78 lines
2.5 KiB
Django/Jinja
78 lines
2.5 KiB
Django/Jinja
version: "3"
|
|
services:
|
|
######## App ########
|
|
lldap:
|
|
image: nitnelave/lldap:stable
|
|
container_name: lldap-app
|
|
restart: always
|
|
ports:
|
|
# For LDAP
|
|
- "3890:3890"
|
|
# For the web front-end
|
|
- "17170:17170"
|
|
networks:
|
|
- intern
|
|
- nw_aaa
|
|
- traefik
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- "lldap:/data"
|
|
environment:
|
|
- UID=1000
|
|
- GID=1000
|
|
- LLDAP_JWT_SECRET={{ lookup('keepass', 'LLDAP_JWT_SECRET', 'password') }}
|
|
- LLDAP_LDAP_USER_PASS={{ lookup('keepass', 'LLDAP_LDAP_USER_PASS', 'password') }}
|
|
#- LLDAP_USER_DN="LLDAP-ADMIN"
|
|
- LLDAP_LDAP_BASE_DN=dc=grote,dc=lan
|
|
- LLDAP_DATABASE_URL=mysql://lldap-db-user:{{ lookup('keepass', 'LLDAP_MYSQL_PASSWORD', 'password') }}@lldap-db/lldap
|
|
- LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_reset=true
|
|
- LLDAP_SMTP_OPTIONS__SERVER=smtp.strato.de
|
|
- LLDAP_SMTP_OPTIONS__PORT=587
|
|
- LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=STARTTLS
|
|
- LLDAP_SMTP_OPTIONS__USER=info@mgrote.net
|
|
- LLDAP_SMTP_OPTIONS__PASSWORD={{ lookup('keepass', 'postfix_absender_passwort', 'password') }}
|
|
- LLDAP_SMTP_OPTIONS__FROM="LLDAP Admin <info@mgrote.net>"
|
|
- LLDAP_SMTP_OPTIONS__REPLY_TO="Do not reply <info@mgrote.net>"
|
|
#- LLDAP_KEY_FILE={{ lookup('keepass', 'LLDAP_KEY_FILE', 'password') }}
|
|
#- LLDAP_VERBOSE=true
|
|
- LLDAP_HTTP_URL="http://docker10.grote.lan:17170" # The public URL of the server, for password reset links.
|
|
labels:
|
|
- com.centurylinklabs.watchtower.enable=true
|
|
- com.centurylinklabs.watchtower.depends-on=lldap-db
|
|
######## DB ########
|
|
nextcloud-db:
|
|
image: mariadb:10
|
|
container_name: lldap-db
|
|
restart: always
|
|
volumes:
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- db:/var/lib/mysql
|
|
environment:
|
|
- MYSQL_ROOT_PASSWORD={{ lookup('keepass', 'LLDAP_MYSQL_ROOT_PASSWORD', 'password') }}
|
|
- MYSQL_PASSWORD={{ lookup('keepass', 'LLDAP_MYSQL_PASSWORD', 'password') }}
|
|
- MYSQL_DATABASE=lldap
|
|
- MYSQL_USER=lldap-db-user
|
|
- MYSQL_INITDB_SKIP_TZINFO=1
|
|
networks:
|
|
- intern
|
|
labels:
|
|
- com.centurylinklabs.watchtower.enable=true
|
|
|
|
######## Volumes ########
|
|
volumes:
|
|
lldap:
|
|
db:
|
|
######## Networks ########
|
|
networks:
|
|
nw_aaa:
|
|
external: true
|
|
intern:
|
|
traefik:
|
|
external: true
|
|
|
|
|
|
## (example with "password"): - LLDAP_SMTP_OPTIONS__PASSWORD
|
|
## Whether to enabled password reset via email, from LLDAP.
|