Support #987
Updated by Daniel Curtis 17 days ago
This is a guide on setting up LLDAP on FreeBSD 14.
h2. Prepare the Environment
* Before installation of the components, make sure everything is up to date using the following command:
<pre>
pkg update -f && pkg upgrade
</pre>
h2. Install LLDAP
* Install the LLDAP package:
<pre>
pkg install lldap
</pre>
* Copy the example config to the LLDAP directory
<pre>
cp /usr/local/share/lldap/ldap_config.toml.example /usr/local/lldap_server/lldap_config.toml
</pre>
* Edit the LLDAP config:
<pre>
vi /usr/local/lldap_server/lldap_config.toml
</pre>
#* Change the following config values accordingly:
<pre>
ldap_host = "127.0.0.1"
ldap_port = 3890
http_host = "127.0.0.1"
http_port = 17170
http_url = "http://localhost"
jwt_secret = "REPLACE_WITH_RANDOM"
ldap_base_dn = "dc=example,dc=com"
ldap_user_dn = "admin"
ldap_user_email = "admin@example.com"
ldap_user_pass = "SuperSecretPassword"
database_url = "sqlite:///usr/local/lldap_server/users.db?mode=rwc"
</pre>
*NOTE* : use @openssl rand -base64 15@ to generate a secret key for _jwt_secret_
* Start and enable LLDAP on boot up:
<pre>
sysrc lldap_enable=YES
service lldap start
</pre>
* Log into the web interface on http://localhost:17170 with the username admin and the password set in the config.
h2. Postgres Backend
* Install a postgresql client:
<pre>
pkg install postgresql14-client
</pre>
* Create the lldap user and database:
<pre>
CREATE USER lldapuser WITH PASSWORD 'SuperSecretPassword' CREATEDB;
CREATE DATABASE lldapdb OWNER lldapuser;
</pre>
* Edit the lldap config:
<pre>
vi /usr/local/lldap_server/lldap_config.toml
</pre>
#* Change the @database_url@ value accordingly:
<pre>
database_url = "postgres://lldapuser:SuperSecretPassword@pg.example.com/lldapdb"
</pre>
* Restart lldap:
<pre>
service lldap restart
</pre>
h2. Resources
* https://github.com/lldap/lldap
* https://wiki.alpinelinux.org/wiki/Setting_up_a_LLDAP_server