d
This commit is contained in:
parent
5960cc1b0b
commit
b1eca2cb82
2 changed files with 79 additions and 4 deletions
77
docker-compose/lldap/docker-compose.yml.j2
Normal file
77
docker-compose/lldap/docker-compose.yml.j2
Normal file
|
@ -0,0 +1,77 @@
|
|||
version: "3"
|
||||
services:
|
||||
######## App ########
|
||||
lldap:
|
||||
image: nitnelave/lldap:v0.5.0
|
||||
container_name: lldap-app
|
||||
restart: always
|
||||
ports:
|
||||
# For LDAP
|
||||
- "3890:3890"
|
||||
# For the web front-end
|
||||
- "17170:17170"
|
||||
networks:
|
||||
- intern
|
||||
- traefik
|
||||
- mail-relay
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- "lldap:/data"
|
||||
environment:
|
||||
UID: 1000
|
||||
GID: 1000
|
||||
LLDAP_HTTP_PORT: 17170
|
||||
LLDAP_HTTP_URL: http://docker10.grote.lan:17170
|
||||
LLDAP_KEY_SEED: ganz_lang
|
||||
LLDAP_VERBOSE: true
|
||||
LLDAP_JWT_SECRET: jwt_secret
|
||||
LLDAP_LDAP_BASE_DN: dc=grote,dc=lan
|
||||
LLDAP_USER_DN: admin
|
||||
LLDAP_LDAP_USER_PASS: user_pass_geheim
|
||||
LLDAP_DATABASE_URL: mysql://lldap-db-user:mysql_password@lldap-db/lldap
|
||||
LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_reset: true
|
||||
LLDAP_SMTP_OPTIONS__FROM: "LLDAP Admin <info@mgrote.net>"
|
||||
LLDAP_SMTP_OPTIONS__REPLY_TO: "Do not reply <info@mgrote.net>"
|
||||
LLDAP_SMTP_OPTIONS__SERVER: mail-relay
|
||||
LLDAP_SMTP_OPTIONS__PORT: 25
|
||||
LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION: NONE
|
||||
LLDAP_SMTP_OPTIONS__USER: info@mgrote.net
|
||||
|
||||
######## DB ########
|
||||
lldap-db:
|
||||
image: mariadb:10.6.14
|
||||
container_name: lldap-db
|
||||
restart: always
|
||||
volumes:
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
- db:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=mysql_root_password
|
||||
- MYSQL_PASSWORD=mysql_password
|
||||
- MYSQL_DATABASE=lldap
|
||||
- MYSQL_USER=lldap-db-user
|
||||
- MYSQL_INITDB_SKIP_TZINFO=1
|
||||
networks:
|
||||
- intern
|
||||
|
||||
######## Volumes ########
|
||||
volumes:
|
||||
lldap:
|
||||
db:
|
||||
######## Networks ########
|
||||
networks:
|
||||
intern:
|
||||
traefik:
|
||||
external: true
|
||||
mail-relay:
|
||||
external: true
|
||||
auth:
|
||||
external: true
|
||||
# ToDo
|
||||
# Secrets
|
||||
# db heraltcheck
|
||||
# https://github.com/lldap/lldap/blob/main/example_configs/keycloak.md
|
||||
# secrets in ekycloak anapssen
|
||||
# dashbaord
|
|
@ -56,8 +56,6 @@ compose_files:
|
|||
- name: navidrome
|
||||
state: present
|
||||
network: traefik
|
||||
- name: watchtower
|
||||
state: absent
|
||||
- name: routeros-config-export
|
||||
state: present
|
||||
- name: mail-relay
|
||||
|
@ -69,8 +67,8 @@ compose_files:
|
|||
- name: wiki
|
||||
state: present
|
||||
network: traefik
|
||||
- name: statping-ng
|
||||
state: absent
|
||||
- name: lldap
|
||||
state: present
|
||||
|
||||
### oefenweb.ufw
|
||||
ufw_rules:
|
||||
|
|
Loading…
Reference in a new issue