103 lines
3.5 KiB
Plaintext
103 lines
3.5 KiB
Plaintext
# LDAP Docker Environment Configuration
|
|
# Copy this file to .env and customize as needed
|
|
# Note: .env is git-ignored to prevent committing secrets
|
|
|
|
# ============================================================================
|
|
# LDAP Domain Configuration
|
|
# ============================================================================
|
|
|
|
# The LDAP domain (e.g., testing.local -> dc=testing,dc=local)
|
|
LDAP_DOMAIN=testing.local
|
|
|
|
# Organization name
|
|
LDAP_ORGANISATION=Testing Organization
|
|
|
|
# Base DN (automatically derived from LDAP_DOMAIN if not set)
|
|
LDAP_BASE_DN=dc=testing,dc=local
|
|
|
|
# ============================================================================
|
|
# Admin Credentials
|
|
# ============================================================================
|
|
|
|
# LDAP admin password
|
|
# WARNING: Change this for any environment accessible by others
|
|
LDAP_ADMIN_PASSWORD=admin_password
|
|
|
|
# LDAP config password (for cn=config)
|
|
LDAP_CONFIG_PASSWORD=config_password
|
|
|
|
# ============================================================================
|
|
# SSL/TLS Configuration
|
|
# ============================================================================
|
|
|
|
# Enable TLS/SSL
|
|
LDAP_TLS=true
|
|
|
|
# Certificate filenames (relative to certs/ directory)
|
|
LDAP_TLS_CRT_FILENAME=server.crt
|
|
LDAP_TLS_KEY_FILENAME=server.key
|
|
LDAP_TLS_CA_CRT_FILENAME=ca.crt
|
|
|
|
# TLS verification level: never, allow, try, demand
|
|
LDAP_TLS_VERIFY_CLIENT=try
|
|
|
|
# ============================================================================
|
|
# Port Configuration
|
|
# ============================================================================
|
|
|
|
# Standard LDAP port (unencrypted)
|
|
LDAP_PORT=389
|
|
|
|
# LDAPS port (SSL/TLS)
|
|
LDAPS_PORT=636
|
|
|
|
# phpLDAPadmin web interface port
|
|
PHPLDAPADMIN_PORT=8080
|
|
|
|
# ============================================================================
|
|
# Logging Configuration
|
|
# ============================================================================
|
|
|
|
# LDAP log level
|
|
# 0 = no logging, 256 = stats logging, -1 = any logging
|
|
LDAP_LOG_LEVEL=256
|
|
|
|
# ============================================================================
|
|
# Container Configuration
|
|
# ============================================================================
|
|
|
|
# Hostname for the LDAP server
|
|
LDAP_HOSTNAME=ldap.testing.local
|
|
|
|
# Container name
|
|
LDAP_CONTAINER_NAME=ldap-server
|
|
|
|
# phpLDAPadmin container name
|
|
PHPLDAPADMIN_CONTAINER_NAME=ldap-admin
|
|
|
|
# ============================================================================
|
|
# Optional: Replication Configuration (Advanced)
|
|
# ============================================================================
|
|
|
|
# Enable replication (leave commented for single-server setup)
|
|
# LDAP_REPLICATION=true
|
|
# LDAP_REPLICATION_CONFIG_SYNCPROV=binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical
|
|
# LDAP_REPLICATION_DB_SYNCPROV=binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical
|
|
|
|
# ============================================================================
|
|
# Optional: Backup Configuration
|
|
# ============================================================================
|
|
|
|
# Backup directory (uncomment to enable)
|
|
# BACKUP_DIR=./backups
|
|
|
|
# ============================================================================
|
|
# Development Settings
|
|
# ============================================================================
|
|
|
|
# Set to "true" to enable debug output
|
|
DEBUG=false
|
|
|
|
# Timezone (optional)
|
|
TZ=UTC
|