Add openldap container on pottwal
This commit is contained in:
parent
405964f8bd
commit
d30eb2df9c
1 changed files with 41 additions and 0 deletions
41
pottwal.yml
41
pottwal.yml
|
|
@ -23,6 +23,10 @@
|
|||
hedgedoc_host_port: 8084
|
||||
hedgedoc_image: quay.io/hedgedoc/hedgedoc:1.9.3
|
||||
|
||||
openldap_image_version: 1.5.0
|
||||
openldap_data: "{{ data_dir }}/openldap"
|
||||
openldap_domain: "ldap.n39.eu"
|
||||
|
||||
roles:
|
||||
- role: docker_setup
|
||||
vars:
|
||||
|
|
@ -261,4 +265,41 @@
|
|||
site_name: pad.n39.eu
|
||||
proxy_port: "{{ hedgedoc_host_port }}"
|
||||
|
||||
- name: Setup dehydrated challenge endpoint for {{ openldap_domain }}
|
||||
include_role:
|
||||
name: setup-http-dehydrated
|
||||
vars:
|
||||
site_name: "{{ openldap_domain }}"
|
||||
|
||||
- name: Ensure openLDAP directories are present.
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- "{{ openldap_data }}/database"
|
||||
- "{{ openldap_data }}/config"
|
||||
- "{{ dehydrated_certs_dir }}/certs/{{ openldap_domain }}"
|
||||
|
||||
- name: Ensure container for openLDAP is running.
|
||||
docker_container:
|
||||
name: openLDAP
|
||||
image: "osixia/openldap:{{ openldap_image_version }}"
|
||||
pull: true
|
||||
state: started
|
||||
detach: yes
|
||||
ports:
|
||||
- "389:389" # unencrypted/STARTTLS
|
||||
- "636:636" # SSL
|
||||
volumes:
|
||||
- "{{ openldap_data }}/database:/var/lib/ldap"
|
||||
- "{{ openldap_data }}/config:/etc/ldap/slapd.d"
|
||||
- "{{ dehydrated_certs_dir }}/certs/{{ openldap_domain }}:/container/service/slapd/assets/certs"
|
||||
env:
|
||||
LDAP_ORGANISATION: "Netz39 e.V."
|
||||
LDAP_DOMAIN: "{{ openldap_domain }}"
|
||||
LDAP_ADMIN_PASSWORD: "{{ ldap_admin_password }}"
|
||||
LDAP_TLS_CRT_FILENAME: "cert.pem"
|
||||
LDAP_TLS_KEY_FILENAME: "key.pem"
|
||||
restart_policy: unless-stopped
|
||||
|
||||
handlers:
|
||||
|
|
|
|||
Loading…
Reference in a new issue