|  | @@ -0,0 +1,43 @@
 | 
	
		
			
				|  |  | +# This is the default image secret configuration file
 | 
	
		
			
				|  |  | +# this file define environment variables used during the container first start in startup scripts.
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +# This file is deleted right after startup scripts are processed for the first time,
 | 
	
		
			
				|  |  | +# all theses values will not be available after that in the container environment variable.
 | 
	
		
			
				|  |  | +# So if the container is started, stop and restarted this values are not available for restart startup scripts.
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +# It helps to keep your configuration secret :)
 | 
	
		
			
				|  |  | +# more information : https://github.com/osixia/docker-light-baseimage
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +# Required and used for new ldap server only
 | 
	
		
			
				|  |  | +LDAP_ORGANISATION: Example Inc.
 | 
	
		
			
				|  |  | +LDAP_DOMAIN: example.org
 | 
	
		
			
				|  |  | +LDAP_ADMIN_PASSWORD: admin
 | 
	
		
			
				|  |  | +LDAP_CONFIG_PASSWORD: config
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +LDAP_READONLY_USER: false
 | 
	
		
			
				|  |  | +LDAP_READONLY_USER_USERNAME: readonly
 | 
	
		
			
				|  |  | +LDAP_READONLY_USER_PASSWORD: readonly
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +# Tls
 | 
	
		
			
				|  |  | +LDAP_TLS: true
 | 
	
		
			
				|  |  | +LDAP_TLS_CRT_FILENAME: ldap.crt
 | 
	
		
			
				|  |  | +LDAP_TLS_KEY_FILENAME: ldap.key
 | 
	
		
			
				|  |  | +LDAP_TLS_CA_CRT_FILENAME: ca.crt
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +LDAP_TLS_CIPHER_SUITE: SECURE256:-VERS-SSL3.0
 | 
	
		
			
				|  |  | +LDAP_TLS_PROTOCOL_MIN: 3.1
 | 
	
		
			
				|  |  | +LDAP_TLS_VERIFY_CLIENT: demand
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +# Replication
 | 
	
		
			
				|  |  | +LDAP_REPLICATION: false
 | 
	
		
			
				|  |  | +# variables $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD, $LDAP_CONFIG_PASSWORD
 | 
	
		
			
				|  |  | +# are automaticaly replaced at run time
 | 
	
		
			
				|  |  | +
 | 
	
		
			
				|  |  | +# if you want to add replication to an existing ldap
 | 
	
		
			
				|  |  | +# adapt LDAP_REPLICATION_CONFIG_SYNCPROV and LDAP_REPLICATION_HDB_SYNCPROV to your configuration
 | 
	
		
			
				|  |  | +# avoid using $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD and $LDAP_CONFIG_PASSWORD variables
 | 
	
		
			
				|  |  | +LDAP_REPLICATION_CONFIG_SYNCPROV: binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical
 | 
	
		
			
				|  |  | +LDAP_REPLICATION_HDB_SYNCPROV: binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical
 | 
	
		
			
				|  |  | +LDAP_REPLICATION_HOSTS:
 | 
	
		
			
				|  |  | +  - ldap://ldap.example.org # The order must be the same on all ldap servers
 | 
	
		
			
				|  |  | +  - ldap://ldap2.example.org
 |