version: "3.6" services: # OpenLDAP服务器 openldap: image: osixia/openldap:1.5.0 container_name: openldap hostname: openldap ports: - "389:389" - "636:636" environment: LDAP_LOG_LEVEL: "256" LDAP_ORGANISATION: "Example Inc." LDAP_DOMAIN: "example.com" LDAP_BASE_DN: "dc=example,dc=com" LDAP_ADMIN_PASSWORD: "admin" LDAP_CONFIG_PASSWORD: "config" LDAP_READONLY_USER: "false" LDAP_RFC2307BIS_SCHEMA: "false" LDAP_BACKEND: "mdb" LDAP_TLS: "false" LDAP_REPLICATION: "false" KEEP_EXISTING_CONFIG: "false" LDAP_REMOVE_CONFIG_AFTER_SETUP: "true" volumes: - ./ldap_data:/var/lib/ldap - ./ldap_config:/etc/ldap/slapd.d networks: - gitlab_network restart: unless-stopped # LDAP管理界面 (phpLDAPadmin) phpldapadmin: image: osixia/phpldapadmin:latest container_name: phpldapadmin hostname: phpldapadmin ports: - "8081:80" environment: PHPLDAPADMIN_LDAP_HOSTS: "openldap" PHPLDAPADMIN_HTTPS: "false" depends_on: - openldap networks: - gitlab_network restart: unless-stopped # GitLab gitlab: image: gitlab/gitlab-ce:latest container_name: gitlab hostname: localhost ports: - "8880:8880" - "443:443" - "22:22" environment: GITLAB_OMNIBUS_CONFIG: | external_url 'http://localhost:8880' gitlab_rails['ldap_enabled'] = true gitlab_rails['ldap_servers'] = { 'main' => { 'label' => 'LDAP', 'host' => 'openldap', 'port' => 389, 'uid' => 'uid', 'bind_dn' => 'cn=admin,dc=example,dc=com', 'password' => 'admin', 'encryption' => 'plain', 'verify_certificates' => false, 'timeout' => 10, 'active_directory' => false, 'user_filter' => '', 'base' => 'dc=example,dc=com', 'lowercase_usernames' => false, 'allow_username_or_email_login' => true, 'block_auto_created_users' => false } } volumes: - ./gitlab_config:/etc/gitlab - ./gitlab_log:/var/log/gitlab - ./gitlab_data:/var/opt/gitlab depends_on: - openldap networks: - gitlab_network restart: unless-stopped networks: gitlab_network: driver: bridge