Add example ldaps configuration, set TLS_REQCERT to never so php_ldap does validate ldap server SSL certs

This commit is contained in:
Deon George 2025-02-21 21:42:02 +11:00
parent d64478e449
commit 1cc8681b5a
2 changed files with 18 additions and 3 deletions

@ -40,6 +40,18 @@ return [
'name' => env('LDAP_NAME','LDAP Server'),
'openldaps' => [
'hosts' => [env('LDAP_HOST', '')],
'username' => env('LDAP_USERNAME', 'cn=user,dc=local,dc=com'),
'password' => env('LDAP_PASSWORD', 'secret'),
'port' => env('LDAP_PORT', 636),
'base_dn' => env('LDAP_BASE_DN', 'dc=local,dc=com'),
'timeout' => env('LDAP_TIMEOUT', 5),
'use_ssl' => env('LDAP_SSL', true),
'use_tls' => env('LDAP_TLS', true),
'name' => env('LDAP_NAME','LDAPS Server'),
'opendj' => [
'hosts' => ['opendj'],
'username' => 'cn=Directory Manager',

@ -9,9 +9,12 @@ RUN install-php-extensions \
igbinary msgpack memcached
# Tune PHP
RUN cp /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini
RUN sed -i -e 's/^memory_limit = 128M/memory_limit = 256M/' /usr/local/etc/php/php.ini
RUN sed -i -e 's/^expose_php = On/expose_php = Off/' /usr/local/etc/php/php.ini
RUN cp /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini \
&& sed -i -e 's/^memory_limit = 128M/memory_limit = 256M/' /usr/local/etc/php/php.ini \
&& sed -i -e 's/^expose_php = On/expose_php = Off/' /usr/local/etc/php/php.ini
# Support for LDAPS queries
RUN echo "TLS_REQCERT never" >> /etc/openldap/ldap.conf
# Add composer
RUN curl -4|php -- --install-dir=/usr/local/bin --filename=composer