-
-
Notifications
You must be signed in to change notification settings - Fork 183
Docker Container
PLA v2 is available on docker hub, you can find the image here.
-
First pull the image with
docker pull phpldapadmin/phpldapadmin -
You can optionally (and recommended) choose to pass an encryption key to the container, which is used to encrypt Cookies and other items during your session with PLA. If you want to persist your encryption key, then you should perform this step.
If you dont create an encryption key, one will be created each time the container starts.
Creating a key is simple, using
docker run -it --rm phpldapadmin/phpldapadmin ./artisan key:generate --showThe output will look something like this:
* Started with [./artisan key:generate --show] * Laravel Setup... + Encryption Key auto created, replace with with "artisan key:generate --force" INFO Application key set successfully. - Caching configuration... INFO Caching framework bootstrap, configuration, and metadata. config .................................................................................................................. 17.38ms DONE events ................................................................................................................... 0.70ms DONE routes .................................................................................................................. 12.14ms DONE views ................................................................................................................... 68.91ms DONE base64:3JrewY/3wdVdjKKQxfyh7Zn1gqBzLJfCL3JLfY4n1p4=In the above example, you'll need the
base64:3JrewY/3wdVdjKKQxfyh7Zn1gqBzLJfCL3JLfY4n1p4=and that should be used with yourAPP_KEYenvironment variable. -
You can tune the container with the following environment variables:
Variable Value Default Purpose APP_KEY (value from artisan key:generate --show)[auto created] This is used to encrypt data used internally. It is recommended to create your persistent key using the steps above. APP_TIMEZONE An applicable timezone UTC This is used to timezone used, mostly for, logging. eg: Australia/MelbourneLDAP_CACHE true false We use internal caching to reduce the impact to your LDAP server, this enables that caching LDAP_HOST (*) hostname/IP address [undefined] A resolvable hostname or IP address to your LDAP server. PLA will connect to this server (over TCPIP, thus remotely). CACHE_DRIVER preferred caching driver file You can use memcachedhere. If you usememcached, then you'll need to start a another container, and provide the connection information to it (see below)MEMCACHED_HOST hostname/IP address [undefined] If you use memcachedfor CACHE_DRIVER, this is the hostname/IP address to connect to the remote memcached instance.MEMCACHED_PORT tcp port 11211 If you use memcachedfor CACHE_DRIVER, this is the port used to connect to memcached.SERVER_NAME ip address/port :8080 Use this to control the port that frankenphp listens for connections inside the container. (*) Required
There are other variables you can set - they are listed Configuration Variables.
-
Include the relevant port mapping (docker's
-poption, eg:-p 80:8080. frankenphp is by default running as non-root and will accept requests on port 8080. You can run a proxy in front of PLA, if you want to providehttpsaccess to PLA and terminate your HTTPS connections externally (the PLA demo uses nginx in front of the container). -
You might like to add some persistent mounts, so that user sessions and logging survives container restarts. You can add these 2 mounts as appropriate:
Container Path Purpose /app/storage/framework/sessions Maintains a user's session /app/storage/logs Debug log -
Once your container is running, point your browser at the url/port (you define in the port mapping above) and you should be good to go
NOTE: PLA assumes it can query your LDAP server using the credentials provided in
LDAP_USERNAME/LDAP_PASSWORD, or if unset an anonymous bind to get schema information and to find users via an LDAP query to use the DN for authentication. If, for example, you are using