first commit

dockers/ldap/base/acl.ldif.tmpl

@@ -0,0 +1,21 @@
+dn: olcDatabase={2}mdb,cn=config
+changeType: modify
+replace: olcAccess
+olcAccess: {0}to attrs=userPassword,shadowLastChange
+  by self write
+  by anonymous auth
+  by dn="cn=ldapui,ou=applications,$LDAPROOT" write
+  by dn="$BINDDN" write
+  by * none
+olcAccess: {1}to dn.subtree="$LDAPROOT"
+  by self read
+  by dn="cn=ldapui,ou=applications,$LDAPROOT" read
+  by dn="cn=postfix,ou=applications,$LDAPROOT" read
+  by dn="cn=mattermost,ou=applications,$LDAPROOT" read
+  by dn="cn=cloud,ou=applications,$LDAPROOT" read
+  by dn="cn=mobilizon,ou=applications,$LDAPROOT" read
+  by dn="$BINDDN" write
+  by * none
+olcAccess: {2}to *
+  by dn="$BINDDN" write
+  by * none