22 lines
954 B
Text
22 lines
954 B
Text
[Unit]
|
|
PartOf=keycloak.target
|
|
|
|
[Container]
|
|
ContainerName=ldap
|
|
Environment=DS_DM_PASSWORD={{ podman_keycloak_ldap_directory_manager_password }}
|
|
Image=quay.io/389ds/dirsrv:latest
|
|
Network=ldap.network
|
|
PublishPort=636:3636/tcp
|
|
Volume=/home/{{ podman_keycloak_podman_rootless_user }}/ldap:/data:rw,Z
|
|
Volume=/home/{{ podman_keycloak_podman_rootless_user }}/certbot/conf/live/{{ podman_keycloak_keycloak_hostname }}/privkey.pem:/data/tls/server.key:ro,z
|
|
Volume=/home/{{ podman_keycloak_podman_rootless_user }}/certbot/conf/live/{{ podman_keycloak_keycloak_hostname }}/cert.pem:/data/tls/server.crt:ro,z
|
|
Volume=/home/{{ podman_keycloak_podman_rootless_user }}/certbot/conf/live/{{ podman_keycloak_keycloak_hostname }}/chain.pem:/data/tls/ca/chain.crt:ro,z
|
|
|
|
[Service]
|
|
Slice=keycloak.slice
|
|
Restart=always
|
|
# RuntimeMaxSec is used to restart the service periodically to pick up new Let's Encrypt certificates
|
|
RuntimeMaxSec=604800
|
|
|
|
[Install]
|
|
WantedBy=keycloak.target
|