pdns-auth-proxy/fixtures/openldap/default.startup.yaml

# This is the default image startup configuration file
# this file define environment variables used during the container **first start** in **startup files**.

# General container configuration
# see table 5.1 in http://www.openldap.org/doc/admin24/slapdconf2.html for the available log levels.
LDAP_LOG_LEVEL: 256

# Ulimit
LDAP_NOFILE: 1024

# Do not perform any chown to fix file ownership
DISABLE_CHOWN: false

# Required and used for new ldap server only
LDAP_ORGANISATION: Example Inc.
LDAP_DOMAIN: example.org
LDAP_BASE_DN: #if empty automatically set from LDAP_DOMAIN

LDAP_ADMIN_PASSWORD: admin
LDAP_CONFIG_PASSWORD: config

LDAP_READONLY_USER: false
LDAP_READONLY_USER_USERNAME: readonly
LDAP_READONLY_USER_PASSWORD: readonly

LDAP_RFC2307BIS_SCHEMA: false

# Backend
LDAP_BACKEND: mdb

# Tls
LDAP_TLS: true
LDAP_TLS_CRT_FILENAME: ldap.crt
LDAP_TLS_KEY_FILENAME: ldap.key
LDAP_TLS_DH_PARAM_FILENAME: dhparam.pem
LDAP_TLS_CA_CRT_FILENAME: ca.crt

LDAP_TLS_ENFORCE: false
LDAP_TLS_CIPHER_SUITE: SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC
LDAP_TLS_VERIFY_CLIENT: demand

# Replication
LDAP_REPLICATION: false


# Do not change the ldap config
# - If set to true with an existing database, config will remain unchanged. Image tls and replication config will not be run.
#   The container can be started with LDAP_ADMIN_PASSWORD and LDAP_CONFIG_PASSWORD empty or filled with fake data.
# - If set to true when bootstrapping a new database, bootstap ldif and schema will not be added and tls and replication config will not be run.
KEEP_EXISTING_CONFIG: false

# Remove config after setup
LDAP_REMOVE_CONFIG_AFTER_SETUP: true

# ssl-helper environment variables prefix
LDAP_SSL_HELPER_PREFIX: ldap # ssl-helper first search config from LDAP_SSL_HELPER_* variables, before SSL_HELPER_* variables.

SSL_HELPER_AUTO_RENEW_SERVICES_IMPACTED: slapd
Initial euclide.org release 2023-11-17 05:55:06 +00:00			`# This is the default image startup configuration file`
			`# this file define environment variables used during the container first start in startup files.`

			`# General container configuration`
			`# see table 5.1 in http://www.openldap.org/doc/admin24/slapdconf2.html for the available log levels.`
			`LDAP_LOG_LEVEL: 256`

			`# Ulimit`
			`LDAP_NOFILE: 1024`

			`# Do not perform any chown to fix file ownership`
			`DISABLE_CHOWN: false`

			`# Required and used for new ldap server only`
			`LDAP_ORGANISATION: Example Inc.`
			`LDAP_DOMAIN: example.org`
			`LDAP_BASE_DN: #if empty automatically set from LDAP_DOMAIN`

			`LDAP_ADMIN_PASSWORD: admin`
			`LDAP_CONFIG_PASSWORD: config`

			`LDAP_READONLY_USER: false`
			`LDAP_READONLY_USER_USERNAME: readonly`
			`LDAP_READONLY_USER_PASSWORD: readonly`

			`LDAP_RFC2307BIS_SCHEMA: false`

			`# Backend`
			`LDAP_BACKEND: mdb`

			`# Tls`
			`LDAP_TLS: true`
			`LDAP_TLS_CRT_FILENAME: ldap.crt`
			`LDAP_TLS_KEY_FILENAME: ldap.key`
			`LDAP_TLS_DH_PARAM_FILENAME: dhparam.pem`
			`LDAP_TLS_CA_CRT_FILENAME: ca.crt`

			`LDAP_TLS_ENFORCE: false`
			`LDAP_TLS_CIPHER_SUITE: SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC`
			`LDAP_TLS_VERIFY_CLIENT: demand`

			`# Replication`
			`LDAP_REPLICATION: false`


			`# Do not change the ldap config`
			`# - If set to true with an existing database, config will remain unchanged. Image tls and replication config will not be run.`
			`# The container can be started with LDAP_ADMIN_PASSWORD and LDAP_CONFIG_PASSWORD empty or filled with fake data.`
			`# - If set to true when bootstrapping a new database, bootstap ldif and schema will not be added and tls and replication config will not be run.`
			`KEEP_EXISTING_CONFIG: false`

			`# Remove config after setup`
			`LDAP_REMOVE_CONFIG_AFTER_SETUP: true`

			`# ssl-helper environment variables prefix`
			`LDAP_SSL_HELPER_PREFIX: ldap # ssl-helper first search config from LDAP_SSL_HELPER_* variables, before SSL_HELPER_* variables.`

			`SSL_HELPER_AUTO_RENEW_SERVICES_IMPACTED: slapd`