Add LLDAP as identity provider
nitnelave opened this issue · comments
What FOSS project is currently missing. Provide names and links.
- NAME: LLDAP
- GitHub URL: https://github.com/nitnelave/lldap
Does an example docker-compose.yml exist?
- [0] - Yes, managed by the FOSS maintainer. See links below.
Here some links to pre-existing docker-compose examples:
Here my personal working docker-compose.yml:
version: '3.3'
services:
lldap:
image: nitnelave/lldap:stable
container_name: lldap
volumes:
- "./lldap:/data" # For the config file, server private key and the sqlite database.
environment:
- LLDAP_JWT_SECRET=CHANGEME
- LLDAP_LDAP_USER_PASS=CHANGEME
- LLDAP_LDAP_BASE_DN=dc=example,dc=com
- PUID=1000
- PGID=1000
labels:
- traefik.enable=true
- traefik.http.routers.lldap.rule=Host(`lldap.${ROOT_DOMAIN}`)
- traefik.http.routers.lldap.entrypoints=https
- traefik.http.routers.lldap.tls=true
- traefik.http.services.lldap-service.loadbalancer.server.port=17170
- traefik.http.services.lldap-service.loadbalancer.server.scheme=http
- traefik.http.middlewares.limit.buffering.maxRequestBodyBytes=50000000
- traefik.http.middlewares.limit.buffering.maxResponseBodyBytes=50000000
- traefik.http.middlewares.limit.buffering.memRequestBodyBytes=50000000
- traefik.http.middlewares.limit.buffering.memResponseBodyBytes=50000000
Describe alternatives you've considered
Setting up an OpenLDAP is a nightmare. FreeIPA can work, but it's a bit overkill. Kanidm/KeyCloak don't offer a writeable LDAP layer.
Additional context
It comes with a snappy web interface and is lightweight in resources, and easy to install. Lots of examples on how to configure other services to interface with it.
Thanks for your contribution. I've added lldap into the mix!