2024-11-14 14:37:54 +01:00
|
|
|
services:
|
|
|
|
lldap:
|
|
|
|
image: lldap/lldap:v0.6.0
|
|
|
|
container_name: lldap
|
|
|
|
restart: unless-stopped
|
|
|
|
pull_policy: missing
|
|
|
|
ports:
|
|
|
|
- "3890:3890"
|
2024-11-14 15:37:28 +01:00
|
|
|
- "17170:17170" # front-end; ueber traefik # auskommentieren wenn fertig
|
2024-11-14 14:37:54 +01:00
|
|
|
volumes:
|
|
|
|
- "lldap_data:/data"
|
|
|
|
- "./lldap_config.toml:/data/lldap_config.toml"
|
|
|
|
environment:
|
|
|
|
TZ: Europe/Berlin
|
|
|
|
networks:
|
|
|
|
- traefik
|
|
|
|
- postfix
|
|
|
|
- internal
|
2024-11-14 15:37:28 +01:00
|
|
|
# labels:
|
|
|
|
# traefik.enable: true
|
|
|
|
# traefik.http.routers.lldap.service: lldap
|
|
|
|
# traefik.http.routers.lldap.priority: "10"
|
|
|
|
# traefik.http.routers.lldap.rule: Host(`ldap.mgrote.net`)
|
|
|
|
# traefik.http.routers.lldap.tls: true
|
|
|
|
# traefik.http.routers.lldap.tls.certresolver: resolver_letsencrypt
|
|
|
|
# traefik.http.routers.lldap.entrypoints: entry_https
|
|
|
|
# traefik.http.services.lldap.loadbalancer.server.port: 17170
|
2024-11-14 14:37:54 +01:00
|
|
|
#healthcheck: # https://github.com/lldap/lldap/issues/18389
|
|
|
|
# test: ["CMD", "mc", "ready", "local"]
|
|
|
|
# interval: 5s
|
|
|
|
# timeout: 5s
|
|
|
|
# retries: 5
|
|
|
|
|
|
|
|
######## Postgres ########
|
|
|
|
lldap-db17:
|
|
|
|
container_name: "lldap-db"
|
|
|
|
image: "postgres:17.0"
|
|
|
|
restart: unless-stopped
|
|
|
|
pull_policy: missing
|
|
|
|
environment:
|
|
|
|
POSTGRES_USER: lldap
|
|
|
|
POSTGRES_PASSWORD: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_db_pass', 'password') }}"
|
|
|
|
TZ: Europe/Berlin
|
|
|
|
volumes:
|
|
|
|
- db17:/var/lib/postgresql/data
|
|
|
|
networks:
|
|
|
|
- internal
|
|
|
|
healthcheck:
|
|
|
|
test: ["CMD", "pg_isready", "-U", "lldap"]
|
|
|
|
interval: 10s
|
|
|
|
start_period: 30s
|
|
|
|
|
|
|
|
######## Networks ########
|
|
|
|
networks:
|
|
|
|
traefik:
|
|
|
|
external: true
|
|
|
|
postfix:
|
|
|
|
external: true
|
2024-11-14 15:37:28 +01:00
|
|
|
internal:
|
2024-11-14 14:37:54 +01:00
|
|
|
|
|
|
|
######## Volumes ########
|
|
|
|
volumes:
|
|
|
|
lldap_data:
|
|
|
|
db17:
|
|
|
|
|
|
|
|
# todo heatclheck
|
2024-11-14 15:37:28 +01:00
|
|
|
# rolle in friedho
|
|
|
|
# munin url
|
|
|
|
# chedckliste
|
|
|
|
# backups pve/pbs löschen
|
|
|
|
# depends_on
|
2024-11-14 16:10:18 +01:00
|
|
|
# munin + lldap mit 2fa
|
2024-11-14 16:13:32 +01:00
|
|
|
# vm loschen + checkliste dafür
|
|
|
|
# traefik aktivieren mit authelia und 2fa
|
|
|
|
# pr mergen
|
|
|
|
# doku anpassen
|
|
|
|
# hinweis kein shell login via ldap wg zirkelschluss
|
|
|
|
#c chek renovate
|
|
|
|
# snaps löschen
|
|
|
|
# änderungen aus fv0.6.0 teste und einbauen
|
|
|
|
# todoist abhaken
|