LogoLogo
HomeDiscordYouTubeDisclaimer
  • Authelia
    • Installation
      • Unraid
      • Docker Compose
    • Configuration
    • Reverse-Proxy
    • Rules
  • OpenLDAP
    • Installation
      • Unraid
      • Docker Compose
    • Configuration
  • OpenID Connect
    • Cloudflare Tunnel Setup
    • Authelia Setup
    • Registering OIDC Provider
    • Cloudflare & Authelia
    • Extras
  • Configuration Files
    • configuration.yml
    • users_database.yml
  • LDAP
    • LDAP - FreeIPA
    • LDAP - OpenLDAP
    • LDAP - Active Directory
    • LDAP - LLDAP / Light LDAP
  • OIDC
    • OIDC - configuration.yml
  • NGINX
    • NGINX Config - Endpoint
    • NGINX Config - Authelia
  • 🎯DO I NEED AN UPDATE?
    • Update Me!
  • ❗Disclaimer
    • Read Our Disclaimer
Powered by GitBook
On this page
  • Template
  • Example (with information filled in)

Was this helpful?

Export as PDF
  1. OpenLDAP
  2. Installation

Docker Compose

Template

version: '3'
services:
  openldap:
    container_name: openldap
    image: osixia/openldap:latest
    expose: 
      - 389
      - 636
    volumes:
      - /opt/appdata/openldap/certificates:/container/service/slapd/assets/certs
      - /opt/appdata/openldap/slapd/database:/var/lib/ldap
      - /opt/appdata/openldap/slapd/config:/etc/ldap/slapd.d
    environment: 
      LDAP_ORGANISATION: "YOUR_LDAP_ORGANISATION"
      LDAP_DOMAIN: "YOUR_LDAP_DOMAIN"
      LDAP_ADMIN_USERNAME: "YOUR_LDAP_ADMIN_USERNAME"
      LDAP_ADMIN_PASSWORD: "YOUR_LDAP_ADMIN_PASSWORD"
      LDAP_CONFIG_PASSWORD: "YOUR_LDAP_CONFIG_PASSWORD"
      LDAP_BASE_DN: "YOUR_LDAP_BASE_DN"
      LDAP_TLS_CRT_FILENAME: "YOUR_LDAP_TLS_CRT_FILENAME"
      LDAP_TLS_KEY_FILENAME: "YOUR_LDAP_TLS_KEY_FILENAME"
      LDAP_TLS_CA_CRT_FILENAME: "YOUR_LDAP_TLS_CA_CRT_FILENAME"
    networks:
      - proxy
    restart: unless-stopped
  
  ldapadmin:
    container_name: ldapadmin
    image: osixia/phpldapadmin:latest
    ports: 
      - "8399:80"
    labels:
      traefik.enable: true
      traefik.http.routers.ldapadmin.entryPoints: https
      traefik.http.routers.ldapadmin.middlewares: auth@file
    environment: 
      - PHPLDAPADMIN_LDAP_HOSTS=openldap
      - PHPLDAPADMIN_HTTPS=false
    volumes:
      - /opt/appdata/openldap/admin:/var/www/phpldapadmin # used to be able to make edits to the config file 
    depends_on:
      - openldap
    networks:
      - proxy
    restart: unless-stopped

networks:
  proxy:
    driver: bridge
    external: true

Example (with information filled in)

version: '3'
services:
  openldap:
    container_name: openldap
    image: osixia/openldap:latest
    expose: 
      - 389
      - 636
    volumes:
      - /opt/appdata/openldap/certificates:/container/service/slapd/assets/certs
      - /opt/appdata/openldap/slapd/database:/var/lib/ldap
      - /opt/appdata/openldap/slapd/config:/etc/ldap/slapd.d
    environment: 
      LDAP_ORGANISATION: "ibracorp"
      LDAP_DOMAIN: "ibracorp.io"
      LDAP_ADMIN_USERNAME: "admin"
      LDAP_ADMIN_PASSWORD: "SomeSuperSecurePassword"
      LDAP_CONFIG_PASSWORD: "AnotherSuperSecurePassword"
      LDAP_BASE_DN: "dc=ibracorp,dc=io"
      LDAP_TLS_CRT_FILENAME: "server.crt"
      LDAP_TLS_KEY_FILENAME: "server.key"
      LDAP_TLS_CA_CRT_FILENAME: "ibracorp.io.ca.crt"
    networks:
      - proxy
    restart: unless-stopped
  
  ldapadmin:
    container_name: ldapadmin
    image: osixia/phpldapadmin:latest
    ports: 
      - "8399:80"
    labels:
      traefik.enable: true
      traefik.http.routers.ldapadmin.entryPoints: https
      traefik.http.routers.ldapadmin.middlewares: auth@file
    environment: 
      PHPLDAPADMIN_LDAP_HOSTS: openldap
      PHPLDAPADMIN_HTTPS: false
    volumes:
      - /opt/appdata/openldap/admin:/var/www/phpldapadmin # used to be able to make edits to the config file 
    depends_on:
      - openldap
    networks:
      - proxy
    restart: unless-stopped

networks:
  proxy:
    driver: bridge
    external: true

To have you login format inserted automatically we can edit the ldapadmin config.php file located at /opt/appdata/openldap/admin/config/config.php and adding in the following lines below to the end of the config file to automatically fill in out login information as below:

/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
   'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
   BLANK. If you specify a login_attr in conjunction with a cookie or session
   auth_type, then you can also specify the bind_id/bind_pass here for searching
   the directory for users (ie, if your LDAP server does not allow anonymous
   binds. */
// $servers->setValue('login','bind_id','');
$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');
PreviousUnraidNextConfiguration

Last updated 3 years ago

Was this helpful?