openldap部署看这篇就够了

password=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 12`
docker run \
   -d -p 389:389 -p 636:636 \
  --name ldap-service \
  --restart=always \
  --hostname openldap \
  -v /opt/docker-data/slapd/database:/var/lib/ldap \
  --volume /opt/docker-data/slapd/config:/etc/ldap/slapd.d \
  --env LDAP_ORGANISATION="abc.com" \
  --env LDAP_DOMAIN="abc.com" \
  --env LDAP_BASE_DN="dc=abc,dc=com" \
  --env LDAP_ADMIN_PASSWORD=$password \
  osixia/openldap:latest

echo "passwod: $password" > openldap.txt

docker run -p 6443:443 \
  --name ldapadmin \
  --link ldap-service:ldap \
  --env PHPLDAPADMIN_LDAP_HOSTS=ldap \
  --detach osixia/phpldapadmin:0.9.0

## docker-compose.yml 自助密码
version: "3"
services:
  self-service-password:
    container_name: self-service-password
    image: tiredofit/self-service-password:latest
    restart: always
    ports:
      - 8096:80
    environment:
      - LDAP_SERVER=ldap://172.16.1.198:389
      - LDAP_BINDDN=cn=admin,dc=abc,dc=com
      - LDAP_BINDPASS=cSyWvLRUMaLc
      - LDAP_BASE_SEARCH=dc=abc,dc=com
      - MAIL_FROM=ops@xxx.com
      - SMTP_DEBUG=0
      - SMTP_HOST=smtp.larksuite.com
      - SMTP_USER=ops@xxx.com
      - SMTP_PASS=xxxxxx
      - SMTP_PORT=465
      - SMTP_SECURE_TYPE=ssl
      - SMTP_AUTH_ON=true
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/openldap/self-service-password/htdocs:/www/ssp
      - /data/openldap/self-service-password/logs:/www/logs
    deploy:
      resources:
        limits:
           memory: 2G
        reservations:
           memory: 512M

# 启动
docker-compose up -d

gitlab_rails['ldap_enabled'] = true

###! **remember to close this block with 'EOS' below**
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS'
   main: # 'main' is the GitLab 'provider ID' of this LDAP server
     label: ' GitLab LDAP'
     host: '10.0.0.200'
     port: 389
     uid: 'uid'
     method: 'plain' # "start_tls" or "simple_tls" or "plain"
     bind_dn: 'CN=admin,DC=huored,DC=com'
     password: 'XXX密码'
     base: 'DC=huored,DC=com'
EOS