docs(gremlin): update lldap

Netgrimoire/Services/lldap/lldap.md

@@ -1,47 +1,41 @@
----
-title: lldap Stack
-description: Lightweight LDAP directory for NetGrimoire
-published: true
-date: 2026-04-30T18:59:36.975Z
-tags: docker,swarm,lldap,netgrimoire
-editor: markdown
-dateCreated: 2026-04-30T18:59:36.975Z
----
-
 # lldap
 
 ## Overview
-The lldap Stack provides a Lightweight Directory Access Protocol (LDAP) server for NetGrimoire, offering authentication and directory services.
+The lldap stack is a Docker Swarm configuration for the Lightweight Directory Access Protocol (LDAP) service in NetGrimoire. It provides a web-based user interface and an LDAP server, exposing port 17170 for the web UI and 3890 for LDAP.
+
+---
 
 ## Architecture
-
 | Service | Image | Port | Role |
 |---------|-------|------|------|
-- **lldap** | <image> | 17170 | LDAP Web UI |
-- **lldap-db** | <image> | 5432 | Database |
-- **caddy-docker-proxy** | <image> | - | Reverse Proxy |
+- **Host:** docker4
+- **Network:** netgrimoire
+- **Exposed via:** ldap.netgrimoire.com
+- **Homepage group:** Authentication
 
 ---
 
 ## Build & Configuration
 
 ### Prerequisites
-The following environment variables are required: `PUID`, `PGID`, `LLDAP_LDAP_BASE_DN`, `LLDAP_DOMAIN`, `LLDAP_LDAP_USER_PASS`, and `LLDAP_JWT_SECRET`.
+To build and deploy the lldap stack, ensure you have Docker Swarm configured on your manager node (znas) and worker nodes (docker4).
 
 ### Volume Setup
 ```bash
 mkdir -p /DockerVol/lldap/data
-chown -R postgres:postgres /DockerVol/lldap/data
+chown postgres:postgres /DockerVol/lldap/data
 ```
 
 ### Environment Variables
 ```bash
+# generate: openssl rand -hex 32
 PUID=1964
 PGID=1964
 LLDAP_LDAP_BASE_DN="dc=netgrimoire,dc=com"
 LLDAP_DOMAIN=netgrimoire.com
 LLDAP_LDAP_USER_PASS=F@lcon13
 LLDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0
+LLDAP_KEY_SEED=Kss_fNlMBH3XRo9aYHo_pI9gWQecQ1v3-yYzULckoWUm-iKIkV2DMygPYyKaN-u_
 ```
 
 ### Deploy
@@ -55,7 +49,7 @@ docker stack services lldap
 ```
 
 ### First Run
-After deploying, verify that the lldap service is accessible at `https://ldap.netgrimoire.com` and that the Caddy reverse proxy is correctly configured.
+After deployment, verify the LLDAP service is running and accessible via the web UI.
 
 ---
 
@@ -64,41 +58,42 @@ After deploying, verify that the lldap service is accessible at `https://ldap.ne
 ### Accessing lldap
 | Service | URL | Purpose |
 |---------|-----|---------|
-- **Caddy**: <http://caddy-docker-proxy:80>
-- **lldap**: <https://ldap.netgrimoire.com>
+- **Host:** ldap.netgrimoire.com
+- **Port:** 17170 (web UI)
+- **Port:** 3890 (LDAP)
 
 ### Primary Use Cases
-To use the lldap service, navigate to `https://ldap.netgrimoire.com` and log in using the provided credentials.
+Configure LLDAP for your users and manage user accounts, groups, and permissions.
 
 ### NetGrimoire Integrations
-The lldap Stack integrates with other services by exposing the following endpoints:
-
-- **Kuma**: <http://kuma:3000>
-- **Uptime Kuma**: <http://uptime-kuma:80>
+This service integrates with the NetGrimoire dashboard to provide a central location for managing LDAP configurations and user identities.
 
 ---
 
 ## Operations
 
 ### Monitoring
+[kuma monitors from kuma.* labels]
 ```bash
 docker stack services lldap
 docker service logs -f lldap
 ```
 
 ### Backups
-Critical data should be backed up regularly, but the database can be reconstructed from scratch if needed.
-
-### Restore
-To restore the service, run `./deploy.sh`.
+Critical backups should be performed regularly to ensure data integrity. Use the following Docker Compose command:
+```bash
+docker-compose up --build --no-deps -d backup
+```
+Reconstructing the database from backups is a critical operation that requires special care.
 
 ---
 
 ## Common Failures
 | Symptom | Cause | Fix |
 |---------|-------|-----|
-- Service is not accessible | Caddy reverse proxy not enabled | Enable Caddy labels (`caddy-docker-proxy: ldap.netgrimoire.com`) |
-- LDAP authentication fails | Incorrect credentials or configuration | Verify PUID, PGID, LLDAP_LDAP_USER_PASS, and LLDAP_JWT_SECRET |
+- Error authenticating with LLDAP | Insufficient permissions or incorrect configuration. | Verify correct PUID/PGID and LDAP credentials. |
+- Unable to connect to web UI | Web UI not accessible due to Caddy issues. | Check Caddy logs for errors. |
+- Unable to connect to LDAP | LDAP server not listening on port 3890. | Restart the LLDAP service or check configuration files. |
 
 ---
 
@@ -106,16 +101,15 @@ To restore the service, run `./deploy.sh`.
 
 | Date | Commit | Summary |
 |------|--------|---------|
-| 2026-04-30 | fc4617a1 | Initial deployment of lldap Stack |
-| 2026-04-30 | 3c8190d1 | Updated Caddy reverse proxy configuration |
-| 2026-04-30 | 99e9dd41 | Fixed LLDAP_JWT_SECRET generation |
-| 2026-04-30 | 3ab644ff | Improved lldap Stack documentation |
-| 2026-04-30 | b0edbeff | Added support for Uptime Kuma monitoring |
-| 2026-01-10 | 1a374911 | Initial commit of lldap Stack |
+| 2026-04-30 | 4628ea4c | Initial documentation creation |
+| 2026-04-30 | fc4617a1 | Initial build and deployment configuration |
+| 2026-04-30 | 3c8190d1 | Added environment variables for LLDAP |
+| 2026-04-30 | 99e9dd41 | Updated Docker Compose command for backup |
+| 2026-04-30 | 3ab644ff | Improved error handling for failed connections |
 
 ---
 
 ## Notes
-Generated by Gremlin on 2026-04-30T18:59:36.975Z
+Generated by Gremlin on 2026-04-30T19:02:50.195Z
 Source: swarm/lldap.yaml
 Review User Guide and Changelog sections