KazV2/dockers/ldap/docker-compose.yml

# https://github.com/bitnami/bitnami-docker-openldap
# https://github.com/wheelybird/ldap-user-manager
# https://github.com/osixia/docker-openldap
# openssl x509 -outform der -in /etc/letsencrypt/local/_wildcard.kaz.local.pem  -out /etc/letsencrypt/local/_wildcard.kaz.local.crt
# openssl pkey -in /etc/letsencrypt/local/_wildcard.kaz.local-key.pem -out /etc/letsencrypt/local/_wildcard.kaz.local.key
# apt install ldap-utils
# ldapsearch -x -H ldaps://kaz.local -D "cn=admin,dc=kaz,dc=local" -W

services:

  web:
    image: ltbproject/self-service-password
    container_name: ${ldapUIName}
    restart: ${restartPolicy}
    depends_on:
      - ldap
    networks:
      - ldapNet
      - postfixNet
    links:
      - ldap
    external_links:
      - ${smtpServName}:${smtpHost}
    env_file:
      - ../../secret/env-${ldapUIName}
    # ports:
    #   - 389:389
    #   - 636:636
    environment:
      - domain=${domain}
      - matterHost=${matterHost}
    volumes:
      - /etc/ssl:/etc/ssl:ro
      - /usr/local/share/ca-certificates:/usr/local/share/ca-certificates:ro
      - /etc/timezone:/etc/timezone:ro
      - /root/mkcert:/root/mkcert:ro
      - configSSP:/var/www/conf/
      - icons:/var/www/htdocs/images/
      - lang:/var/www/lang/
      - ./UIHooks:/var/www/kaz/
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.${ldapUIName}.rule=Host(`${ldapUIHost}.${domain}`)"
      - "traefik.docker.network=ldapNet"

  ldap:
    image: docker.io/bitnami/openldap:2.6
    container_name: ${ldapServName}
    restart: ${restartPolicy}

    env_file:
      - ../../secret/env-${ldapServName}
    # ports:
    #   - 389:389
    #   - 636:636
    environment:
      - LDAP_ROOT=${ldap_root}
      - LDAP_PORT_NUMBER=389
      - LDAP_LDAPS_PORT_NUMBER=636
      - LDAP_CONFIG_ADMIN_ENABLED=yes
      - LDAP_SKIP_DEFAULT_TREE=yes
      - LDAP_ENABLE_TLS=no
    volumes:
      - openldapData:/bitnami/openldap
      #- ./ldifs:/ldifs:ro
      - /etc/letsencrypt:/etc/letsencrypt:ro
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
    networks:
      - ldapNet

volumes:
  openldapData:
  configSSP:
  icons:
  lang:

networks:
  ldapNet:
    external: true
    name: ldapNet
  postfixNet:
    external: true
    name: postfixNet