61 lines
1.4 KiB
YAML
61 lines
1.4 KiB
YAML
---
|
|
version: '3.7'
|
|
services:
|
|
isard-sso-freeipa:
|
|
container_name: isard-sso-freeipa
|
|
image: freeipa/freeipa-server:centos-8
|
|
restart: unless-stopped
|
|
hostname: ipa.${DOMAIN}
|
|
environment:
|
|
- IPA_SERVER_HOSTNAME=ipa.${DOMAIN}
|
|
tty: true
|
|
stdin_open: true
|
|
cap_add:
|
|
- NET_ADMIN
|
|
volumes:
|
|
- ${BUILD_ROOT_PATH}/scripts/freeipa:/scripts
|
|
- /sys/fs/cgroup:/sys/fs/cgroup:ro
|
|
- ${DATA_FOLDER}/freeipa:/data
|
|
sysctls:
|
|
- net.ipv6.conf.lo.disable_ipv6=0
|
|
- net.ipv6.conf.all.disable_ipv6=0
|
|
security_opt:
|
|
- "seccomp:unconfined"
|
|
command:
|
|
- -U
|
|
- --domain=${DOMAIN}
|
|
- --realm=${DOMAIN}
|
|
- --http-pin=${IPA_ADMIN_PWD}
|
|
- --dirsrv-pin=${IPA_ADMIN_PWD}
|
|
- --ds-password=${IPA_ADMIN_PWD}
|
|
- --admin-password=${IPA_ADMIN_PWD}
|
|
- --no-host-dns
|
|
#- --no-dnssec-validation
|
|
#- --setup-dns
|
|
#- --auto-forwarders
|
|
#- --allow-zone-overlap
|
|
- --unattended
|
|
#ports:
|
|
#- "53:53/udp"
|
|
#- "53:53"
|
|
#- "80:80"
|
|
#- "443:443"
|
|
#- "389:389"
|
|
#- "636:636"
|
|
#- "88:88"
|
|
#- "464:464"
|
|
#- "88:88/udp"
|
|
#- "464:464/udp"
|
|
#- "123:123/udp"
|
|
#- "7389:7389"
|
|
#- "9443:9443"
|
|
#- "9444:9444"
|
|
#- "9445:9445"
|
|
env_file:
|
|
- .env
|
|
networks:
|
|
isard_net:
|
|
aliases:
|
|
- ${DOMAIN}
|
|
- ipa.${DOMAIN}
|