From 87f69077782f3cc46d97fc7577069541f36fa75b Mon Sep 17 00:00:00 2001
From: Robin Appelman <robin@icewind.nl>
Date: Fri, 17 Apr 2026 22:22:24 +0200
Subject: [PATCH] autosetup for ldap

fixes #19
---
 src/service/ldap.rs | 45 ++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 42 insertions(+), 3 deletions(-)

diff --git a/src/service/ldap.rs b/src/service/ldap.rs
index aa082b0..22b7383 100644
--- a/src/service/ldap.rs
+++ b/src/service/ldap.rs
@@ -86,6 +86,47 @@ impl ServiceTrait for Ldap {
     ) -> Result<bool> {
         self.is_running(docker, cloud_id).await
     }
+
+    async fn post_setup(
+        &self,
+        _docker: &Docker,
+        _cloud_id: &str,
+        _config: &HazeConfig,
+    ) -> Result<Vec<String>> {
+        Ok(vec![
+            "occ ldap:create-empty-config".into(),
+            "occ ldap:set-config s01 ldapHost 'ldap://ldap'".into(),
+            "occ ldap:set-config s01 ldapPort '389'".into(),
+            "occ ldap:set-config s01 ldapAgentName 'cn=admin,dc=example,dc=org'".into(),
+            "occ ldap:set-config s01 ldapAgentPassword 'haze'".into(),
+            "occ ldap:set-config s01 ldapBase 'dc=example,dc=org'".into(),
+            "occ ldap:set-config s01 ldapBaseUsers 'dc=example,dc=org'".into(),
+            "occ ldap:set-config s01 ldapBaseGroups 'dc=example,dc=org'".into(),
+            "occ ldap:set-config s01 ldapLoginFilter '(&(&(objectclass=inetOrgPerson))(uid=%uid))'"
+                .into(),
+            "occ ldap:set-config s01 ldapUserFilter '((objectclass=inetOrgPerson))'".into(),
+            "occ ldap:set-config s01 ldapUserFilterMode '0'".into(),
+            "occ ldap:set-config s01 ldapUserDisplayName 'sn'".into(),
+            "occ ldap:set-config s01 ldapUserFilterObjectclass 'inetOrgPerson'".into(),
+            "occ ldap:set-config s01 ldapGroupFilter '(&(|(objectclass=posixGroup)))'".into(),
+            "occ ldap:set-config s01 ldapGroupFilterObjectclass 'posixGroup'".into(),
+            "occ ldap:set-config s01 ldapEmailAttribute 'email'".into(),
+            "occ ldap:set-config s01 ldapUuidUserAttribute 'email'".into(),
+            "occ ldap:set-config s01 ldapUuidUserAttribute 'auto'".into(),
+            "occ ldap:set-config s01 ldapUuidGroupAttribute 'auto'".into(),
+            "occ ldap:set-config s01 ldapLoginFilterUsername '1'".into(),
+            "occ ldap:set-config s01 ldapConfigurationActive '1'".into(),
+        ])
+    }
+
+    async fn start_message(
+        &self,
+        _docker: &Docker,
+        _cloud_id: &str,
+        _proxy: &ProxyConfig,
+    ) -> Result<Option<String>> {
+        Ok(Some(format!("\nLdap users provisioned:\n\t'cn=admin,dc=example,dc=org' and password 'haze'\n\t'cn=ldaptest,dc=example,dc=org' and password 'test'\n\nldaptest is available for login\n")))
+    }
 }
 
 #[derive(Debug, Clone, Eq, PartialEq)]
@@ -185,8 +226,6 @@ impl ServiceTrait for LdapAdmin {
             return Err(Report::msg("ldap admin not started"));
         };
         let addr = proxy.addr(&id, IpAddr::from_str(&ip).unwrap());
-        Ok(Some(format!(
-            "Ldap admin running at: {addr} with 'cn=admin,dc=example,dc=org' and password 'haze'"
-        )))
+        Ok(Some(format!("Ldap admin running at: {addr}")))
     }
 }