From 2926f73181b7791f5f2c1bde846f61be6f0d8f36 Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Wed, 22 Nov 2023 06:07:31 +0100 Subject: [PATCH 1/2] images: Go back to Fmstrat/samba-domain container Commit 392d6b21a15 moved to quay.io/samba.org/samba-ad-server, but this has a serious and difficult bug [1] with connecting to the Global Directory. Go back to the previous https://github.com/Fmstrat/samba-domain container. The official dockerhub image actually works very well now, but we still have to build ourselves due to the docker.io pull rate limits. Also don't re-add the external volumes -- we are not interested in permanently keeping any Samba data. [1] https://github.com/samba-in-kubernetes/samba-container/issues/160 --- images/scripts/services.setup | 56 +++++++++++++++++------------------ 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/images/scripts/services.setup b/images/scripts/services.setup index ff1dc26ef8..d72bf39952 100755 --- a/images/scripts/services.setup +++ b/images/scripts/services.setup @@ -66,37 +66,37 @@ poweroff # ############# -cat < /root/samba-ad.json -{ - "samba-container-config": "v0", - "configs": { - "demo": { - "instance_features": ["addc"], - "domain_settings": "sink", - "instance_name": "f0" - } - }, - "domain_settings": { - "sink": { - "realm": "COCKPIT.LAN", - "short_domain": "COCKPIT", - "admin_password": "foobarFoo123" - } - } -} -EOF - -# See https://github.com/samba-in-kubernetes/samba-container#ad-dc -podman pull quay.io/samba.org/samba-ad-server +# See https://github.com/Fmstrat/samba-domain ; docker.io/nowsci/samba-domain works fine +# but we have to build ourselves due to docker pull rate limits +git clone --depth=1 https://github.com/Fmstrat/samba-domain /var/tmp/samba-domain +# avoid pulling ubuntu base image from dockerhub +sed -i '/^FROM/ s|ubuntu:22.04|quay.io/bedrock/ubuntu:jammy|' /var/tmp/samba-domain/Dockerfile +podman build -t localhost/samba-domain /var/tmp/samba-domain cat < /root/run-samba-domain -# conflicts with samba's DNS -systemctl stop systemd-resolved -podman run -d -it --rm --name samba \ - --privileged --network=host \ - -v /root/samba-ad.json:/etc/samba/container.json \ +podman run -d -it --rm --privileged --name samba \ + -e "DOMAIN=COCKPIT.LAN" \ + -e "DOMAINPASS=foobarFoo123" \ + -e "DNSFORWARDER=172.27.0.3" \ + -e "HOSTIP=$SERVER_IP" \ + -p $SERVER_IP:53:53 \ + -p $SERVER_IP:53:53/udp \ + -p 88:88 \ + -p 88:88/udp \ + -p 135:135 \ + -p 137-138:137-138/udp \ + -p 139:139 \ + -p 389:389 \ + -p 389:389/udp \ + -p 445:445 \ + -p 464:464 \ + -p 464:464/udp \ + -p 636:636 \ + -p 1024-1044:1024-1044 \ + -p 3268-3269:3268-3269 \ + --add-host services.cockpit.lan:$SERVER_IP \ -h f0.cockpit.lan \ - quay.io/samba.org/samba-ad-server + localhost/samba-domain EOF chmod 755 /root/run-samba-domain From 41012fea74e06336ebab614a7b32a6c5c633a476 Mon Sep 17 00:00:00 2001 From: Cockpituous Date: Wed, 22 Nov 2023 05:46:54 +0000 Subject: [PATCH 2/2] images: Update services image --- images/services | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/images/services b/images/services index d3eb1ff513..66e15bea52 120000 --- a/images/services +++ b/images/services @@ -1 +1 @@ -services-292d6d548f4e09ca54b12c7930c0eab19706946ee856a0f383e1354b2db51ed0.qcow2 \ No newline at end of file +services-36473e0bca2c9eb6f1a4502b02d282afed3481a699aff18a417df7fbb35dc7ec.qcow2 \ No newline at end of file