前段时间在本地搭建了一套gitlab geo测试环境，因为需要集成ldap，所以特意搭建下，特此作为笔记记录下。

1. 前置条件

安装docker-compose

安装docker

创建挂载目录

2. 编写docker-openldap.yml文件

cat docker-openldap.yml

version: '2'
services:openldap:image: osixia/openldap:1.5.0container_name: openldaprestart: alwaysenvironment:LDAP_LOG_LEVEL: "256"LDAP_ORGANISATION: "ldap"   ### 您的组织名称LDAP_DOMAIN: "wkx.cn"    ### 公司域名LDAP_BASE_DN: "dc=wkx,dc=cn"   ### 根据域名组成LDAP_ADMIN_PASSWORD: "Jh@2022"   ### 密码自己来设置LDAP_CONFIG_PASSWORD: "Jh@2022"LDAP_READONLY_USER: "false"LDAP_RFC2307BIS_SCHEMA: "false"LDAP_BACKEND: "mdb"LDAP_REPLICATION: "false"KEEP_EXISTING_CONFIG: "false"LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"tty: truestdin_open: truevolumes:- /opt/openldap/ldap:/var/lib/ldap- /opt/openldap/slapd.d:/etc/ldap/slapd.d- /opt/openldap/certs:/container/service/lapd/assets/certsports:- "389:389"- "636:636"domainname: "wkx.cn"hostname: "ldap-server"phpldapadmin:image: osixia/phpldapadmin:latestcontainer_name: phpldapadminrestart: alwaysenvironment:PHPLDAPADMIN_LDAP_HOSTS: "192.168.31.30"   ### 如果部署后登录不进去有可能是这里出了问题，直接换为部署openldap服务的公网IP试试PHPLDAPADMIN_HTTPS: "false"ports:- "50081:80"depends_on:- openldapself-service-password:container_name: self-service-passwordimage: tiredofit/self-service-password:latestrestart: alwaysports:- "50080:80"environment:- LDAP_SERVER=ldap://openldap:389- LDAP_BINDDN=cn=admin,dc=wkx,dc=cn #默认就是cn=admin,dc=wkx,dc=cn- LDAP_BINDPASS=Jh@2022- LDAP_BASE_SEARCH=dc=wkx,dc=cn- MAIL_FROM=smtp.163.com- MAIL_FROM_NAME=账号自助服务平台- SMTP_DEBUG=0- SMTP_HOST=smtp.163.com- SMTP_USER=wkx323@163.com- SMTP_PASS=HTGCMxxFVLASxxxxRS- SMTP_PORT=465- SMTP_SECURE_TYPE=ssl- SMTP_AUTH_ON=true- NOTIFY_ON_CHANGE=truevolumes:- /etc/localtime:/etc/localtime- /opt/openldap/self-service-password/htdocs:/www/ssp- /opt/openldap/self-service-password/logs:/www/logs

docker-compose -f docker-openldap.yml up -d

3. 登录

4. 使用

创建组

Create a child entry -> ** Generic: Posix Group** -> 输入group名dev

创建用户

Create a child entry -> ** Generic: User Account** -> 输入用户名和属性信息dev

登录测试