Improve documentation

This commit is contained in:
paul 2019-05-17 02:24:19 +02:00
parent 475b4ad0f7
commit 70c8d70469

View file

@ -33,6 +33,32 @@ run the service
docker-compose up -d
```
#### Custom schema
every .ldif or .sh file will be evaluated on server startup, if it's placed
inside the '/docker-entrypoint-initdb.d/' directory. This allows you to
Specify custom behaviour of the LDAP Server.
By default the server will load the schema from the 'fixtures/' directory,
which will provide this features:
* MDB backend for better performance
* Indexing of most referenced attributes by default
* Base structure with People, Groups, Sevices, Domains and Policies.
* Simple but useful ACL rules, allowing users to change their own passwords.
* Password policy for strong cryptographic hashing of user passwords and password rotation.
* Referential integrity for e.g. group memberships.
* Support for core, cosine, nis, inetorgperson, ppolicy and misc schemas.
* Support for user-definable SSH public keys as attributes.
* enforcing of username and user ID uniqueness.
### Configuration
The LDAP server can be configured for your organization using the environment variables:
* `ROOTPW` password for the administration user that is created by default. Make this hard to guess!
* `ORGANIZATION` Name of the organization running this LDAP server.
* `SUFFIX` overwrites the root node for all entries. By default this will be 'o=organizationname', but for compatibility you might want to set this to 'dc=domain,dc=tld'.
* `DATADIR` is the path to the directory containing the LDAP DATA; by default this is '/var/lib/ldap/'.
* `CONFDIR` points to the path containing the server configuration, by default this is '/etc/ldap/slapd.d'.
### Backing up data
State stored in this container is essential to many other services, that
use authentication and authorization. Therefore you should think about