Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
Apq
/
docker-openldap
kopia lustrzana https://github.com/osixia/docker-openldap.git
1
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: f98e88eac8
Gałęzie Tagi
docker-openldap
/
example
/
kubernetes
/
using-secrets
/
environment
/
my-env.startup.yaml.example

my-env.startup.yaml.example 2.7 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 
  1. # This is the default image startup configuration file
    2. 

  2. # this file define environment variables used during the container **first start** in **startup files**.
    3. 

  3. 

  4. # This file is deleted right after startup files are processed for the first time,
    5. 

  5. # after that all these values will not be available in the container environment.
    6. 

  6. # This helps to keep your container configuration secret.
    7. 

  7. # more information : https://github.com/osixia/docker-light-baseimage
    8. 

  8. 

  9. # Required and used for new ldap server only
    10. 

  10. LDAP_ORGANISATION: Example Inc.
    11. 

  11. LDAP_DOMAIN: example.org
    12. 

  12. LDAP_BASE_DN: #if empty automatically set from LDAP_DOMAIN
    13. 

  13. 

  14. LDAP_ADMIN_PASSWORD: admin
    15. 

  15. LDAP_CONFIG_PASSWORD: config
    16. 

  16. 

  17. LDAP_READONLY_USER: false
    18. 

  18. LDAP_READONLY_USER_USERNAME: readonly
    19. 

  19. LDAP_READONLY_USER_PASSWORD: readonly
    20. 

  20. 

  21. LDAP_RFC2307BIS_SCHEMA: false
    22. 

  22. 

  23. # Backend
    24. 

  24. LDAP_BACKEND: mdb
    25. 

  25. 

  26. # Tls
    27. 

  27. LDAP_TLS: true
    28. 

  28. LDAP_TLS_CRT_FILENAME: ldap.crt
    29. 

  29. LDAP_TLS_KEY_FILENAME: ldap.key
    30. 

  30. LDAP_TLS_DH_PARAM_FILENAME: dhparam.pem
    31. 

  31. LDAP_TLS_CA_CRT_FILENAME: ca.crt
    32. 

  32. 

  33. LDAP_TLS_ENFORCE: false
    34. 

  34. LDAP_TLS_CIPHER_SUITE: SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC
    35. 

  35. LDAP_TLS_VERIFY_CLIENT: demand
    36. 

  36. 

  37. # Replication
    38. 

  38. LDAP_REPLICATION: false
    39. 

  39. # variables $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD, $LDAP_CONFIG_PASSWORD
    40. 

  40. # are automaticaly replaced at run time
    41. 

  41. 

  42. # if you want to add replication to an existing ldap
    43. 

  43. # adapt LDAP_REPLICATION_CONFIG_SYNCPROV and LDAP_REPLICATION_DB_SYNCPROV to your configuration
    44. 

  44. # avoid using $LDAP_BASE_DN, $LDAP_ADMIN_PASSWORD and $LDAP_CONFIG_PASSWORD variables
    45. 

  45. LDAP_REPLICATION_CONFIG_SYNCPROV: binddn="cn=admin,cn=config" bindmethod=simple credentials=$LDAP_CONFIG_PASSWORD searchbase="cn=config" type=refreshAndPersist retry="60 +" timeout=1 starttls=critical
    46. 

  46. LDAP_REPLICATION_DB_SYNCPROV: binddn="cn=admin,$LDAP_BASE_DN" bindmethod=simple credentials=$LDAP_ADMIN_PASSWORD searchbase="$LDAP_BASE_DN" type=refreshAndPersist interval=00:00:00:10 retry="60 +" timeout=1 starttls=critical
    47. 

  47. LDAP_REPLICATION_HOSTS:
    48. 

  48.   - ldap://ldap.example.org # The order must be the same on all ldap servers
    49. 

  49.   - ldap://ldap2.example.org
    50. 

  50. 

  51. 

  52. # Do not change the ldap config
    53. 

  53. # - If set to true with an existing database, config will remain unchanged. Image tls and replication config will not be run.
    54. 

  54. #   The container can be started with LDAP_ADMIN_PASSWORD and LDAP_CONFIG_PASSWORD empty or filled with fake data.
    55. 

  55. # - If set to true when bootstrapping a new database, bootstap ldif and schema will not be added and tls and replication config will not be run.
    56. 

  56. KEEP_EXISTING_CONFIG: false
    57. 

  57. 

  58. # Remove config after setup
    59. 

  59. LDAP_REMOVE_CONFIG_AFTER_SETUP: true
    60. 

  60. 

  61. # ssl-helper environment variables prefix
    62. 

  62. LDAP_SSL_HELPER_PREFIX: ldap # ssl-helper first search config from LDAP_SSL_HELPER_* variables, before SSL_HELPER_* variables.
    63.