networks: netgrimoire: external: true services: lldap-db: image: postgres:16 networks: - netgrimoire environment: TZ: America/Chicago POSTGRES_DB: lldap POSTGRES_USER: lldap POSTGRES_PASSWORD: F@lcon13 volumes: - /DockerVol/lldap-db/data:/var/lib/postgresql/data deploy: restart_policy: condition: any delay: 5s max_attempts: 3 window: 120s placement: constraints: - node.platform.arch != arm - node.platform.arch != aarch64 - node.hostname == docker4 labels: gremlin.version: "2026-04-1" gremlin.uid.exempt: "true" gremlin.uid.reason: "Postgres requires UID 999 — PUID/PGID not supported" gremlin.caddy.skip: "true" gremlin.homepage.skip: "true" gremlin.monitor.skip: "true" gremlin.network.skip: "true" diun.enable: "true" lldap: image: lldap/lldap:stable networks: - netgrimoire environment: TZ: America/Chicago PUID: "1964" PGID: "1964" LLDAP_LDAP_BASE_DN: "dc=netgrimoire,dc=com" LLDAP_DOMAIN: netgrimoire.com LLDAP_LDAP_USER_PASS: F@lcon13 LLDAP_JWT_SECRET: lougu9MjGLmLp1SPDkkCBsQm-MdHpGGuOn-wW7FRWRdzglIn1nJRyBQkQ7HDcDh0 LLDAP_KEY_SEED: Kss_fNlMBH3XRo9aYHo_pI9gWQecQ1v3-yYzULckoWUm-iKIkV2DMygPYyKaN-u_ LLDAP_DATABASE_URL: postgres://lldap:F@lcon13@lldap-db:5432/lldap volumes: - /DockerVol/lldap/data:/data ports: - target: 17170 published: 17170 protocol: tcp mode: ingress - target: 3890 published: 3890 protocol: tcp mode: ingress deploy: restart_policy: condition: any delay: 5s max_attempts: 3 window: 120s placement: constraints: - node.platform.arch != arm - node.platform.arch != aarch64 - node.hostname == docker4 labels: gremlin.version: "2026-04-1" gremlin.context: "LLDAP exposes port 17170 for web UI and 3890 for LDAP. Both are intentional." caddy: ldap.netgrimoire.com caddy.reverse_proxy: lldap:17170 caddy.import_1: crowdsec caddy.import_2: authentik monitor.name: LLDAP monitor.url: http://lldap:17170 homepage.group: Authentication homepage.name: LLDAP homepage.icon: ldap.png homepage.href: https://ldap.netgrimoire.com homepage.description: Lightweight LDAP directory diun.enable: "true"