docker-compose.yaml

# SPDX-License-Identifier: AGPL-3.0-only
# SPDX-FileCopyrightText: 2023-2024 Univention GmbH

---

name: "dev-local"

services:
  ldif-producer:
    platform: linux/amd64
    image: "gitregistry.knut.univention.de/univention/customers/dataport/upx/container-ldap/ldif-producer:${IMAGE_TAG:-latest}"
    # entrypoint:
    #   - "/bin/bash"
    #   - "-c"
    #   - "sleep infinity"
    build:
      dockerfile: ./docker/ldif-producer/Dockerfile
      context: ./
    environment:
      SOCKET_FILE_LOCATION: "/var/lib/univention-ldap/slapd-sock/sock"
      NATS_USER: ldif-producer
      NATS_PASSWORD: ldifpass
      NATS_HOST: "nats"
      NATS_PORT: "4222"
      NATS_MAX_RECONNECT_ATTEMPTS: 2
      MAX_IN_FLIGHT_LDAP_MESSAGES: 10
      BACKPRESSURE_WAIT_TIMEOUT: 20
      LDAP_THREADS: 5
      LDAP_BASE_DN: "dc=univention-organization,dc=intranet"
      IGNORE_TEMPORARY_OBJECTS: true
    volumes:
    - ./tests/base-defaults.conf:/etc/univention/base-defaults.conf:ro
    - ldap-socket:/var/lib/univention-ldap/slapd-sock/:rw

  ldap-server:
    platform: linux/amd64
    image: "gitregistry.knut.univention.de/univention/customers/dataport/upx/container-ldap/ldap-server:${IMAGE_TAG:-latest}"
    build:
      context: ./docker/ldap-server
    environment:
      LDAP_CN_ADMIN_PW: univention
    ports:
    - 389:389
    - 636:636
    ## Enable the secrets below if TLS is desired and `directory/manager/starttls` is set.
    # secrets:
    # - ca_cert
    # - cert_pem
    # - private_key
    # - dh_param
    volumes:
    - ./tests/base-defaults.conf:/etc/univention/base-defaults.conf:ro
    - ${LDAP_SOCKET_LOCATION:-ldap-socket}:/var/lib/univention-ldap/slapd-sock/:rw

  nats:
    image: "nats:latest"
    environment:
      jetstream: "enabled"
    ports:
      - "4222:4222" # Client connections
      - "6222:6222" # Route connections
      - "8222:8222" # HTTP monitoring port
    volumes:
      - ./nats.dev.conf:/etc/nats-config/nats.conf
      - type: tmpfs
        target: /var/run
    command: --jetstream -m 8222 -p 4222 -config /etc/nats-config/nats.conf

  ldap-admin:
    image: osixia/phpldapadmin:0.9.0
    environment:
      PHPLDAPADMIN_LDAP_HOSTS: "#PYTHON2BASH:[{'ldap-server':{'login':{'bind_id':'cn=admin,dc=univention-organization,dc=intranet'}}}]"
      PHPLDAPADMIN_HTTPS: "false"
    links:
      - ldap-server
    ports:
      - 8001:80

  docs:
    image: docker-registry.knut.univention.de/sphinx:latest
    working_dir: /docs/docs
    volumes:
      - ".:/docs"
    profiles:
      - docs

  test:
    image: "gitregistry.knut.univention.de/univention/customers/dataport/upx/container-ldap/testrunner:${IMAGE_TAG:-latest}"
    build:
      dockerfile: ./docker/testrunner/Dockerfile
      context: ./
    environment:
      PYTEST_ADDOPTS: --ldap-server=ldap-server
    profiles:
      - test
    volumes:
      - "./tests:/app/tests"
      - "./univention:/app/univention"
      - "./pyproject.toml:/app/pyproject.toml"

  database-initialized-test:
    build:
      context: "./docker/ldap-server"
      target: "pytest"
    profiles:
      - test
    volumes:
      - "./:/src/"

  # Environment of the pre-commit linter.
  pre-commit:
    profiles:
      - test
    image: gitregistry.knut.univention.de/univention/customers/dataport/upx/container-pre-commit/upx-pre-commit:latest
    volumes:
      - type: bind
        source: .
        target: /code
      - type: volume
        # pre-commit installs dependencies, having them cached speeds things up
        # a lot.
        source: pre-commit-cache
        target: /cache

secrets:
  ca_cert:
    file: ssl/CAcert.pem
  cert_pem:
    file: ssl/cert.pem
  private_key:
    file: ssl/cert.key
  dh_param:
    file: ssl/dh_2048.pem

volumes:
  ldap-socket:
  pre-commit-cache:

...