# openssl req -x509 -newkey rsa:4096 -keyout my-ldap.key -out cert.pem -days 365

version: 2
services:
  openldap:
    container_name: openldap_iwanclement_eu
    hostname: openldap
    restart: always
    volumes:
      - 'openldap_certs:/container/service/slapd/assets/certs'
      - 'openldap_datas:/var/lib/ldap'
      - 'openldap_slapd:/etc/ldap/slapd.d'
    ports:
      - 389:389
      - 636:636
    environment:
      - LDAP_TLS_CRT_FILENAME: my-ldap.crt
      - LDAP_TLS_KEY_FILENAME: my-ldap.key
      - LDAP_TLS_CA_CRT_FILENAME: the-ca.crt
      - LDAP_ORGANISATION: IwanClement EU
      - LDAP_DOMAIN: iwanclement.eu
#      - LDAP_BASE_DN: Ldap base DN. If empty automatically set from LDAP_DOMAIN value. Defaults to (empty)
      - LDAP_ADMIN_PASSWORD: Fgap@Gze5692$23_fwzyff_
      - LDAP_CONFIG_PASSWORD: rggHaDZSuirdfg73ghaPCdf_@
      - LDAP_READONLY_USER: true
      - LDAP_READONLY_USER_USERNAME: ro_user
      - LDAP_READONLY_USER_PASSWORD: R0_P@ssword
      - LDAP_TLS_CIPHER_SUITE: "SECURE256:-VERS-SSL3.0"
      - LDAP_TLS_PROTOCOL_MIN: "3.1"
      - LDAP_TLS_VERIFY_CLIENT: "demand"
      - LDAP_REPLICATION: "false"
      - HOSTNAME: ldap_iwanclement_eu
    image: 'osixia/openldap:1.2.4'
  phpldapadmin:
    restart: always
    image: osixia/phpldapadmin:latest
    container_name: phpldapadmin
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "openldap"
      PHPLDAPADMIN_HTTPS: "false"
    ports:
      - "5180:80"
    depends_on:
      - openldap