version: "3" services: ######## App ######## lldap: image: nitnelave/lldap:v0.5.0 container_name: lldap-app restart: always ports: # For LDAP - "3890:3890" # For the web front-end - "17170:17170" networks: - intern - traefik - mail-relay volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - "lldap:/data" environment: UID: 1000 GID: 1000 LLDAP_HTTP_PORT: 17170 LLDAP_HTTP_URL: http://docker10.grote.lan:17170 LLDAP_KEY_SEED: "{{ lookup('keepass', 'lldap_key_seed', 'password') }}" LLDAP_VERBOSE: true LLDAP_JWT_SECRET: "{{ lookup('keepass', 'lldap_jwt_secret', 'password') }}" LLDAP_LDAP_BASE_DN: dc=grote,dc=lan LLDAP_USER_DN: admin LLDAP_LDAP_USER_PASS: "{{ lookup('keepass', 'lldap_ldap_user_pass', 'password') }}" LLDAP_DATABASE_URL: mysql://lldap-db-user:"{{ lookup('keepass', 'lldap_mysql_password', 'password') }}"@lldap-db/lldap LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_reset: true LLDAP_SMTP_OPTIONS__FROM: "LLDAP Admin " LLDAP_SMTP_OPTIONS__REPLY_TO: "Do not reply " LLDAP_SMTP_OPTIONS__SERVER: mail-relay LLDAP_SMTP_OPTIONS__PORT: 25 LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION: NONE LLDAP_SMTP_OPTIONS__USER: info@mgrote.net ######## DB ######## lldap-db: image: mariadb:10.6.14 container_name: lldap-db restart: always volumes: - /etc/localtime:/etc/localtime:ro - /etc/timezone:/etc/timezone:ro - db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD="{{ lookup('keepass', 'lldap_mysql_root_password', 'password') }}" - MYSQL_PASSWORD="{{ lookup('keepass', 'lldap_mysql_password', 'password') }}" - MYSQL_DATABASE=lldap - MYSQL_USER=lldap-db-user - MYSQL_INITDB_SKIP_TZINFO=1 networks: - intern ######## Volumes ######## volumes: lldap: db: ######## Networks ######## networks: intern: traefik: external: true mail-relay: external: true auth: external: true # ToDo # Secrets # db heraltcheck # https://github.com/lldap/lldap/blob/main/example_configs/keycloak.md # secrets in ekycloak anapssen # dashbaord