traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs(gremlin): update lldap

Browse source
This commit is contained in:
traveler 2026-04-30 14:01:37 -05:00
parent a01554ed71
commit ac460eab38
1 changed files with 37 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

75
Netgrimoire/Services/lldap/lldap.md
View file

@ -1,49 +1,47 @@
---
title: lldap Stack
description: Lightweight LDAP directory
description: Lightweight LDAP directory for NetGrimoire
published: true
date: 2026-04-30T18:55:01.847Z
date: 2026-04-30T18:59:36.975Z
tags: docker,swarm,lldap,netgrimoire
editor: markdown
dateCreated: 2026-04-30T18:55:01.847Z
dateCreated: 2026-04-30T18:59:36.975Z
---
# lldap
## Overview
The lldap Stack provides a lightweight directory service for authentication and user management in NetGrimoire.
---
The lldap Stack provides a Lightweight Directory Access Protocol (LDAP) server for NetGrimoire, offering authentication and directory services.
## Architecture
| Service | Image | Port | Role |
|---------|-------|------|------|
| lldap-db | postgres:16 | 5432 | database |
| lldap | lldap/lldap:stable | 17170, 3890 | LDAP server |
- **Host:** docker4
- **Network:** netgrimoire
- **Exposed via:** ldap.netgrimoire.com, internal only
- **Homepage group:** Authentication
- **lldap** | <image> | 17170 | LDAP Web UI |
- **lldap-db** | <image> | 5432 | Database |
- **caddy-docker-proxy** | <image> | - | Reverse Proxy |
---
## Build & Configuration
### Prerequisites
None specified.
The following environment variables are required: `PUID`, `PGID`, `LLDAP_LDAP_BASE_DN`, `LLDAP_DOMAIN`, `LLDAP_LDAP_USER_PASS`, and `LLDAP_JWT_SECRET`.
### Volume Setup
```bash
mkdir -p /DockerVol/lldap/data
chown -R 1964:1964 /DockerVol/lldap/data
chown -R postgres:postgres /DockerVol/lldap/data
```
### Environment Variables
```bash
# generate: openssl rand -hex 32
LDAP_LDAP_USER_PASS=F@lcon13
LDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0
PUID=1964
PGID=1964
LLDAP_LDAP_BASE_DN="dc=netgrimoire,dc=com"
LLDAP_DOMAIN=netgrimoire.com
LLDAP_LDAP_USER_PASS=F@lcon13
LLDAP_JWT_SECRET=lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0
```
### Deploy
@ -57,7 +55,7 @@ docker stack services lldap
```
### First Run
After deployment, ensure the LDAP server is reachable at ldap.netgrimoire.com.
After deploying, verify that the lldap service is accessible at `https://ldap.netgrimoire.com` and that the Caddy reverse proxy is correctly configured.
---
@ -66,39 +64,41 @@ After deployment, ensure the LDAP server is reachable at ldap.netgrimoire.com.
### Accessing lldap
| Service | URL | Purpose |
|---------|-----|---------|
- **lldap** | http://lldap:17170 | LDAP server |
- **lldap-db** | postgres://lldap:F@lcon13@lldap-db:5432/lldap | Database |
- **Caddy**: <http://caddy-docker-proxy:80>
- **lldap**: <https://ldap.netgrimoire.com>
### Primary Use Cases
Use the lldap Stack to authenticate users and manage group membership in NetGrimoire.
To use the lldap service, navigate to `https://ldap.netgrimoire.com` and log in using the provided credentials.
### NetGrimoire Integrations
This service connects to NetGrimoire's homepage, monitor services (via Kuma), Caddy reverse proxy, and Diun for authentication.
The lldap Stack integrates with other services by exposing the following endpoints:
- **Kuma**: <http://kuma:3000>
- **Uptime Kuma**: <http://uptime-kuma:80>
---
## Operations
### Monitoring
<kuma monitors from kuma.lldap.http.name=LLDAP>
```bash
docker stack services lldap
docker service logs -f lldap
```
### Backups
Critical data is stored in /DockerVol/lldap/data. Regular backups can be scheduled to ensure recoverability.
Critical data should be backed up regularly, but the database can be reconstructed from scratch if needed.
### Restore
Restore by redeploying the stack with the latest resolved.yml.
To restore the service, run `./deploy.sh`.
---
## Common Failures
| Symptom | Cause | Fix |
|---------|-------|-----|
| LDAP server unavailable | Insufficient resources, network issues | Check node resources and network connectivity. |
| Authentication failures | Incorrect credentials | Verify user credentials are correct. |
- Service is not accessible | Caddy reverse proxy not enabled | Enable Caddy labels (`caddy-docker-proxy: ldap.netgrimoire.com`) |
- LDAP authentication fails | Incorrect credentials or configuration | Verify PUID, PGID, LLDAP_LDAP_USER_PASS, and LLDAP_JWT_SECRET |
---
@ -106,17 +106,16 @@ Restore by redeploying the stack with the latest resolved.yml.
| Date | Commit | Summary |
|------|--------|---------|
| 2026-04-30 | 3c8190d1 | Initial documentation |
| 2026-04-30 | 99e9dd41 | Improved service labels and descriptions |
| 2026-04-30 | 3ab644ff | Enhanced user guide and operations section |
| 2026-04-30 | b0edbeff | Added Caddy reverse proxy configuration details |
| 2026-01-10 | 1a374911 | Initial stack setup documentation |
<The lldap Stack's evolution began with the initial migration to a Docker Swarm configuration. Recent changes have focused on improving user guides, operations sections, and adding more detailed Caddy reverse proxy configurations. Review these updates for best practices in NetGrimoire service management.>
| 2026-04-30 | fc4617a1 | Initial deployment of lldap Stack |
| 2026-04-30 | 3c8190d1 | Updated Caddy reverse proxy configuration |
| 2026-04-30 | 99e9dd41 | Fixed LLDAP_JWT_SECRET generation |
| 2026-04-30 | 3ab644ff | Improved lldap Stack documentation |
| 2026-04-30 | b0edbeff | Added support for Uptime Kuma monitoring |
| 2026-01-10 | 1a374911 | Initial commit of lldap Stack |
---
## Notes
- Generated by Gremlin on 2026-04-30T18:55:01.847Z
- Source: swarm/lldap.yaml
- Review User Guide and Changelog sections
Generated by Gremlin on 2026-04-30T18:59:36.975Z
Source: swarm/lldap.yaml
Review User Guide and Changelog sections