# This is the default image startup configuration file # this file define environment variables used during the container **first start** in **startup files**. # This file is deleted right after startup files are processed for the first time, # after that all these values will not be available in the container environment. # This helps to keep your container configuration secret. # more information : https://github.com/osixia/docker-light-baseimage # Required and used for new ldap server only LDAP_ORGANISATION: Example Inc. LDAP_DOMAIN: example.org LDAP_BASE_DN: #if empty automatically set from LDAP_DOMAIN LDAP_ADMIN_PASSWORD: admin LDAP_CONFIG_PASSWORD: config LDAP_READONLY_USER: false LDAP_READONLY_USER_USERNAME: readonly LDAP_READONLY_USER_PASSWORD: readonly # Backend LDAP_BACKEND: hdb # Tls LDAP_TLS: true LDAP_TLS_CRT_FILENAME: ldap.crt LDAP_TLS_KEY_FILENAME: ldap.key LDAP_TLS_CA_CRT_FILENAME: ca.crt LDAP_TLS_ENFORCE: false LDAP_TLS_CIPHER_SUITE: SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC LDAP_TLS_VERIFY_CLIENT: demand # Replication LDAP_REPLICATION: false # variables $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD, $LDAP_CONFIG_PASSWORD # are automaticaly replaced at run time # if you want to add replication to an existing ldap # adapt LDAP_REPLICATION_CONFIG_SYNCPROV and LDAP_REPLICATION_DB_SYNCPROV to your configuration # avoid using $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD and $LDAP_CONFIG_PASSWORD variables LDAP_REPLICATION_CONFIG_SYNCPROV: binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical LDAP_REPLICATION_DB_SYNCPROV: binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical LDAP_REPLICATION_HOSTS: - ldap://ldap.example.org # The order must be the same on all ldap servers - ldap://ldap2.example.org # Remove config after setup LDAP_REMOVE_CONFIG_AFTER_SETUP: true # cfssl environment variables prefix LDAP_CFSSL_PREFIX: ldap # cfssl-helper first search config from LDAP_CFSSL_* variables, before CFSSL_* variables.