From 9f5138f8e765f68d89c6ab163ed4059742294163 Mon Sep 17 00:00:00 2001
From: Damien De Paoli <ddp@depaoli.id.au>
Date: Sat, 17 Feb 2024 21:49:56 +1100
Subject: [PATCH] remove tls / cert config for openldap, we dont use it

---
 docker-compose.yml | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index fc5521b..e06d95e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -297,7 +297,7 @@ services:
       - POSTFIX_MESSAGE_SIZE_LIMIT=100000000
       - SSL_TYPE=letsencrypt
     env_file:
-        - /srv/docker/config/secrets/ldap-mail-common
+      - /srv/docker/config/secrets/ldap-mail-common
     cap_add:
       - NET_ADMIN
 
@@ -316,16 +316,6 @@ services:
       LDAP_CUSTOM_SCHEMA_FILE: "/schema/postfix-book.ldif"
       LDAP_CUSTOM_LDIF_DIR: "/ldifs"
       LDAP_LOGLEVEL: "256"
-      # below not validated
-      LDAP_ENABLE_TLS: "yes"
-      LDAP_TLS_CERT_FILE: "/opt/bitnami/openldap/certs/cert.pem"
-      LDAP_TLS_KEY_FILE: "/opt/bitnami/openldap/certs/privkey.pem"
-      LDAP_TLS_CA_FILE: "/opt/bitnami/openldap/certs/fullchain.pem"
-      LDAP_TLS_DH_PARAMS_FILE: "/opt/bitnami/openldap/certs/dhparam.pem"
-      # these options were from osixia's container, doesn't seem to be an equiv in bitnami, not critical for now as no SASL anyway
-#      LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC"
-#      LDAP_TLS_PROTOCOL_MIN: "3.1"
-#      LDAP_TLS_VERIFY_CLIENT: "try"
     env_file:
         - /srv/docker/config/secrets/ldap-mail-common
     tty: true
@@ -334,7 +324,6 @@ services:
       - pihole
     volumes:
       - /srv/docker/container/ldap/:/bitnami/openldap/
-      - /srv/docker/container/ldap/certs:/opt/bitnami/openldap/certs/
       - /srv/docker/container/ldap/bootstrap-schema:/schema
       - /srv/docker/container/ldap/bootstrap-ldifs:/ldifs
       - /etc/localtime:/etc/localtime:ro