stacks/auth/lldap/lldap_config.toml

1.0 KB · 44 lines · 2024-09-22 · 49bc802
# stacks/auth/lldap/lldap_config.toml
# Light LDAP. Tiny rust server; we only use it as the backing store
# for Authelia and a couple of apps with native ldap support.

ldap_host = "0.0.0.0"
ldap_port = 3890
http_host = "0.0.0.0"
http_port = 17170
http_url = "https://auth.home.arpa/lldap"
verbose = false

ldap_base_dn = "dc=home,dc=arpa"
ldap_user_dn = "admin"

# These point at /run/secrets; lldap resolves *_FILE env automatically.
# ldap_user_pass  -> LLDAP_LDAP_USER_PASS_FILE
# jwt_secret      -> LLDAP_JWT_SECRET_FILE
# key_seed        -> LLDAP_KEY_SEED_FILE

database_url = "sqlite:///data/users.db?mode=rwc"

force_reset_admin_password = false
ignored_user_attributes = []
ignored_group_attributes = []

[smtp_options]
enable_password_reset = true
server = "smtp.home.arpa"
port = 587
smtp_encryption = "STARTTLS"
user = "lldap@home.arpa"
from = "lldap@home.arpa"
to = "admin@home.arpa"

[ldaps_options]
enabled = false

[server_key_options]
min_protocol_version = "TLS1.2"

[logging]
format = "json"
level = "info"