entrypoint.sh

#!/bin/bash
#
# Wraps samba provisionnement and execution
#
# Provision Samba on first startup.
# /etc/samba/smb.conf is always generated as an include of /etc/samba/smb.conf.d/*.conf.
#
# Sources shell scripts in /docker-entrypoint-init.d/ in lexicographical order.
# Copies conf files from /docker-entrypoint-init.d/ to /etc/samba/smb.conf.d/.
#
# Executes samba foreground. Allow CLI argument are passed to samba.

set -euo pipefail

main() {
	exec 0<&- # close stdin
	samba --show-build
	if ! [ -d /etc/samba/smb.conf.d ] ; then
		setup
	fi
	configure_samba
	log "Executing $*"
	exec "$@"
}

setup() {
	log "Provionning Samba"
	mkdir -p /etc/samba/smb.conf.d/
	touch /etc/samba/smb.conf
	mv --no-clobber /etc/samba/smb.conf /etc/samba/smb.conf.d/00-default.conf
	# acl_xattr options comes from https://lists.samba.org/archive/samba/2021-February/234326.html
	samba-tool domain provision \
		--use-rfc2307 \
		--realm="$REALM" \
		--domain="${DOMAIN-ad}" \
		--server-role=dc \
		--dns-backend="${DNS_BACKEND-SAMBA_INTERNAL}" \
		--adminpass="$ADMIN_PASS" \
		--option="vfs objects = dfs_samba4 posixacl nfs4acl_xattr acl_xattr" \
		--option="nfs4acl_xattr:encoding = nfs" \
		--option="nfs4acl_xattr:version = 41" \
		--option="nfs4acl_xattr:default acl style = windows" \
		--option="nfs4acl_xattr:xattr_name = user.nfs4_acl" \
		;
	mv /etc/samba/smb.conf /etc/samba/smb.conf.d/00-provision.conf
	configure_samba
	load_entrypoint_initd
}

load_entrypoint_initd() {
	for f in $(find /docker-entrypoint-init.d/ -type f | sort); do
		case $f in
			*.conf)
				cp -vf "$f" /etc/samba/smb.conf.d/
				;;
			# *.ldif)
			# 	addormodify "$f"
			# 	;;
			*.sh)
				# shellcheck source=/dev/null
				. "$f" ;;
			*)
				: ignoring "$f"
				;;
		esac
	done
}

addormodify() {
	# shellcheck disable=SC2016
	local substitutions='${LDAPBASE} ${LDAP_BACKEND} ${LDAP_DOMAIN}'
	if grep -q changetype "$1" ; then
		cmd=ldbmodify
	else
		cmd=ldbadd
	fi
	log "$cmd $1"
	envsubst "$substitutions" <"$1" | LDB_MODULES_PATH=/usr/lib/samba/ldb $cmd -H /var/lib/samba/private/sam.ldb
}

configure_samba() {
	generate_samba_includes > /etc/samba/smb.conf
	cat /etc/samba/smb.conf >&2
	testparm --suppress-prompt --verbose
}

generate_samba_includes() {
	cat <<-EOF
	# Generated by $0
	[global]
	EOF
	for f in $(find /etc/samba/smb.conf.d/*.conf | sort) ; do
		cat <<EOF
	include = $f
EOF
	done
}

log() {
	echo "$*" >&2
}

main "$@"