源码地址:https://github.com/ltb-project/self-service-password
官方文档 :https://self-service-password.readthedocs.io/en/latest/
1.创建配置文件
mkdir -p /opt/ssp
cd /opt/ssp
vim ssp.conf.php
2.在ssp.conf.php其中输入如下配置选项,具体参数按照LDAP的实际参数。
// My SSP configuration
$keyphrase = "mysecret";
$debug = false;
$use_captcha = true;
$ldap_url = "ldap://192.168.1.201:389";
$ldap_binddn = "cn=admin,dc=export,dc=com";
$ldap_bindpw = "123456";
$ldap_base = "dc=export,dc=com";
?>
3.通过docker启动自服务平台
docker run -p 9080:80 \
--restart=always \
--name selfServicePassword \
-v $PWD/ssp.conf.php:/var/www/conf/config.inc.local.php \
-itd docker.io/ltbproject/self-service-password:1.5
4.访问自服务平台,网址为搭建LDAP用户密码自服务平台的服务器IP
http://192.168.1.201:9080/
5.测试能否修改密码—PASS
搭建过程中问题记录:
docker: Error response from daemon: driver failed programming external connectivity on endpoint selfServicePassword2 (c073f52d6ebd72e965bca873adb13d929e2558fa655b5b1488cd2c05230f454d): (iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 9080 -j DNAT --to-destination 172.17.0.4:80 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1)).
根据错误信息显示,Docker daemon 在设置容器的网络连接时遇到了问题。具体来说,它无法找到所需的 iptables 规则。重启docker服务可解决。
sudo systemctl restart docker