32 lines
971 B
YAML
32 lines
971 B
YAML
services:
|
|
authentik-ldap:
|
|
image: ghcr.io/goauthentik/ldap:2025.2.4
|
|
container_name: authentik-ldap
|
|
restart: unless-stopped
|
|
environment:
|
|
AUTHENTIK_HOST: https://auth.kitestacks.com
|
|
AUTHENTIK_INSECURE: "false"
|
|
# Token from Authentik outpost "osTicket LDAP Outpost"
|
|
# Regenerate via: Authentik admin → Outposts → osTicket LDAP Outpost → token
|
|
AUTHENTIK_TOKEN: REDACTED
|
|
networks:
|
|
- kitestacks
|
|
- osticket_default
|
|
|
|
# socat proxy: bridges standard LDAP port 389 → outpost port 3389
|
|
# Required because Net_LDAP2 (osTicket's LDAP library) always uses port 389
|
|
authentik-ldap-proxy:
|
|
image: alpine/socat
|
|
container_name: authentik-ldap-proxy
|
|
restart: unless-stopped
|
|
command: TCP-LISTEN:389,fork,reuseaddr TCP:authentik-ldap:3389
|
|
depends_on:
|
|
- authentik-ldap
|
|
networks:
|
|
- osticket_default
|
|
|
|
networks:
|
|
kitestacks:
|
|
external: true
|
|
osticket_default:
|
|
external: true
|