homelab/compose/core/lldap/compose.yaml

services:
  lldap:
    image: lldap/lldap:latest
    container_name: lldap
    restart: unless-stopped
    ports:
      - "3890:3890"     # LDAP port
      - "17170:17170"   # Web UI port
    env_file:
      - .env
    depends_on:
      - lldap-db
    networks:
      - homelab
      - lldap_internal
    labels:
      traefik.enable: true
      traefik.docker.network: homelab
      traefik.http.routers.lldap.rule: Host(`lldap.fig.systems`)
      traefik.http.routers.lldap.entrypoints: websecure
      traefik.http.routers.lldap.tls.certresolver: letsencrypt
      traefik.http.services.lldap.loadbalancer.server.port: 17170

  lldap-db:
    image: postgres:16-alpine
    container_name: lldap-db
    restart: unless-stopped
    environment:
      POSTGRES_DB: lldap
      POSTGRES_USER: lldap
      POSTGRES_PASSWORD: lldap_db_password_change_me
    volumes:
      - lldap_db:/var/lib/postgresql/data
    networks:
      - lldap_internal

networks:
  homelab:
    external: true
  lldap_internal:
    driver: bridge

volumes:
  lldap_db: