From 0f0543f05c57d2410d243d7045e6e04d37fb38f8 Mon Sep 17 00:00:00 2001
From: timewarrener <warrenexavian@protonmail.com>
Date: Sat, 31 May 2025 19:54:55 -0400
Subject: [PATCH] update

---
 LLDAP.yml                | 14 ++++++++++++++
 LLDAP/docker-compose.yml | 42 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 56 insertions(+)
 create mode 100644 LLDAP.yml
 create mode 100644 LLDAP/docker-compose.yml

diff --git a/LLDAP.yml b/LLDAP.yml
new file mode 100644
index 0000000..45e673e
--- /dev/null
+++ b/LLDAP.yml
@@ -0,0 +1,14 @@
+- name: LLDAP
+  hosts: docker1.exnetwork.org
+  tasks:
+    - name: Starting LLDAP
+      community.docker.docker_compose_v2:
+        project_src: "./LLDAP"
+        docker_host: "tcp://{{ ansible_host }}:2376"
+        tls: true
+        tls_hostname: "{{ ansible_host }}"
+        validate_certs: true
+        client_cert: "{{ TLS_CERT }}"
+        client_key: "{{ TLS_KEY }}"
+        ca_path: "{{ CA_CERT }}"
+        state: present
\ No newline at end of file
diff --git a/LLDAP/docker-compose.yml b/LLDAP/docker-compose.yml
new file mode 100644
index 0000000..76e63e1
--- /dev/null
+++ b/LLDAP/docker-compose.yml
@@ -0,0 +1,42 @@
+volumes:
+  lldap_data:
+    driver: local
+
+services:
+  lldap:
+    image: lldap/lldap:stable
+    ports:
+      # For LDAP, not recommended to expose, see Usage section.
+      #- "3890:3890"
+      # For LDAPS (LDAP Over SSL), enable port if LLDAP_LDAPS_OPTIONS__ENABLED set true, look env below
+      #- "6360:6360"
+      # For the web front-end
+      - "17170:17170"
+    volumes:
+      - "lldap_data:/data"
+      # Alternatively, you can mount a local folder
+      # - "./lldap_data:/data"
+    environment:
+      - UID=####
+      - GID=####
+      - TZ=####/####
+      - LLDAP_JWT_SECRET=REPLACE_WITH_RANDOM
+      - LLDAP_KEY_SEED=REPLACE_WITH_RANDOM
+      - LLDAP_LDAP_BASE_DN=dc=example,dc=com
+      - LLDAP_LDAP_USER_PASS=adminPas$word
+      # If using LDAPS, set enabled true and configure cert and key path
+      # - LLDAP_LDAPS_OPTIONS__ENABLED=true
+      # - LLDAP_LDAPS_OPTIONS__CERT_FILE=/path/to/certfile.crt
+      # - LLDAP_LDAPS_OPTIONS__KEY_FILE=/path/to/keyfile.key
+      # You can also set a different database:
+      # - LLDAP_DATABASE_URL=mysql://mysql-user:password@mysql-server/my-database
+      # - LLDAP_DATABASE_URL=postgres://postgres-user:password@postgres-server/my-database
+      # If using SMTP, set the following variables
+      # - LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET=true
+      # - LLDAP_SMTP_OPTIONS__SERVER=smtp.example.com
+      # - LLDAP_SMTP_OPTIONS__PORT=465 # Check your smtp providor's documentation for this setting
+      # - LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=TLS # How the connection is encrypted, either "NONE" (no encryption, port 25), "TLS" (sometimes called SSL, port 465) or "STARTTLS" (sometimes called TLS, port 587).
+      # - LLDAP_SMTP_OPTIONS__USER=no-reply@example.com # The SMTP user, usually your email address
+      # - LLDAP_SMTP_OPTIONS__PASSWORD=PasswordGoesHere # The SMTP password
+      # - LLDAP_SMTP_OPTIONS__FROM=no-reply <no-reply@example.com> # The header field, optional: how the sender appears in the email. The first is a free-form name, followed by an email between <>.
+      # - LLDAP_SMTP_OPTIONS__TO=admin <admin@example.com> # Same for reply-to, optional.
\ No newline at end of file