf interne Variablen # Falls ENV_LDAP_URI nicht gesetzt ist, wird ein Fallback genutzt -LDAP_URI=${ENV_LDAP_URI:-"ldap://localhost:389"} -LDAP_BASE_DN=${ENV_LDAP_BASE_DN:-"dc=example,dc=com"} -LDAP_BIND_DN=${ENV_LDAP_BIND_DN:-"cn=admin,dc=example,dc=com"} -LDAP_BIND_PASSWORD=${ENV_LDAP_BIND_PASSWORD:-"password"} -LDAP_SUDO_GROUP=${ENV_LDAP_SUDO_GROUP:-"sudo_users"} -SSSD_DEBUG=${ENV_SSSD_DEBUG_LEVEL:-0} +LDAP_URI=${LDAP_URI:-"ldap://localhost:389"} +LDAP_BASE_DN=${LDAP_BASE_DN:-"dc=example,dc=com"} +LDAP_BIND_DN=${LDAP_BIND_DN:-"cn=admin,dc=example,dc=com"} +LDAP_BIND_PASSWORD=${LDAP_BIND_PASSWORD} +LDAP_SUDO_GROUP=${LDAP_SUDO_GROUP:-"sudo_users"} +SSSD_DEBUG=${SSSD_DEBUG_LEVEL:-0} echo ">>> Erstelle SSSD Konfiguration..." cat < /etc/sssd/sssd.conf From a7e4b75aaedaa7c10820e8f8061ff9cd90a131f6 Mon Sep 17 00:00:00 2001 From: Gitea Action Date: Tue, 7 Apr 2026 17:28:00 +0000 Subject: [PATCH 11/18] [skip ci] --- README.md | 7 ++++--- VERSION.history | 1 + 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 457d994..daa1946 100644 --- a/README.md +++ b/README.md @@ -11,8 +11,8 @@ This repository is built and pushed automatically. ### 🏗️ Platform Support | Architecture | Status | Base Image | Build Date | | :--- | :--- | :--- | :--- | -| x86_64 (amd64) | ✅ Active | debian:bookworm | 07.04.2026 17:38 | -| aarch64 (arm64) | ✅ Active | debian:bookworm | 07.04.2026 17:38 | +| x86_64 (amd64) | ✅ Active | debian:bookworm | 07.04.2026 19:27 | +| aarch64 (arm64) | ✅ Active | debian:bookworm | 07.04.2026 19:27 | ### 🚀 Docker Pull ```bash @@ -53,11 +53,12 @@ docker run -d \ git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de ``` -*Last updated on: 07.04.2026 17:38* +*Last updated on: 07.04.2026 19:27* ### 📜 Version History | Version | Date | Status | | :--- | :--- | :--- | +| **bookworm-de** | 07.04.2026 19:27 | ✅ | | **bookworm-de** | 07.04.2026 17:38 | ✅ | | **bookworm-de** | 05.04.2026 11:47 | ✅ | | **bookworm-de** | 05.04.2026 11:20 | ✅ | diff --git a/VERSION.history b/VERSION.history index ef10293..54b152f 100644 --- a/VERSION.history +++ b/VERSION.history @@ -1,3 +1,4 @@ +| **bookworm-de** | 07.04.2026 19:27 | ✅ | | **bookworm-de** | 07.04.2026 17:38 | ✅ | | **bookworm-de** | 05.04.2026 11:47 | ✅ | | **bookworm-de** | 05.04.2026 11:20 | ✅ | From 450e65e647d75f611001d9361ed54e613d8cfa07 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Wed, 8 Apr 2026 19:32:05 +0000 Subject: [PATCH 12/18] buildargs.env aktualisiert --- buildargs.env | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/buildargs.env b/buildargs.env index 9756ef3..cf089f1 100644 --- a/buildargs.env +++ b/buildargs.env @@ -2,7 +2,7 @@ BUILD_BASE_IMAGE=debian:bookworm BUILD_COUNTRY=de BUILD_TAG=bookworm-de -BUILD_TAG_LATEST=y +BUILD_TAG_LATEST=n BUILD_LANG=de_DE.UTF-8 BUILD_LANGUAGE=de_DE:de BUILD_LC_ALL=de_DE.UTF-8 @@ -12,16 +12,16 @@ BUILD_APP_NAME=base-image-debian-rdp-ldap BUILD_APP_VERSION=1.0.0 PUSH=gitea -## ENV STAGE (Wichtig für deinen Gitea-Workflow) +## ENV STAGE ENV_SSSD_DEBUG_LEVEL=5 -ENV_LDAP_URI=ldap://10.0.2.123:389 -ENV_LDAP_BASE_DN=dc=pi-farm,dc=de -ENV_LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de -ENV_LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD -ENV_LDAP_SUDO_GROUP=sudo_users +ENV_LDAP_URI=ldap://YOUR-LDAP-SERVER:389 +ENV_LDAP_BASE_DN=dc=YOUR-DOMAIN,dc=LOC +ENV_LDAP_BIND_DN=cn=YOUR-BIND-USER,dc=YOUR-DOMAIN,dc=LOC +ENV_LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-BIND-PASSWORD +ENV_LDAP_SUDO_GROUP=YOUR-SUDO-USERS-GROUP ## DOCKER / COMPOSE CONFIG -VOL_HOME=./home:/home +VOL_HOME=./YOUR-PERSISTENT-FOLDER:/home PORT_RDP=3889 -DESCRIPTION="Debian Desktop with LDAP-Auth, Gitea-Workflow compatible" \ No newline at end of file +DESCRIPTION="Debian Desktop with LDAP-Authentication. To use behind Guacamole with LDAP-Authentication and pass-through to Debian-Desktop." \ No newline at end of file From 9fcc9668cb2306d291ff94164ffec17769600153 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Wed, 8 Apr 2026 20:19:30 +0000 Subject: [PATCH 13/18] Dockerfile aktualisiert --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b98e9bc..6c35377 100644 --- a/Dockerfile +++ b/Dockerfile @@ -98,7 +98,7 @@ RUN chmod 440 /etc/sudoers && \ echo "LANG=${LANG}" >> /etc/environment && \ echo "LANGUAGE=${LANGUAGE}" >> /etc/environment && \ echo "LC_ALL=${LC_ALL}" >> /etc/environment && \ - sed -i '1i export LANG=${LANG}\nexport LANGUAGE=${LANGUAGE}\nexport LC_ALL=${LC_ALL}' /etc/xrdp/startwm.sh && \ + sed -i '2i export LANG=${LANG}\nexport LANGUAGE=${LANGUAGE}\nexport LC_ALL=${LC_ALL}\npulseaudio --start\npactl load-module module-xrdp-sink.so\npactl load-module module-xrdp-source.so' /etc/xrdp/startwm.sh && \ chmod +x /etc/xrdp/startwm.sh && \ mkdir -p /etc/xdg/xfce4 && \ echo "setxkbmap ${COUNTRY}" >> /etc/xdg/xfce4/xinitrc From 7e0c69278c6827af11c87e3225d2662cab8312ab Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Wed, 8 Apr 2026 20:21:06 +0000 Subject: [PATCH 14/18] _Dockerfile.aarch64 aktualisiert --- Dockerfile.aarch64 => _Dockerfile.aarch64 | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Dockerfile.aarch64 => _Dockerfile.aarch64 (100%) diff --git a/Dockerfile.aarch64 b/_Dockerfile.aarch64 similarity index 100% rename from Dockerfile.aarch64 rename to _Dockerfile.aarch64 From 614e0b88db7d7d3e637d82289b77f51dd0df3525 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Wed, 8 Apr 2026 20:33:17 +0000 Subject: [PATCH 15/18] Dockerfile.aarch64 aktualisiert --- _Dockerfile.aarch64 => Dockerfile.aarch64 | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) rename _Dockerfile.aarch64 => Dockerfile.aarch64 (81%) diff --git a/_Dockerfile.aarch64 b/Dockerfile.aarch64 similarity index 81% rename from _Dockerfile.aarch64 rename to Dockerfile.aarch64 index ef68339..6c35377 100644 --- a/_Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -81,12 +81,13 @@ RUN sed -i 's/^Types: deb$/Types: deb deb-src/' /etc/apt/sources.list.d/debian.s printf 'XKBMODEL="pc105"\nXKBLAYOUT="%s"\nXKBVARIANT=""\nXKBOPTIONS=""\nBACKSPACE="guess"\n' "${COUNTRY}" > /etc/default/keyboard && \ dpkg-reconfigure -f noninteractive keyboard-configuration -#COPY config/pam/ /etc/pam.d/ -#COPY config/nsswitch.conf /etc/nsswitch.conf -#COPY config/xrdp/ /etc/xrdp/ -#COPY config/ldap/ /etc/ldap/ -#COPY config/skel/ /etc/skel/ -#COPY config/sudoers /etc/sudoers +# NEU: Systemweite statische Konfigurationen für LDAP/PAM/Sudo +# 1. Entfernt die gefährliche %users Regel +# 2. Sagt nsswitch, dass Sudoers auch im SSS (LDAP) gesucht werden sollen +# 3. Aktiviert das automatische Erstellen von Home-Verzeichnissen (mkhomedir) +RUN sed -i '/%users/s/^/# /' /etc/sudoers && \ + echo "sudoers: files sss" >> /etc/nsswitch.conf && \ + echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" >> /etc/pam.d/common-session RUN chmod 440 /etc/sudoers && \ mkdir -p /etc/sssd && chown root:root /etc/sssd && chmod 755 /etc/sssd && \ @@ -97,7 +98,7 @@ RUN chmod 440 /etc/sudoers && \ echo "LANG=${LANG}" >> /etc/environment && \ echo "LANGUAGE=${LANGUAGE}" >> /etc/environment && \ echo "LC_ALL=${LC_ALL}" >> /etc/environment && \ - sed -i '1i export LANG=${LANG}\nexport LANGUAGE=${LANGUAGE}\nexport LC_ALL=${LC_ALL}' /etc/xrdp/startwm.sh && \ + sed -i '2i export LANG=${LANG}\nexport LANGUAGE=${LANGUAGE}\nexport LC_ALL=${LC_ALL}\npulseaudio --start\npactl load-module module-xrdp-sink.so\npactl load-module module-xrdp-source.so' /etc/xrdp/startwm.sh && \ chmod +x /etc/xrdp/startwm.sh && \ mkdir -p /etc/xdg/xfce4 && \ echo "setxkbmap ${COUNTRY}" >> /etc/xdg/xfce4/xinitrc From 49d7a0b61d855b4ebc2ba1699fff278bca2d1c0a Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Thu, 9 Apr 2026 07:51:22 +0000 Subject: [PATCH 16/18] buildargs.env aktualisiert --- buildargs.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/buildargs.env b/buildargs.env index cf089f1..b5f14de 100644 --- a/buildargs.env +++ b/buildargs.env @@ -10,7 +10,7 @@ BUILD_TZ=Europe/Berlin BUILD_MAINTAINER=pi-farm BUILD_APP_NAME=base-image-debian-rdp-ldap BUILD_APP_VERSION=1.0.0 -PUSH=gitea +PUSH=dockerhub ## ENV STAGE ENV_SSSD_DEBUG_LEVEL=5 From 048a5314815ccc231557716dbf6a1b9049caec64 Mon Sep 17 00:00:00 2001 From: Gitea Action Date: Thu, 9 Apr 2026 08:11:14 +0000 Subject: [PATCH 17/18] [skip ci] --- README.md | 35 ++++++++++++++++++----------------- VERSION.history | 1 + docker-compose.yml | 12 ++++++------ 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index daa1946..b75c1f7 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,18 @@ # base-image-debian-rdp-ldap -Debian Desktop with LDAP-Auth, Gitea-Workflow compatible +Debian Desktop with LDAP-Authentication. To use behind Guacamole with LDAP-Authentication and pass-through to Debian-Desktop. [![Build Status](https://git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap/actions/workflows/build-and-push.yaml/badge.svg)](https://git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap/actions) [![Gitea Repo](https://img.shields.io/badge/gitea-repository-blue?logo=gitea&logoColor=white)](__REPO_URL__) This repository is built and pushed automatically. - +[![Docker Hub](https://img.shields.io/badge/docker-hub-blue?logo=docker__DOCKERHUB_LINK__logoColor=white)](https://hub.docker.com/r/pifarm/base-image-debian-rdp-ldap) ### 🏗️ Platform Support | Architecture | Status | Base Image | Build Date | | :--- | :--- | :--- | :--- | -| x86_64 (amd64) | ✅ Active | debian:bookworm | 07.04.2026 19:27 | -| aarch64 (arm64) | ✅ Active | debian:bookworm | 07.04.2026 19:27 | +| x86_64 (amd64) | ✅ Active | debian:bookworm | 09.04.2026 10:11 | +| aarch64 (arm64) | ✅ Active | debian:bookworm | 09.04.2026 10:11 | ### 🚀 Docker Pull ```bash @@ -29,13 +29,13 @@ services: - 3889 environment: - SSSD_DEBUG_LEVEL=5 - - LDAP_URI=ldap://10.0.2.123:389 - - LDAP_BASE_DN=dc=pi-farm,dc=de - - LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de - - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD - - LDAP_SUDO_GROUP=sudo_users + - LDAP_URI=ldap://YOUR-LDAP-SERVER:389 + - LDAP_BASE_DN=dc=YOUR-DOMAIN,dc=LOC + - LDAP_BIND_DN=cn=YOUR-BIND-USER,dc=YOUR-DOMAIN,dc=LOC + - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-BIND-PASSWORD + - LDAP_SUDO_GROUP=YOUR-SUDO-USERS-GROUP volumes: - - ./home:/home + - ./YOUR-PERSISTENT-FOLDER:/home ``` ### 🚀 Docker Run ```bash @@ -43,21 +43,22 @@ docker run -d \ --name base-image-debian-rdp-ldap \ --restart unless-stopped \ -e SSSD_DEBUG_LEVEL=5 \ - -e LDAP_URI=ldap://10.0.2.123:389 \ - -e LDAP_BASE_DN=dc=pi-farm,dc=de \ - -e LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de \ - -e LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD \ - -e LDAP_SUDO_GROUP=sudo_users \ - -v ./home:/home \ + -e LDAP_URI=ldap://YOUR-LDAP-SERVER:389 \ + -e LDAP_BASE_DN=dc=YOUR-DOMAIN,dc=LOC \ + -e LDAP_BIND_DN=cn=YOUR-BIND-USER,dc=YOUR-DOMAIN,dc=LOC \ + -e LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-BIND-PASSWORD \ + -e LDAP_SUDO_GROUP=YOUR-SUDO-USERS-GROUP \ + -v ./YOUR-PERSISTENT-FOLDER:/home \ -p 3889 \ git.pi-farm.de/pi-farm/base-image-debian-rdp-ldap:bookworm-de ``` -*Last updated on: 07.04.2026 19:27* +*Last updated on: 09.04.2026 10:11* ### 📜 Version History | Version | Date | Status | | :--- | :--- | :--- | +| **bookworm-de** | 09.04.2026 10:11 | ✅ | | **bookworm-de** | 07.04.2026 19:27 | ✅ | | **bookworm-de** | 07.04.2026 17:38 | ✅ | | **bookworm-de** | 05.04.2026 11:47 | ✅ | diff --git a/VERSION.history b/VERSION.history index 54b152f..4c66ee9 100644 --- a/VERSION.history +++ b/VERSION.history @@ -1,3 +1,4 @@ +| **bookworm-de** | 09.04.2026 10:11 | ✅ | | **bookworm-de** | 07.04.2026 19:27 | ✅ | | **bookworm-de** | 07.04.2026 17:38 | ✅ | | **bookworm-de** | 05.04.2026 11:47 | ✅ | diff --git a/docker-compose.yml b/docker-compose.yml index 6ae0d12..de04786 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,10 +7,10 @@ services: - 3889 environment: - SSSD_DEBUG_LEVEL=5 - - LDAP_URI=ldap://10.0.2.123:389 - - LDAP_BASE_DN=dc=pi-farm,dc=de - - LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de - - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD - - LDAP_SUDO_GROUP=sudo_users + - LDAP_URI=ldap://YOUR-LDAP-SERVER:389 + - LDAP_BASE_DN=dc=YOUR-DOMAIN,dc=LOC + - LDAP_BIND_DN=cn=YOUR-BIND-USER,dc=YOUR-DOMAIN,dc=LOC + - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-BIND-PASSWORD + - LDAP_SUDO_GROUP=YOUR-SUDO-USERS-GROUP volumes: - - ./home:/home + - ./YOUR-PERSISTENT-FOLDER:/home From 8d6eeae9453513b64d6fc3025f5d7e63bbe5c0f1 Mon Sep 17 00:00:00 2001 From: "info@pi-farm.de" Date: Thu, 9 Apr 2026 09:33:22 +0000 Subject: [PATCH 18/18] README.md aktualisiert --- README.md | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/README.md b/README.md index b75c1f7..f8644bc 100644 --- a/README.md +++ b/README.md @@ -59,12 +59,4 @@ docker run -d \ | Version | Date | Status | | :--- | :--- | :--- | | **bookworm-de** | 09.04.2026 10:11 | ✅ | -| **bookworm-de** | 07.04.2026 19:27 | ✅ | -| **bookworm-de** | 07.04.2026 17:38 | ✅ | -| **bookworm-de** | 05.04.2026 11:47 | ✅ | -| **bookworm-de** | 05.04.2026 11:20 | ✅ | -| **bookworm-de** | 04.04.2026 00:31 | ✅ | -| **bookworm-de** | 02.04.2026 17:26 | ✅ | -| **bookworm-de** | 02.04.2026 16:44 | ✅ | -| **bookworm-de** | 02.04.2026 15:37 | ✅ | -| **bookworm** | 02.04.2026 14:15 | ✅ | +