How to use LDAP authentication with LetsEncrypt and Heimdall

I am trying to understand how to use LDAP authentication with LetsEncrypt, using Heimdall as an example.

this is my docker-compose:

version: "2.1"
    image: linuxserver/letsencrypt
    container_name: letsencrypt
      - NET_ADMIN
      - PUID=1000
      - PGID=1000
      - SUBDOMAINS=wildcard
      - VALIDATION=duckdns
      - DUCKDNSTOKEN=myToken
      - STAGING=true
      - $PWD/letsencrypt:/config
      - 443:443
      - 80:80
    restart: unless-stopped

    image: linuxserver/ldap-auth
    container_name: ldap-auth
    restart: unless-stopped

    image: linuxserver/heimdall
    container_name: heimdall
      - PUID=1000
      - PGID=1000
      - $PWD/heimdall:/config
    restart: unless-stopped

then I uncommented the relevant lines in the letsencrypt configs at /home/test/letsencrypt/nginx/site-confs/default:

# sample reverse proxy config for "heimdall" via subdomain, with ldap authentication
# ldap-auth container has to be running and the /config/nginx/ldap.conf file should be filled with ldap info
# notice this is a new server block, you need a new server block for each subdomain
server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;

	root /config/www;
	index index.html index.htm index.php;

	server_name heimdall.*;

	include /config/nginx/ssl.conf;

	include /config/nginx/ldap.conf;

	client_max_body_size 0;

	location / {
		# the next two lines will enable ldap auth along with the included ldap.conf in the server block
		auth_request /auth;
		error_page 401 =200 /ldaplogin;

		include /config/nginx/proxy.conf;
		resolver valid=30s;
		set $upstream_app heimdall;
		set $upstream_port 443;
		set $upstream_proto https;
		proxy_pass $upstream_proto://$upstream_app:$upstream_port;

I am now at a loss about how to modify the /config/nginx/ldap.conf file.
any suggestions?
what do I have to set up?
are there user/password combinations?


You need to configure the LDAP.conf file to point to your existing LDAP server

Starting from this line here

also, follow the instructions at the top:

isn’t some form of ready-to-use LDAP server included in either of the LSIO images?

Nope we don’t provide a LDAP container.

oh, I thought you did, because I saw other docker containers online with LDAP included and I decided to try staying in the LSIO realm.

so then no wonder it does not work. :man_shrugging:

still, it would be cool if there was a way to set this up, all in-LSIO-house.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.