2022-07-27 22:57:28 +00:00
|
|
|
job "lldap" {
|
|
|
|
|
datacenters = ["dc1"]
|
|
|
|
|
type = "service"
|
|
|
|
|
|
|
|
|
|
group "lldap" {
|
|
|
|
|
|
|
|
|
|
network {
|
|
|
|
|
mode = "bridge"
|
|
|
|
|
|
|
|
|
|
port "web" {
|
2022-11-15 20:20:16 +00:00
|
|
|
to = 17170
|
2022-07-27 22:57:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
port "ldap" {
|
2022-11-15 20:20:16 +00:00
|
|
|
to = 3890
|
2022-07-27 22:57:28 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
volume "lldap-data" {
|
|
|
|
|
type = "host"
|
|
|
|
|
read_only = false
|
|
|
|
|
source = "lldap-data"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
service {
|
|
|
|
|
name = "lldap"
|
2022-11-21 00:24:00 +00:00
|
|
|
provider = "nomad"
|
2022-07-27 22:57:28 +00:00
|
|
|
port = "ldap"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
service {
|
|
|
|
|
name = "ldap-admin"
|
2022-11-21 00:24:00 +00:00
|
|
|
provider = "nomad"
|
2022-07-27 22:57:28 +00:00
|
|
|
port = "web"
|
|
|
|
|
|
|
|
|
|
tags = [
|
|
|
|
|
"traefik.enable=true",
|
|
|
|
|
"traefik.http.routers.ldap-admin.entryPoints=websecure",
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
task "lldap" {
|
|
|
|
|
driver = "docker"
|
|
|
|
|
|
|
|
|
|
volume_mount {
|
|
|
|
|
volume = "lldap-data"
|
|
|
|
|
destination = "/data"
|
|
|
|
|
read_only = false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
config {
|
2022-11-15 23:54:00 +00:00
|
|
|
image = "nitnelave/lldap:v0.4"
|
2022-07-27 22:57:28 +00:00
|
|
|
ports = ["ldap", "web"]
|
|
|
|
|
args = ["run", "--config-file", "/lldap_config.toml"]
|
|
|
|
|
|
|
|
|
|
mount {
|
|
|
|
|
type = "bind"
|
|
|
|
|
source = "secrets/lldap_config.toml"
|
|
|
|
|
target = "/lldap_config.toml"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-16 00:54:37 +00:00
|
|
|
env = {
|
|
|
|
|
"LLDAP_LDAP_PORT" = "${NOMAD_PORT_ldap}"
|
|
|
|
|
"LLDAP_HTTP_PORT" = "${NOMAD_PORT_web}"
|
|
|
|
|
}
|
2022-07-27 22:57:28 +00:00
|
|
|
|
|
|
|
|
template {
|
|
|
|
|
data = <<EOH
|
|
|
|
|
database_url = "sqlite:///data/users.db?mode=rwc"
|
|
|
|
|
key_file = "/data/private_key"
|
2022-11-21 00:24:00 +00:00
|
|
|
ldap_base_dn = "{{ with nomadVar "nomad/jobs" }}{{ .base_dn }}{{ end }}"
|
|
|
|
|
{{ with nomadVar "nomad/jobs/lldap" }}
|
|
|
|
|
jwt_secret = "{{ .jwt_secret }}"
|
|
|
|
|
ldap_user_dn = "{{ .admin_user }}"
|
|
|
|
|
ldap_user_email = "{{ .admin_email }}"
|
|
|
|
|
ldap_user_pass = "{{ .admin_password }}"
|
2022-07-27 22:57:28 +00:00
|
|
|
{{ end -}}
|
2022-11-21 00:24:00 +00:00
|
|
|
{{ with nomadVar "nomad/jobs" -}}
|
2022-07-27 22:57:28 +00:00
|
|
|
[smtp_options]
|
|
|
|
|
enable_password_reset = true
|
2022-11-21 00:24:00 +00:00
|
|
|
server = "{{ .smtp_server }}"
|
|
|
|
|
port = {{ .smtp_port }}
|
|
|
|
|
tls_required = {{ .smtp_tls }}
|
|
|
|
|
user = "{{ .smtp_user }}"
|
|
|
|
|
password = "{{ .smtp_password }}"
|
2022-07-27 22:57:28 +00:00
|
|
|
{{ end -}}
|
2022-11-21 00:24:00 +00:00
|
|
|
{{ with nomadVar "nomad/jobs/lldap" -}}
|
|
|
|
|
from = "{{ .smtp_from }}"
|
|
|
|
|
reply_to = "{{ .smtp_reply_to }}"
|
2022-07-27 22:57:28 +00:00
|
|
|
{{ end -}}
|
|
|
|
|
EOH
|
|
|
|
|
destination = "secrets/lldap_config.toml"
|
|
|
|
|
change_mode = "restart"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resources {
|
|
|
|
|
cpu = 10
|
2022-11-15 23:54:32 +00:00
|
|
|
memory = 200
|
|
|
|
|
memory_max = 200
|
2022-07-27 22:57:28 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
