services: lldap: image: lldap/lldap:v0.6.0 container_name: lldap restart: unless-stopped pull_policy: missing ports: - "3890:3890" - "17170:17170" # front-end; ueber traefik # auskommentieren wenn fertig volumes: - "lldap_data:/data" - "./lldap_config.toml:/data/lldap_config.toml" environment: TZ: Europe/Berlin networks: - traefik - postfix - internal depends_on: - lldap-db17 # labels: # traefik.enable: true # traefik.http.routers.lldap.service: lldap # traefik.http.routers.lldap.priority: "10" # traefik.http.routers.lldap.rule: Host(`ldap.mgrote.net`) # traefik.http.routers.lldap.tls: true # traefik.http.routers.lldap.tls.certresolver: resolver_letsencrypt # traefik.http.routers.lldap.entrypoints: entry_https # traefik.http.services.lldap.loadbalancer.server.port: 17170 ######## Postgres ######## lldap-db17: container_name: "lldap-db" image: "postgres:17.0" restart: unless-stopped pull_policy: missing environment: POSTGRES_USER: lldap POSTGRES_PASSWORD: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_db_pass', 'password') }}" TZ: Europe/Berlin volumes: - db17:/var/lib/postgresql/data networks: - internal healthcheck: test: ["CMD", "pg_isready", "-U", "lldap"] interval: 10s start_period: 30s ######## Networks ######## networks: traefik: external: true postfix: external: true internal: ######## Volumes ######## volumes: lldap_data: db17: # chedckliste # backups pve/pbs löschen # munin + lldap mit 2fa # vm loschen + checkliste dafür # traefik aktivieren mit authelia und 2fa # pr mergen # doku anpassen # hinweis kein shell login via ldap wg zirkelschluss #c chek renovate # snaps löschen # änderungen aus fv0.6.0 teste und einbauen # todoist abhaken