-
-
Notifications
You must be signed in to change notification settings - Fork 54
/
docker-compose.ldap.yaml
84 lines (79 loc) · 2.58 KB
/
docker-compose.ldap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
version: "3"
services:
core:
image: ghcr.io/defguard/defguard:latest
build:
context: .
dockerfile: Dockerfile
environment:
DEFGUARD_LDAP_URL: ldap://openldap:1389
DEFGUARD_LDAP_BIND_USERNAME: cn=user,ou=users,dc=example,dc=org
DEFGUARD_LDAP_BIND_PASSWORD: user
DEFGUARD_LDAP_USER_SEARCH_BASE: "ou=users,dc=example,dc=org"
DEFGUARD_LDAP_GROUP_SEARCH_BASE: "ou=groups,dc=example,dc=org"
DEFGUARD_AUTH_SECRET: defguard-auth-secret
DEFGUARD_GATEWAY_SECRET: defguard-gateway-secret
DEFGUARD_YUBIBRIDGE_SECRET: defguard-yubibridge-secret
DEFGUARD_DB_HOST: db
DEFGUARD_DB_PORT: 5432
DEFGUARD_DB_USER: defguard
DEFGUARD_DB_PASSWORD: defguard
DEFGUARD_DB_NAME: defguard
DEFGUARD_URL: http://localhost:3000
RUST_BACKTRACE: 1
ports:
# rest api
- "8000:8000"
# grpc
- "50055:50055"
depends_on:
- db
gateway:
image: ghcr.io/defguard/gateway:latest
environment:
DEFGUARD_GRPC_URL: http://core:50055
DEFGUARD_STATS_PERIOD: 60
DEFGUARD_TOKEN: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJEZWZHdWFyZCIsInN1YiI6IlRlc3ROZXQiLCJjbGllbnRfaWQiOiIiLCJleHAiOjU5NjE3NDcwNzYsIm5iZiI6MTY2Njc3OTc4MSwicm9sZXMiOltdfQ.uEUMnw_gO23W0K2q3N1lToeP0D2zAY1swr8N-84sRHA
RUST_LOG: debug
ports:
# WireGuard endpoint
- "50051:50051/udp"
depends_on:
- core
cap_add:
- NET_ADMIN
db:
image: postgres:15-alpine
environment:
POSTGRES_DB: defguard
POSTGRES_USER: defguard
POSTGRES_PASSWORD: defguard
volumes:
- ./.volumes/db:/var/lib/postgresql/data
ports:
- "5432:5432"
device:
build:
dockerfile: Dockerfile.device
context: .
depends_on:
- gateway
cap_add:
- NET_ADMIN
openldap:
image: bitnami/openldap:2.6
user: root
restart: unless-stopped
environment:
LDAP_EXTRA_SCHEMAS: "cosine,inetorgperson,nis,openssh-lpk_openldap,samba,gnupg-ldap-schema,orion"
ports:
- "389:1389"
volumes:
- ./ldap-initdb.d:/docker-entrypoint-initdb.d:ro
- ./ldif/gnupg-ldap-schema.ldif:/opt/bitnami/openldap/etc/schema/gnupg-ldap-schema.ldif:ro
- ./ldif/openssh-lpk_openldap.ldif:/opt/bitnami/openldap/etc/schema/openssh-lpk_openldap.ldif:ro
- ./ldif/orion.ldif:/opt/bitnami/openldap/etc/schema/orion.ldif:ro
- ./ldif/samba.ldif:/opt/bitnami/openldap/etc/schema/samba.ldif:ro
- ./ldif/init.ldif:/ldifs/init.ldif:ro
- ./ldif/custom.ldif:/schema/custom.ldif:ro
- ./.volumes_ldap/openldap:/bitnami/openldap