Docker Compose
Template
version: '3'
services:
openldap:
container_name: openldap
image: osixia/openldap:latest
expose:
- 389
- 636
volumes:
- /opt/appdata/openldap/certificates:/container/service/slapd/assets/certs
- /opt/appdata/openldap/slapd/database:/var/lib/ldap
- /opt/appdata/openldap/slapd/config:/etc/ldap/slapd.d
environment:
LDAP_ORGANISATION: "YOUR_LDAP_ORGANISATION"
LDAP_DOMAIN: "YOUR_LDAP_DOMAIN"
LDAP_ADMIN_USERNAME: "YOUR_LDAP_ADMIN_USERNAME"
LDAP_ADMIN_PASSWORD: "YOUR_LDAP_ADMIN_PASSWORD"
LDAP_CONFIG_PASSWORD: "YOUR_LDAP_CONFIG_PASSWORD"
LDAP_BASE_DN: "YOUR_LDAP_BASE_DN"
LDAP_TLS_CRT_FILENAME: "YOUR_LDAP_TLS_CRT_FILENAME"
LDAP_TLS_KEY_FILENAME: "YOUR_LDAP_TLS_KEY_FILENAME"
LDAP_TLS_CA_CRT_FILENAME: "YOUR_LDAP_TLS_CA_CRT_FILENAME"
networks:
- proxy
restart: unless-stopped
ldapadmin:
container_name: ldapadmin
image: osixia/phpldapadmin:latest
ports:
- "8399:80"
labels:
traefik.enable: true
traefik.http.routers.ldapadmin.entryPoints: https
traefik.http.routers.ldapadmin.middlewares: auth@file
environment:
- PHPLDAPADMIN_LDAP_HOSTS=openldap
- PHPLDAPADMIN_HTTPS=false
volumes:
- /opt/appdata/openldap/admin:/var/www/phpldapadmin # used to be able to make edits to the config file
depends_on:
- openldap
networks:
- proxy
restart: unless-stopped
networks:
proxy:
driver: bridge
external: true
Example (with information filled in)
version: '3'
services:
openldap:
container_name: openldap
image: osixia/openldap:latest
expose:
- 389
- 636
volumes:
- /opt/appdata/openldap/certificates:/container/service/slapd/assets/certs
- /opt/appdata/openldap/slapd/database:/var/lib/ldap
- /opt/appdata/openldap/slapd/config:/etc/ldap/slapd.d
environment:
LDAP_ORGANISATION: "ibracorp"
LDAP_DOMAIN: "ibracorp.io"
LDAP_ADMIN_USERNAME: "admin"
LDAP_ADMIN_PASSWORD: "SomeSuperSecurePassword"
LDAP_CONFIG_PASSWORD: "AnotherSuperSecurePassword"
LDAP_BASE_DN: "dc=ibracorp,dc=io"
LDAP_TLS_CRT_FILENAME: "server.crt"
LDAP_TLS_KEY_FILENAME: "server.key"
LDAP_TLS_CA_CRT_FILENAME: "ibracorp.io.ca.crt"
networks:
- proxy
restart: unless-stopped
ldapadmin:
container_name: ldapadmin
image: osixia/phpldapadmin:latest
ports:
- "8399:80"
labels:
traefik.enable: true
traefik.http.routers.ldapadmin.entryPoints: https
traefik.http.routers.ldapadmin.middlewares: auth@file
environment:
PHPLDAPADMIN_LDAP_HOSTS: openldap
PHPLDAPADMIN_HTTPS: false
volumes:
- /opt/appdata/openldap/admin:/var/www/phpldapadmin # used to be able to make edits to the config file
depends_on:
- openldap
networks:
- proxy
restart: unless-stopped
networks:
proxy:
driver: bridge
external: true
To have you login format inserted automatically we can edit the ldapadmin config.php file located at /opt/appdata/openldap/admin/config/config.php
and adding in the following lines below to the end of the config file to automatically fill in out login information as below:
/* The DN of the user for phpLDAPadmin to bind with. For anonymous binds or
'cookie','session' or 'sasl' auth_types, LEAVE THE LOGIN_DN AND LOGIN_PASS
BLANK. If you specify a login_attr in conjunction with a cookie or session
auth_type, then you can also specify the bind_id/bind_pass here for searching
the directory for users (ie, if your LDAP server does not allow anonymous
binds. */
// $servers->setValue('login','bind_id','');
$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');
Last updated