kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-08 19:27:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
445c94788e8dea0abd9d065717d0cc02eb3733e4
computer-playbook/roles/svc-db-openldap
History
Kevin Veen-Birkenbach 4f8ce598a9 Mastodon: allow internal chess host & refactor var names; OpenLDAP: safer get_app_conf 
- Add ALLOWED_PRIVATE_ADDRESSES to .env (from svc-db-postgres) to handle 422 Mastodon::PrivateNetworkAddressError
- Switch docker-compose to MASTODON_* variables and align vars/main.yml
- Always run 01_setup.yml during deployment (removed conditional flag)
- OpenLDAP: remove implicit True default on network.local to avoid unintended truthy behavior

Context: chess.infinito.nexus resolved to 192.168.200.30 (private IP) from Mastodon; targeted allowlist unblocks federation lookups.

Ref: https://chat.openai.com/share/REPLACE_WITH_THIS_CONVERSATION_LINK
2025-09-03 21:44:47 +02:00
..
config
Changed lam to web-app-lam
2025-07-20 09:59:31 +02:00
docs
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
filter_plugins
Implement filter checks: ensure all defined filters are used and remove dead code
2025-09-01 11:47:51 +02:00
meta
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
schema
Renamed the mariadb, openldap and postgres database
2025-07-12 16:06:13 +02:00
tasks
Mastodon: allow internal chess host & refactor var names; OpenLDAP: safer get_app_conf
2025-09-03 21:44:47 +02:00
templates
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
users
Renamed the mariadb, openldap and postgres database
2025-07-12 16:06:13 +02:00
vars
Mastodon: allow internal chess host & refactor var names; OpenLDAP: safer get_app_conf
2025-09-03 21:44:47 +02:00
__init__.py
Renamed the mariadb, openldap and postgres database
2025-07-12 16:06:13 +02:00
README.md
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
TODO.md
Renamed the mariadb, openldap and postgres database
2025-07-12 16:06:13 +02:00

README.md

LDAP

Description

Unleash the potential of centralized identity management with OpenLDAP. This powerful directory service provides a robust platform for managing users, groups, and organizational units while ensuring secure, scalable, and efficient authentication and authorization.

Overview

Deploy OpenLDAP in a Docker environment with support for TLS-secured communication via an NGINX stream proxy. OpenLDAP offers advanced directory management capabilities, including flexible schema definitions, dynamic configuration overlays, and comprehensive query support with LDAP search utilities.

For further setup instructions and advanced configuration details, please refer to the following resources available in this directory:

Features

  • Centralized Identity Management: Maintain a unified repository for all users and groups with robust organizational structures.
  • Flexible Schema Support: Customize and extend directory schemas to meet diverse organizational requirements.
  • Secure Communications: Enable TLS encryption for data in transit when accessed through an NGINX reverse proxy.
  • Dynamic Configuration: Leverage runtime configuration overlays to adjust directory settings without downtime.
  • Comprehensive Query Capabilities: Utilize LDAP search tools to efficiently query and manage directory data.
  • High Performance and Scalability: Designed to handle large-scale deployments with rapid lookup and authentication response times.

Further Resources

Credits

Developed and maintained by Kevin Veen-Birkenbach.
Learn more at veen.world.

Part of the Infinito.Nexus Project
Licensed under Infinito.Nexus NonCommercial License.