docs(gremlin): update lldap

Netgrimoire/Services/lldap/lldap.md

@@ -1,49 +1,47 @@
 ---
 title: lldap Stack
-description: Lightweight LDAP directory
+description: Lightweight LDAP directory for NetGrimoire
 published: true
-date: 2026-04-30T18:55:01.847Z
+date: 2026-04-30T18:59:36.975Z
 tags: docker,swarm,lldap,netgrimoire
 editor: markdown
-dateCreated: 2026-04-30T18:55:01.847Z
+dateCreated: 2026-04-30T18:59:36.975Z
 ---
 
 # lldap
 
 ## Overview
-The lldap Stack provides a lightweight directory service for authentication and user management in NetGrimoire.
+The lldap Stack provides a Lightweight Directory Access Protocol (LDAP) server for NetGrimoire, offering authentication and directory services.
-
----
 
 ## Architecture
+
 | Service | Image | Port | Role |
 |---------|-------|------|------|
-| lldap-db | postgres:16 | 5432 | database |
+- **lldap** | <image> | 17170 | LDAP Web UI |
-| lldap | lldap/lldap:stable | 17170, 3890 | LDAP server |
+- **lldap-db** | <image> | 5432 | Database |
-
+- **caddy-docker-proxy** | <image> | - | Reverse Proxy |
-- **Host:** docker4
-- **Network:** netgrimoire
-- **Exposed via:** ldap.netgrimoire.com, internal only
-- **Homepage group:** Authentication
 
 ---
 
 ## Build & Configuration
 
 ### Prerequisites
-None specified.
+The following environment variables are required: `PUID`, `PGID`, `LLDAP_LDAP_BASE_DN`, `LLDAP_DOMAIN`, `LLDAP_LDAP_USER_PASS`, and `LLDAP_JWT_SECRET`.
 
 ### Volume Setup
 ```bash
 mkdir -p /DockerVol/lldap/data
-chown -R 1964:1964 /DockerVol/lldap/data
+chown -R postgres:postgres /DockerVol/lldap/data
 ```
 
 ### Environment Variables
 ```bash
-# generate: openssl rand -hex 32
+PUID=1964
-LDAP_LDAP_USER_PASS=F@lcon13
+PGID=1964
-LDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0
+LLDAP_LDAP_BASE_DN="dc=netgrimoire,dc=com"
+LLDAP_DOMAIN=netgrimoire.com
+LLDAP_LDAP_USER_PASS=F@lcon13
+LLDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0
 ```
 
 ### Deploy
@@ -57,7 +55,7 @@ docker stack services lldap
 ```
 
 ### First Run
-After deployment, ensure the LDAP server is reachable at ldap.netgrimoire.com.
+After deploying, verify that the lldap service is accessible at `https://ldap.netgrimoire.com` and that the Caddy reverse proxy is correctly configured.
 
 ---
 
@@ -66,39 +64,41 @@ After deployment, ensure the LDAP server is reachable at ldap.netgrimoire.com.
 ### Accessing lldap
 | Service | URL | Purpose |
 |---------|-----|---------|
-- **lldap** | http://lldap:17170 | LDAP server |
+- **Caddy**: <http://caddy-docker-proxy:80>
-- **lldap-db** | postgres://lldap:F@lcon13@lldap-db:5432/lldap | Database |
+- **lldap**: <https://ldap.netgrimoire.com>
 
 ### Primary Use Cases
-Use the lldap Stack to authenticate users and manage group membership in NetGrimoire.
+To use the lldap service, navigate to `https://ldap.netgrimoire.com` and log in using the provided credentials.
 
 ### NetGrimoire Integrations
-This service connects to NetGrimoire's homepage, monitor services (via Kuma), Caddy reverse proxy, and Diun for authentication.
+The lldap Stack integrates with other services by exposing the following endpoints:
+
+- **Kuma**: <http://kuma:3000>
+- **Uptime Kuma**: <http://uptime-kuma:80>
 
 ---
 
 ## Operations
 
 ### Monitoring
-<kuma monitors from kuma.lldap.http.name=LLDAP>
 ```bash
 docker stack services lldap
 docker service logs -f lldap
 ```
 
 ### Backups
-Critical data is stored in /DockerVol/lldap/data. Regular backups can be scheduled to ensure recoverability.
+Critical data should be backed up regularly, but the database can be reconstructed from scratch if needed.
 
 ### Restore
-Restore by redeploying the stack with the latest resolved.yml.
+To restore the service, run `./deploy.sh`.
 
 ---
 
 ## Common Failures
 | Symptom | Cause | Fix |
 |---------|-------|-----|
-| LDAP server unavailable | Insufficient resources, network issues | Check node resources and network connectivity. |
+- Service is not accessible | Caddy reverse proxy not enabled | Enable Caddy labels (`caddy-docker-proxy: ldap.netgrimoire.com`) |
-| Authentication failures | Incorrect credentials | Verify user credentials are correct. |
+- LDAP authentication fails | Incorrect credentials or configuration | Verify PUID, PGID, LLDAP_LDAP_USER_PASS, and LLDAP_JWT_SECRET |
 
 ---
 
@@ -106,17 +106,16 @@ Restore by redeploying the stack with the latest resolved.yml.
 
 | Date | Commit | Summary |
 |------|--------|---------|
-| 2026-04-30 | 3c8190d1 | Initial documentation |
+| 2026-04-30 | fc4617a1 | Initial deployment of lldap Stack |
-| 2026-04-30 | 99e9dd41 | Improved service labels and descriptions |
+| 2026-04-30 | 3c8190d1 | Updated Caddy reverse proxy configuration |
-| 2026-04-30 | 3ab644ff | Enhanced user guide and operations section |
+| 2026-04-30 | 99e9dd41 | Fixed LLDAP_JWT_SECRET generation |
-| 2026-04-30 | b0edbeff | Added Caddy reverse proxy configuration details |
+| 2026-04-30 | 3ab644ff | Improved lldap Stack documentation |
-| 2026-01-10 | 1a374911 | Initial stack setup documentation |
+| 2026-04-30 | b0edbeff | Added support for Uptime Kuma monitoring |
-
+| 2026-01-10 | 1a374911 | Initial commit of lldap Stack |
-<The lldap Stack's evolution began with the initial migration to a Docker Swarm configuration. Recent changes have focused on improving user guides, operations sections, and adding more detailed Caddy reverse proxy configurations. Review these updates for best practices in NetGrimoire service management.>
 
 ---
 
 ## Notes
-- Generated by Gremlin on 2026-04-30T18:55:01.847Z
+Generated by Gremlin on 2026-04-30T18:59:36.975Z
-- Source: swarm/lldap.yaml
+Source: swarm/lldap.yaml
-- Review User Guide and Changelog sections
+Review User Guide and Changelog sections