Initial Commit

2024-04-04 18:08:23 -06:00 · 2024-04-04 18:08:23 -06:00 · cd2794622d
commit cd2794622d
parent c14b9d4d98
5 changed files with 91 additions and 0 deletions
--- a/24
+++ b/24
@ -0,0 +1,24 @@
+FROM ubuntu:20.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TZ=America/Denver
+
+RUN apt-get update && apt-get install -y --no-install-recommends tzdata samba krb5-user libpam-krb5 libnss-winbind libpam-winbind iputils-ping && \
+    ln -fs /usr/share/zoneinfo/$TZ /etc/localtime && \
+    dpkg-reconfigure --frontend noninteractive tzdata && \
+    rm -rf /var/lib/apt/lists/*
+
+COPY smb.conf /etc/samba/smb.conf
+COPY krb5.conf /etc/krb5.conf
+COPY entrypoint.sh /entrypoint.sh
+
+# Validate the smb.conf file
+RUN testparm -s /etc/samba/smb.conf
+
+# Create the directory and change its ownership and permissions
+RUN mkdir -p /mnt/example && chown nobody:nogroup /mnt/example && chmod 777 /mnt/example
+
+# Set executable permissions for the entrypoint script
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,18 @@
+version: '3'
+services:
+  ad-samba:
+    build:
+      context: /srv/smb-abstraction-container
+    volumes:
+      - /srv/smb-abstraction-container/exampledata:/mnt/example
+    ports:
+      - 137:137/udp
+      - 138:138/udp
+      - 139:139
+      - 445:445
+    networks:
+        docker_network:
+          ipv4_address: 192.168.5.231
+networks:
+  docker_network:
+    external: true
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,15 @@
+#!/bin/bash
+# Modify the DNS configuration in /etc/resolv.conf
+echo "nameserver 192.168.3.10" > /etc/resolv.conf && \
+echo "nameserver 192.168.3.11" >> /etc/resolv.conf
+
+# Map nexus-dc-01.moongate.local to 192.168.3.10 in /etc/hosts
+echo "192.168.3.10    nexus-dc-01.moongate.local" >> /etc/hosts
+echo "192.168.3.11    nexus-dc-02.moongate.local" >> /etc/hosts
+echo "192.168.3.10    nexus-dc-01" >> /etc/hosts
+echo "192.168.3.11    nexus-dc-02" >> /etc/hosts
+
+#Start the necessary services
+service winbind start
+service smbd start
+tail -f /dev/null
--- a/krb5.conf
+++ b/krb5.conf
@ -0,0 +1,12 @@
+[libdefaults]
+    default_realm = MOONGATE.LOCAL
+
+[realms]
+    MOONGATE.LOCAL = {
+        kdc = nexus-dc-01.moongate.local
+        admin_server = nexus-dc-01.moongate.local
+    }
+
+[domain_realm]
+    .moongate.local = MOONGATE.LOCAL
+    moongate.local = MOONGATE.LOCAL
--- a/smb.conf
+++ b/smb.conf
@ -0,0 +1,22 @@
+[global]
+   workgroup = MOONGATE
+   security = ads
+   realm = MOONGATE.LOCAL
+   kerberos method = secrets and keytab
+   winbind refresh tickets = Yes
+   vfs objects = acl_xattr
+   map acl inherit = Yes
+   store dos attributes = Yes
+
+   idmap config * : backend = tdb
+   idmap config * : range = 3000-7999
+   idmap config MOONGATE : backend = rid
+   idmap config MOONGATE : range = 10000-999999
+   template shell = /bin/bash
+   winbind use default domain = yes
+   winbind offline logon = true
+
+[example]
+   path = /mnt/example
+   read only = no
+   valid users = @"MOONGATE\reconstructionlab"