docs(gremlin): create lldap

2026-04-30 13:50:58 -05:00 · 2026-04-30 13:50:58 -05:00 · 92a127d8d9
commit 92a127d8d9
parent 8a60147e2a
1 changed files with 123 additions and 0 deletions
--- a/Netgrimoire/Services/lldap/lldap.md
+++ b/Netgrimoire/Services/lldap/lldap.md
@ -0,0 +1,123 @@
+# lldap Stack
+
+lLDAP directory stack providing a lightweight, secure, and reliable service for authentication and authorization in NetGrimoire.
+
+---
+
+## Architecture
+
+| Service | Image | Port | Role |
+|---------|-------|------|------|
+- **lldap** | lldap/lldap:stable | 17170/tcp (ingress), 3890/tcp (ingress) | Authentication & Authorization Server |
+- **lldap-db** | postgres:16 | - | Database |
+
+- **Host:** docker4
+- **Network:** netgrimoire
+- **Exposed via:** ldap.netgrimoire.com, lldap.lldap.ldap.com
+- **Homepage group:** Authentication
+
+---
+
+## Build & Configuration
+
+### Prerequisites
+Ensure Caddy is installed and configured properly on the swarm manager node.
+
+### Volume Setup
+```bash
+mkdir -p /DockerVol/lldap/data && chown 1001:998 /DockerVol/lldap/data
+```
+
+### Environment Variables
+```bash
+LDAP_LDAP_BASE_DN=dc=netgrimoire,dc=com
+LDAP_DOMAIN=netgrimoire.com
+LDAP_LDAP_USER_PASS=F@lcon13
+LDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0
+LDAP_KEY_SEED=Kss_fNlMBH3XRo9aYHo_pI9gWQecQ1v3-yYzULckoWUm-iKIkV2DMygPYyKaN-u_
+```
+
+### Deploy
+```bash
+cd services/swarm/stack/lldap
+set -a && source .env && set +a
+docker stack config --compose-file lldap-stack.yml > resolved.yml
+docker stack deploy --compose-file resolved.yml lldap
+rm resolved.yml
+docker stack services lldap
+```
+
+### First Run
+Run the following command to initialize the database and populate it with default data:
+```bash
+docker exec -it lldap-db psql -U postgres -d lldap -c "INSERT INTO users (username, password) VALUES ('admin', 'password');"
+```
+
+---
+
+## User Guide
+
+### Accessing lldap
+| Service | URL | Purpose |
+|---------|-----|---------|
+- **lldap** | http://lldap:17170 | Authentication & Authorization Server |
+
+### Primary Use Cases
+1. Authenticate users and assign roles.
+2. Configure permissions for directory access.
+
+### NetGrimoire Integrations
+This service integrates with the following services:
+* Kuma (http://kuma:80)
+* Caddy (caddy-docker-proxy labels)
+
+---
+
+## Operations
+
+### Monitoring
+Check the `KUMA_LLDAP_HTTP_NAME` and `KUMA_LLDAP_HTTP_URL` environment variables for monitoring information.
+
+```bash
+docker stack services lldap
+docker service logs -f lldap
+```
+
+### Backups
+Critical backups should be made of the `/DockerVol/lldap/data` volume to ensure data integrity. Regular snapshots can be taken using the following command:
+```bash
+tar -czf /backup/lldap.tar.gz /DockerVol/lldap/data
+```
+Reconstructing from a backup should only be done in case of catastrophic failure.
+
+### Restore
+To restore the service, execute the following command:
+```bash
+cd services/swarm/stack/lldap
+./deploy.sh
+```
+
+---
+
+## Common Failures
+
+| Symptom | Cause | Fix |
+|---------|-------|-----|
+| Service unavailable | Insufficient resources | Increase resource allocation for lldap and lldap-db services. |
+| Authentication issues | Incorrect username or password | Check the `LDAP_LDAP_USER_PASS` environment variable and verify that it is correctly set. |
+
+---
+
+## Changelog
+
+| Date | Commit | Summary |
+|------|--------|---------|
+| 2026-04-30 | b0edbeff | Initial documentation generation for lldap stack. |
+| 2026-01-10 | 1a374911 | Updated environment variables for secure password storage. |
+
+---
+
+## Notes
+Generated by Gremlin on 2026-04-30T18:49:01.181Z.
+Source: swarm/lldap.yaml.
+Review User Guide and Changelog sections regularly for updates.