{{ file_header | default () }} ## Tune the logging to be more verbose by setting this to be true. ## You can set it with the LLDAP_VERBOSE environment variable. verbose={{ lldap_logging_verbose }} ## The host address that the LDAP server will be bound to. ## To enable IPv6 support, simply switch "ldap_host" to "::": ## To only allow connections from localhost (if you want to restrict to local self-hosted services), ## change it to "127.0.0.1" ("::1" in case of IPv6)". ldap_host = "{{ lldap_ldap_host }}" ## The port on which to have the LDAP server. #ldap_port = 3890 ## The host address that the HTTP server will be bound to. ## To enable IPv6 support, simply switch "http_host" to "::". ## To only allow connections from localhost (if you want to restrict to local self-hosted services), ## change it to "127.0.0.1" ("::1" in case of IPv6)". http_host = "{{ lldap_http_host }}" ## The port on which to have the HTTP server, for user login and ## administration. http_port = {{ lldap_http_port }} ## The public URL of the server, for password reset links. http_url = "{{ lldap_public_url }}" ## Random secret for JWT signature. ## This secret should be random, and should be shared with application ## servers that need to consume the JWTs. ## Changing this secret will invalidate all user sessions and require ## them to re-login. ## You should probably set it through the LLDAP_JWT_SECRET environment ## variable from a secret ".env" file. ## This can also be set from a file's contents by specifying the file path ## in the LLDAP_JWT_SECRET_FILE environment variable ## You can generate it with (on linux): ## LC_ALL=C tr -dc 'A-Za-z0-9!#%&'\''()*+,-./:;<=>?@[\]^_{|}~' . from="{{ lldap_smtp_from }}" ## Same for reply-to, optional. reply_to="{{ lldap_smtp_reply_to }}" ## Options to configure LDAPS. ## To set these options from environment variables, use the following format ## (example with "port"): LLDAP_LDAPS_OPTIONS__PORT [ldaps_options] ## Whether to enable LDAPS. #enabled=true ## Port on which to listen. #port=6360 ## Certificate file. #cert_file="/data/cert.pem" ## Certificate key file. #key_file="/data/key.pem"