[BUG] Can't get LDAP to run #407
Description
Describe the bug
I can't get LDAP to run with Kimai(Docker). I have other services using the same LDAP server so I'm pretty sure the problem is on Kimai site.
To Reproduce
local.yaml:
kimai:
ldap:
activate: true
# https://docs.laminas.dev/laminas-ldap/api/
connection:
host: ldap://openldap
#port: 389
#useSsl: false
#useStartTls: true
#username: cn=admin,dc=mydomain,dc=net
#password: password
#bindRequiresDn: true
#optReferrals: false
user:
baseDn: ou=users, dc=mydomain, dc=net
#usernameAttribute: uid
attributes:
- { ldap_attr: uid, user_method: setUsername }
- { ldap_attr: cn, user_method: setAlias }
- { ldap_attr: mail, user_method: setEmail }
Desktop (please complete the following information):
- OS: ubuntu 22.04 server
- Docker version: 20.10.18
- Docker Compose version: v2.10.2
Command used to run the container
- [e.g. docker run -v ....]
Docker compose file (with passwords redacted)
version: '3.5'
services:
kimai-db:
image: mariadb:latest
container_name: kimai-db
hostname: kimai-db
environment:
- MYSQL_DATABASE=kimai
- MYSQL_USER=admin
- MYSQL_PASSWORD=password
- MYSQL_ROOT_PASSWORD=password
volumes:
- ./data/mysql:/var/lib/mysql
command: --default-storage-engine innodb
restart: unless-stopped
healthcheck:
test: mysqladmin -p$$MYSQL_ROOT_PASSWORD ping -h localhost
interval: 20s
start_period: 10s
timeout: 10s
retries: 3
networks:
- kimai
nginx:
image: tobybatch/nginx-fpm-reverse-proxy
volumes:
- ./data/public:/opt/kimai/public:ro
restart: unless-stopped
depends_on:
- kimai
healthcheck:
test: wget --spider http://nginx/health || exit 1
interval: 20s
start_period: 10s
timeout: 10s
retries: 3
networks:
- kimai
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.kimai-secure.entrypoints=https"
- "traefik.http.routers.kimai-secure.rule=Host(`kimai.mydomain.net`)"
- "traefik.http.routers.kimai-secure.middlewares=kimai-middlewares"
- "traefik.http.routers.kimai-secure.tls=true"
- "traefik.http.routers.kimai-secure.service=kimai"
- "traefik.http.services.kimai.loadbalancer.server.port=80"
- "traefik.http.services.kimai.loadbalancer.server.scheme=http"
- "traefik.http.services.kimai.loadbalancer.passhostheader=true"
- "traefik.http.middlewares.kimai-middlewares.chain.middlewares=https-redirectscheme@file,default-headers@file,authelia@docker"
- "traefik.docker.network=proxy"
kimai: # This is the latest FPM image of kimai
image: kimai/kimai2:latest
container_name: kimai
hostname: kimai
environment:
- ADMINMAIL=kimai@mydomain.net
- ADMINPASS=password
- DATABASE_URL=mysql://admin:password@kimai-db/kimai
- TRUSTED_HOSTS=nginx,localhost,127.0.0.1,mydomain.net
- APP_ENV=prod
volumes:
- ./data/public:/opt/kimai/public
- ./local.yaml:/opt/kimai/config/packages/local.yaml:z
# - var:/opt/kimai/var
# - ./ldap.conf:/etc/openldap/ldap.conf:z
# - ./ROOT-CA.pem:/etc/ssl/certs/ROOT-CA.pem:z
restart: unless-stopped
networks:
- kimai
- openldap
depends_on:
- kimai-db
volumes:
var:
public:
mysql:
networks:
proxy:
external: true
openldap:
external: true
kimai:
name: kimai
external: false
Additional context
My guess is that I fucked something up in the config, however I'm working on this problem for a few days now without results and I also found no other place like a discord to ask more experienced people for help.
So I considering that and that I wasn't able to fix this alone with the documentation I think it's reasonable to open an issue for this, so that even if this ain't a bug in the code it documents better how to use kimai in docker with ldap.
If my tough is wrong I'm sorry and I'm ready to ask at the place where this questions should get asked, however somebody would have to tell me where that is ^^"
Of course, help would be welcome anyway ^^