diff --git a/docker-compose.yml b/docker-compose.yml index cb58432..d0f2519 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -257,6 +257,57 @@ services: - NET_ADMIN - SYS_PTRACE + openldapnew: + image: bitnami/openldap:latest + container_name: openldapnew +# command: "--loglevel debug" + restart: always + labels: + - "com.centurylinklabs.watchtower.enable=true" + environment: + LDAP_LOG_LEVEL: "-1" + LDAP_ORGANISATION: "Depaoli home ldap" + LDAP_DOMAIN: "depaoli.id.au" + LDAP_BASE_DN: "" + LDAP_ROOT: "dc=depaoli,dc=id,dc=au" + LDAP_ADMIN_USERNAME: "admin" + LDAP_ADMIN_PASSWORD: "a_real_admin_pass_word_for_2o20" + LDAP_CONFIG_ADMIN_ENABLED: "yes" + LDAP_CONFIG_USERNAME: "admin" + LDAP_CONFIG_PASSWORD: "in_2021_yet_another_real_pwd_for_adm" + LDAP_READONLY_USER: "false" + LDAP_RFC2307BIS_SCHEMA: "false" + LDAP_BACKEND: "mdb" + LDAP_TLS: "true" + LDAP_TLS_CRT_FILENAME: "cert.pem" + LDAP_TLS_KEY_FILENAME: "privkey.pem" + LDAP_TLS_DH_PARAM_FILENAME: "dhparam.pem" + LDAP_TLS_CA_CRT_FILENAME: "fullchain.pem" + LDAP_TLS_ENFORCE: "false" + LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC" + LDAP_TLS_PROTOCOL_MIN: "3.1" + LDAP_TLS_VERIFY_CLIENT: "try" + LDAP_REPLICATION: "false" + KEEP_EXISTING_CONFIG: "false" + LDAP_REMOVE_CONFIG_AFTER_SETUP: "true" + LDAP_SSL_HELPER_PREFIX: "ldap" +# get an ldap.depaoli.id.au cert, and put it into /srv/docker/container/ldap/certs +# hostname: "ldap" +# domainname: "depaoli.id.au" + tty: true + stdin_open: true + depends_on: + - pihole + volumes: + - /srv/docker/container/ldap2/var/lib/ldap:/var/lib/ldap + - /srv/docker/container/ldap2/etc/ldap/slapd.d:/etc/ldap/slapd.d + - /srv/docker/container/ldap2/certs/:/container/service/slapd/assets/certs + - /srv/docker/container/ldap2/ldifs/:/ldifs/ + - /etc/localtime:/etc/localtime:ro + ports: + - "1389:1389" + - "1636:1636" + openldap: image: osixia/openldap:latest container_name: openldap @@ -279,7 +330,6 @@ services: LDAP_TLS_KEY_FILENAME: "privkey.pem" LDAP_TLS_DH_PARAM_FILENAME: "dhparam.pem" LDAP_TLS_CA_CRT_FILENAME: "fullchain.pem" - LDAP_TLS_ENFORCE: "false" LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC" LDAP_TLS_PROTOCOL_MIN: "3.1" @@ -422,7 +472,7 @@ services: - "com.centurylinklabs.watchtower.enable=false" mass: - image: ghcr.io/music-assistant/server + image: ghcr.io/music-assistant/server:latest container_name: mass restart: always network_mode: host @@ -557,7 +607,9 @@ services: restart: always cadvisor: - image: gcr.io/cadvisor/cadvisor:latest +# image: gcr.io/cadvisor/cadvisor:v0.38.6 + image: gcr.io/cadvisor/cadvisor:v0.47.2 +# image: gcr.io/cadvisor/cadvisor:latest container_name: cadvisor privileged: true command: @@ -646,6 +698,8 @@ services: PGPASSWORD: NWNlfa01 depends_on: - pihole + labels: + - "com.centurylinklabs.watchtower.enable=true" ports: - '55432:5432' volumes: @@ -664,6 +718,8 @@ services: PGPASSWORD: NWNlfa01 depends_on: - pihole + labels: + - "com.centurylinklabs.watchtower.enable=true" volumes: - /srv/docker/container/bookdb/data:/var/lib/postgresql/data - /srv/docker/container/bookdb/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d @@ -808,7 +864,7 @@ services: # auto-update docker images watchtower: container_name: watchtower - image: containrrr/watchtower:latest + image: containrrr/watchtower:latest-dev command: --schedule "0 0 3 * * *" --debug --stop-timeout 60s --label-enable --cleanup restart: always depends_on: @@ -864,7 +920,7 @@ services: - "traefik.http.routers.wiki.entrypoints=secureweb" wetty: - image: wettyoss/wetty + image: wettyoss/wetty:latest container_name: wetty restart: always command: