From 195962c29182383e255b920a01bbd4e7803f2b75 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Fri, 18 Jul 2025 17:28:04 +0200
Subject: [PATCH] Initial commit

---
 .drone-manifest.yml | 22 ++++++++++++++++++++++
 .woodpecker.yaml    | 36 ++++++++++++++++++++++++++++++++++++
 Dockerfile          |  8 ++++++++
 entrypoint.sh       | 22 ++++++++++++++++++++++
 4 files changed, 88 insertions(+)
 create mode 100644 .drone-manifest.yml
 create mode 100644 .woodpecker.yaml
 create mode 100644 Dockerfile
 create mode 100755 entrypoint.sh

diff --git a/.drone-manifest.yml b/.drone-manifest.yml
new file mode 100644
index 0000000..0a01ef6
--- /dev/null
+++ b/.drone-manifest.yml
@@ -0,0 +1,22 @@
+image: nemunaire/saslauthd:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}
+{{/each}}
+{{/if}}
+manifests:
+  - image: nemunaire/saslauthd:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  - image: nemunaire/saslauthd:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8
+  - image: nemunaire/saslauthd:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
+    platform:
+      architecture: arm
+      os: linux
+      variant: v7
diff --git a/.woodpecker.yaml b/.woodpecker.yaml
new file mode 100644
index 0000000..0949434
--- /dev/null
+++ b/.woodpecker.yaml
@@ -0,0 +1,36 @@
+matrix:
+  platform:
+    - linux/amd64
+    - linux/arm64
+
+labels:
+  platform: ${platform}
+
+when:
+  event:
+    - push
+    - tag
+    - cron
+
+steps:
+  build-container:
+    image: plugins/docker
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: nemunaire/saslauthd
+      auto_tag: true
+      auto_tag_suffix: "${platform%/*}-${platform#*/}"
+
+  publish-manifest:
+    image: plugins/manifest
+    settings:
+      auto_tag: true
+      ignore_missing: true
+      spec: .drone-manifest.yml
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..35cfed6
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,8 @@
+FROM debian:stable-slim
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["/usr/sbin/saslauthd", "-d", "-a", "ldap", "-O", "/etc/sasl2/saslauthd.conf"]
+
+COPY entrypoint.sh /docker-entrypoint.sh
+
+RUN apt update && DEBIAN_FRONTEND=noninteractive apt install -y sasl2-bin libsasl2-modules-ldap && rm -rf /var/lib/apt/lists/*
diff --git a/entrypoint.sh b/entrypoint.sh
new file mode 100755
index 0000000..04274cd
--- /dev/null
+++ b/entrypoint.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+mkdir -p /etc/sasl2/
+
+cat <<EOF > /etc/sasl2/saslauthd.conf
+ldap_servers: ${LDAP_SERVERS}
+ldap_search_base: ${LDAP_SEARCH_BASE}
+ldap_scope: ${LDAP_SCOPE:-sub}
+ldap_filter: ${LDAP_FILTER}
+ldap_bind_dn: ${LDAP_BIND_DN}
+ldap_bind_pw: ${LDAP_BIND_PW}
+ldap_auth_method: ${LDAP_AUTH_METHOD:-bind}
+ldap_deref: ${LDAP_DEREF:-find}
+ldap_ssl: ${LDAP_SSL:-on}
+ldap_tls_cacert_dir: ${LDAP_TLS_CACERT_DIR:-/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt}
+
+ldap_group_attr: ${LDAP_GROUP_ATTR:-member}
+ldap_group_dn: ${LDAP_GROUP_DN}
+ldap_group_match_method: ${LDAP_GROUP_MATCH_METHOD:-attr}
+EOF
+
+exec $@