--- - name: create ldap volume folders ansible.builtin.file: name: '{{ services.openldap.volume_folder }}/{{ volume }}' state: directory loop: - var/lib/ldap - etc/slapd - certs loop_control: loop_var: volume - name: Create a network for ldap community.docker.docker_network: name: ldap - name: openLDAP container community.docker.docker_container: name: openldap image: osixia/openldap:{{ services.openldap.version }} tty: true interactive: true restart_policy: unless-stopped volumes: - '{{ services.openldap.volume_folder }}/var/lib/ldap:/var/lib/ldap' - '{{ services.openldap.volume_folder }}/etc/slapd.d:/etc/ldap/slapd.d' - '{{ services.openldap.volume_folder }}/certs:/container/service/slapd/assets/certs/' published_ports: - 389:389 - 636:636 hostname: '{{ services.openldap.domain }}' domainname: '{{ services.openldap.domain }}' # important: same as hostname networks: - name: ldap env: LDAP_LOG_LEVEL: '256' LDAP_ORGANISATION: '{{ base_domain }}' LDAP_DOMAIN: '{{ base_domain }}' LDAP_BASE_DN: '' LDAP_ADMIN_PASSWORD: '{{ ldap_admin_password }}' LDAP_CONFIG_PASSWORD: '{{ ldap_config_password }}' LDAP_READONLY_USER: 'false' LDAP_RFC2307BIS_SCHEMA: 'false' LDAP_BACKEND: mdb LDAP_TLS: 'true' LDAP_TLS_CRT_FILENAME: ldap.crt LDAP_TLS_KEY_FILENAME: ldap.key LDAP_TLS_CA_CRT_FILENAME: ca.crt LDAP_TLS_ENFORCE: 'false' LDAP_TLS_CIPHER_SUITE: SECURE256:-VERS-SSL3.0 LDAP_TLS_PROTOCOL_MIN: '3.1' LDAP_TLS_VERIFY_CLIENT: demand LDAP_REPLICATION: 'false' KEEP_EXISTING_CONFIG: 'false' LDAP_REMOVE_CONFIG_AFTER_SETUP: 'true' LDAP_SSL_HELPER_PREFIX: ldap - name: phpLDAPadmin container community.docker.docker_container: name: phpldapadmin image: osixia/phpldapadmin:{{ services.phpldapadmin.version }} restart_policy: unless-stopped networks: - name: external_services - name: ldap env: PHPLDAPADMIN_LDAP_HOSTS: openldap PHPLDAPADMIN_HTTPS: 'false' PHPLDAPADMIN_TRUST_PROXY_SSL: 'true' VIRTUAL_HOST: '{{ services.openldap.domain }}' LETSENCRYPT_HOST: '{{ services.openldap.domain }}' LETSENCRYPT_EMAIL: '{{ letsencrypt_email }}'