Newer
Older
# vim:ff=unix:ts=2:sw=2:ai:expandtab
auth:
environment:
LDAP_BASE_DN: "ou=People,${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}"
LDAP_OBJECTS_DN: "dn"
LDAP_OPENLDAP: !!str true
LDAP_REALM_NAME: shore.co.il authentication
LDAP_USER_OBJECT_FILTER: "(&(objectclass=inetOrgPerson)(uid=%s))"
SECRET_KEY: "${SECRET_KEY:-qwerty123}"
hostname: auth.shore.co.il
image: registry.shore.co.il/ldap-auth
restart: always
volumes:
- _run_slapd:/run/slapd
crond:
build:
context: crond/
volumes:
- /run/docker.sock:/run/docker.sock
build:
context: slapd/
environment:
LDAP_ROOTPASS: &password "${LDAP_ROOTPASS:-foo}"
LDAP_DOMAIN: "${LDAP_DOMAIN:-shore.co.il}"
LDAP_ORGANIZATION: "${LDAP_ORGANIZATION:-shore}"
#SLAPD_DEBUG_LEVEL: "any"
SSL_DHPARAMS_FILE: /var/ssl/dhparams
hostname: "${LDAP_HOSTNAME:-ldap}.${LDAP_DOMAIN:-shore.co.il}"
restart: always
volumes:
- _run_slapd:/run/slapd
- ldap:/var/lib/ldap
- backup_ldap:/var/backups/ldap
ldap-account-manager:
build:
context: ldap-account-manager/
LAM_PASSWORD: *password # pragma: allowlist secret
LDAP_ADMIN_DN: "cn=admin,${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}"
LDAP_BASE_DN: &base_dn "${LDAP_BASE_DN:-dc=shore,dc=co,dc=il}"
restart: always
volumes:
- _run_slapd:/run/slapd
# nss-pam-ldapd:
# build:
# context: nss-pam-ldapd/
# command: /usr/sbin/nslcd --debug --nofork
# depends_on:
# - ldap
# environment:
# LDAP_BASE_DN: *base_dn
# volumes:
# - _run_slapd:/run/slapd
backup_ldap:
labels:
snapshot: 'true'