84 lines
2.2 KiB
YAML
84 lines
2.2 KiB
YAML
# https://github.com/bitnami/bitnami-docker-openldap
|
|
# https://github.com/wheelybird/ldap-user-manager
|
|
# https://github.com/osixia/docker-openldap
|
|
# openssl x509 -outform der -in /etc/letsencrypt/local/_wildcard.kaz.local.pem -out /etc/letsencrypt/local/_wildcard.kaz.local.crt
|
|
# openssl pkey -in /etc/letsencrypt/local/_wildcard.kaz.local-key.pem -out /etc/letsencrypt/local/_wildcard.kaz.local.key
|
|
# apt install ldap-utils
|
|
# ldapsearch -x -H ldaps://kaz.local -D "cn=admin,dc=kaz,dc=local" -W
|
|
|
|
services:
|
|
|
|
web:
|
|
image: ltbproject/self-service-password
|
|
container_name: ${ldapUIName}
|
|
depends_on:
|
|
- ldap
|
|
networks:
|
|
- ldapNet
|
|
- postfixNet
|
|
links:
|
|
- ldap
|
|
external_links:
|
|
- ${smtpServName}:${smtpHost}
|
|
env_file:
|
|
- ../../secret/env-${ldapUIName}
|
|
# ports:
|
|
# - 389:389
|
|
# - 636:636
|
|
environment:
|
|
- domain=${domain}
|
|
- matterHost=${matterHost}
|
|
volumes:
|
|
- /etc/ssl:/etc/ssl:ro
|
|
- /usr/local/share/ca-certificates:/usr/local/share/ca-certificates:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
- /root/mkcert:/root/mkcert:ro
|
|
- configSSP:/var/www/conf/
|
|
- icons:/var/www/htdocs/images/
|
|
- lang:/var/www/lang/
|
|
- ./UIHooks:/var/www/kaz/
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.${ldapUIName}.rule=Host(`${ldapUIHost}.${domain}`)"
|
|
- "traefik.docker.network=ldapNet"
|
|
|
|
ldap:
|
|
image: docker.io/bitnami/openldap:2.6
|
|
container_name: ${ldapServName}
|
|
restart: always
|
|
|
|
env_file:
|
|
- ../../secret/env-${ldapServName}
|
|
# ports:
|
|
# - 389:389
|
|
# - 636:636
|
|
environment:
|
|
- LDAP_ROOT=${ldap_root}
|
|
- LDAP_PORT_NUMBER=389
|
|
- LDAP_LDAPS_PORT_NUMBER=636
|
|
- LDAP_CONFIG_ADMIN_ENABLED=yes
|
|
- LDAP_SKIP_DEFAULT_TREE=yes
|
|
- LDAP_ENABLE_TLS=no
|
|
volumes:
|
|
- openldapData:/bitnami/openldap
|
|
#- ./ldifs:/ldifs:ro
|
|
- /etc/letsencrypt:/etc/letsencrypt:ro
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
networks:
|
|
- ldapNet
|
|
|
|
volumes:
|
|
openldapData:
|
|
configSSP:
|
|
icons:
|
|
lang:
|
|
|
|
networks:
|
|
ldapNet:
|
|
external: true
|
|
name: ldapNet
|
|
postfixNet:
|
|
external: true
|
|
name: postfixNet
|