Add openldap container on pottwal

This commit is contained in:
David Kilias 2022-07-04 18:38:22 +02:00 committed by Stefan Haun
parent 405964f8bd
commit d30eb2df9c

View file

@ -23,6 +23,10 @@
hedgedoc_host_port: 8084
hedgedoc_image: quay.io/hedgedoc/hedgedoc:1.9.3
openldap_image_version: 1.5.0
openldap_data: "{{ data_dir }}/openldap"
openldap_domain: "ldap.n39.eu"
roles:
- role: docker_setup
vars:
@ -261,4 +265,41 @@
site_name: pad.n39.eu
proxy_port: "{{ hedgedoc_host_port }}"
- name: Setup dehydrated challenge endpoint for {{ openldap_domain }}
include_role:
name: setup-http-dehydrated
vars:
site_name: "{{ openldap_domain }}"
- name: Ensure openLDAP directories are present.
file:
path: "{{ item }}"
state: directory
with_items:
- "{{ openldap_data }}/database"
- "{{ openldap_data }}/config"
- "{{ dehydrated_certs_dir }}/certs/{{ openldap_domain }}"
- name: Ensure container for openLDAP is running.
docker_container:
name: openLDAP
image: "osixia/openldap:{{ openldap_image_version }}"
pull: true
state: started
detach: yes
ports:
- "389:389" # unencrypted/STARTTLS
- "636:636" # SSL
volumes:
- "{{ openldap_data }}/database:/var/lib/ldap"
- "{{ openldap_data }}/config:/etc/ldap/slapd.d"
- "{{ dehydrated_certs_dir }}/certs/{{ openldap_domain }}:/container/service/slapd/assets/certs"
env:
LDAP_ORGANISATION: "Netz39 e.V."
LDAP_DOMAIN: "{{ openldap_domain }}"
LDAP_ADMIN_PASSWORD: "{{ ldap_admin_password }}"
LDAP_TLS_CRT_FILENAME: "cert.pem"
LDAP_TLS_KEY_FILENAME: "key.pem"
restart_policy: unless-stopped
handlers: