From b6f66e8e2594ea7fa732f34218272981964e0346 Mon Sep 17 00:00:00 2001
From: Elias Hackradt <elias.hackradt@gzevd.de>
Date: Sun, 11 Jul 2021 22:28:37 +0200
Subject: [PATCH] Added initial LDAP Vars and cloudon addon

---
 CloudronManifest.json |  3 ++-
 start.sh              | 15 ++++++++++++---
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/CloudronManifest.json b/CloudronManifest.json
index 264165e..bed69fa 100644
--- a/CloudronManifest.json
+++ b/CloudronManifest.json
@@ -16,7 +16,8 @@
     }
   },
   "addons": {
-    "localstorage": {}
+    "localstorage": {},
+    "ldap": {}
   },
   "manifestVersion": 2,
   "website": "http://www.minio.io",
diff --git a/start.sh b/start.sh
index 096f0d3..4bcac3c 100755
--- a/start.sh
+++ b/start.sh
@@ -11,10 +11,19 @@ echo "==> Changing ownership"
 
 if [[ ! -f /app/data/env.sh ]]; then
     echo -e "# Add custom minio configuration to this file. Restart the app for changes to take effect.\n\nexport CLOUDRON_MINIO_STARTUP_ARGS='server /app/data/data'" > /app/data/env.sh
+    # https://github.com/minio/minio#things-to-consider
     echo -e "MINIO_BROWSER_REDIRECT_URI=$(echo $CLOUDRON_APP_ORIGIN)" >> /app/data/env.sh
-    # echo -e "CONSOLE_PBKDF_PASSPHRASE=$(openssl rand -hex 64)" >> /app/data/env.sh
-    # echo -e "CONSOLE_PBKDF_SALT=$(openssl rand -hex 64)" >> /app/data/env.sh
-    # echo -e "CONSOLE_MINIO_SERVER=http://localhost:9000" >> /app/data/env.sh
+    # https://github.com/minio/minio/blob/master/docs/sts/ldap.md
+    # (address)   AD/LDAP server address e.g. "myldapserver.com:636"
+    echo -e "MINIO_IDENTITY_LDAP_SERVER_ADDR*=$(echo $CLOUDRON_LDAP_URL)" >> /app/data/env.sh
+    # (string)    DN for LDAP read-only service account used to perform DN and group lookups
+    echo -e "MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN=$(echo $CLOUDRON_LDAP_BIND_DN)" >> /app/data/env.sh
+    # (string)    Password for LDAP read-only service account used to perform DN and group lookups
+    echo -e "MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD=$(echo $CLOUDRON_LDAP_BIND_PASSWORD)" >> /app/data/env.sh
+    # (string)    Base LDAP DN to search for user DN
+    echo -e "MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN=$(echo $CLOUDRON_LDAP_USERS_BASE_DN)" >> /app/data/env.sh
+    # (string)    Search filter to lookup user DN
+    echo -e "MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER=(&(objectclass=user)(|(username=%uid)(mail=%uid)))" >> /app/data/env.sh
 fi
 
 source /app/data/env.sh