homeserver/docker-compose/lldap/docker-compose.yml.j2
Michael Grote 888b226f27 depend
Signed-off-by: Michael Grote <michael.grote@posteo.de>
2024-11-15 18:47:44 +00:00

74 lines
1.9 KiB
Django/Jinja

services:
lldap:
image: lldap/lldap:v0.6.0
container_name: lldap
restart: unless-stopped
pull_policy: missing
ports:
- "3890:3890"
- "17170:17170" # front-end; ueber traefik # auskommentieren wenn fertig
volumes:
- "lldap_data:/data"
- "./lldap_config.toml:/data/lldap_config.toml"
environment:
TZ: Europe/Berlin
networks:
- traefik
- postfix
- internal
depends_on:
- lldap-db17
# labels:
# traefik.enable: true
# traefik.http.routers.lldap.service: lldap
# traefik.http.routers.lldap.priority: "10"
# traefik.http.routers.lldap.rule: Host(`ldap.mgrote.net`)
# traefik.http.routers.lldap.tls: true
# traefik.http.routers.lldap.tls.certresolver: resolver_letsencrypt
# traefik.http.routers.lldap.entrypoints: entry_https
# traefik.http.services.lldap.loadbalancer.server.port: 17170
######## Postgres ########
lldap-db17:
container_name: "lldap-db"
image: "postgres:17.0"
restart: unless-stopped
pull_policy: missing
environment:
POSTGRES_USER: lldap
POSTGRES_PASSWORD: "{{ lookup('viczem.keepass.keepass', 'lldap/lldap_db_pass', 'password') }}"
TZ: Europe/Berlin
volumes:
- db17:/var/lib/postgresql/data
networks:
- internal
healthcheck:
test: ["CMD", "pg_isready", "-U", "lldap"]
interval: 10s
start_period: 30s
######## Networks ########
networks:
traefik:
external: true
postfix:
external: true
internal:
######## Volumes ########
volumes:
lldap_data:
db17:
# chedckliste
# backups pve/pbs löschen
# munin + lldap mit 2fa
# vm loschen + checkliste dafür
# traefik aktivieren mit authelia und 2fa
# pr mergen
# doku anpassen
# hinweis kein shell login via ldap wg zirkelschluss
#c chek renovate
# snaps löschen
# änderungen aus fv0.6.0 teste und einbauen
# todoist abhaken