docker-compose-nginx-lldap.yml

services:
  nginx:
    container_name: nginx
    image: lscr.io/linuxserver/nginx
    restart: unless-stopped
    networks:
      - nginx
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./nginx/site-confs-lldap:/config/nginx/site-confs
      - ./nginx/snippets:/config/nginx/snippets
      - ./nginx/certs:/config/ssl # see nginx/README.md to generate self signed certs in this directory
    environment:
      TZ: 'UTC'
      DOCKER_MODS: 'linuxserver/mods:nginx-proxy-confs'

  authelia:
    container_name: authelia
    image: authelia/authelia:4.38.17
    restart: unless-stopped
    networks:
      - nginx
    ports:
      - 9091
    volumes:
      - ./authelia-nginx-lldap:/config
    depends_on:
      - redis
    environment:
      - AUTHELIA_SESSION_DOMAIN=pygeoapi.local
      - AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD=super_strong_ldap_password
      - AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN=dc=pygeoapi,dc=local


  redis:
    container_name: redis
    image: redis:7.0
    restart: unless-stopped
    networks:
      - nginx

  pygeoapi:
    container_name: pygeoapi
    build:
      context: .
      dockerfile: Dockerfile.pygeoapi
    restart: unless-stopped
    volumes:
      - ./pygeoapi-config.yml:/pygeoapi/local.config.yml
      - ./authelia-nginx-lldap:/pygeoapi/authelia-config
    environment:
      - SCRIPT_NAME=/api
    depends_on:
      - redis
      - nginx
      - authelia
    networks:
      - nginx

  lldap:
    container_name: lldap
    image: lldap/lldap:stable
    restart: unless-stopped
    networks:
      - nginx
    expose:
      - 3890 # LDAP service
      - 17170 # Web service
    volumes:
      - ./lldap/config:/data:rw
    environment:
      - LLDAP_JWT_SECRET=REPLACE_WITH_RANDOM
      - LLDAP_KEY_SEED=REPLACE_WITH_RANDOM
      - LLDAP_LDAP_BASE_DN=dc=pygeoapi,dc=local
      - LLDAP_LDAP_USER_PASS="super_strong_ldap_password"
networks:
  nginx:
    name: nginx