hub.docker.com/r/tiredofit/nginx-ldap

Introduction

This will build a container for Nginx w/ LDAP Authentication Enabled

• Tracks Mainline release channel
• Includes Zabbix Monitoring (nginx status) on port 73
• Logrotate Included to roll over log files at 23:59, compress and retain for 7 days
• Ability to Password Protect (Basic) or use LemonLDAP:NG Handler
• Compile Options:
• --with-threads --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module=dynamic --with-http_image_filter_module=dynamic --with-http_geoip_module=dynamic --with-http_perl_module=dynamic --with-threads --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-http_slice_module --with-mail --with-mail_ssl_module --with-compat --with-file-aio --with-http_v2_module

This Container uses tiredofit:alpine:3.7 as a base.

Changelog

Authors

• Dave Conroy

Table of Contents

• Introduction
  • Changelog
• Prerequisites
• Installation
• Quick Start
• Configuration
  • Data Volumes
  • Environment Variables
  • Networking
• Maintenance
  • Shell Access
  • References

Prerequisites

This image assumes that you are using a reverse proxy such as jwilder/nginx-proxy and optionally the Let's Encrypt Proxy Companion @ https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion in order to serve your pages. However, it will run just fine on it's own if you map appropriate ports.

Installation

Automated builds of the image are available on Docker Hub and is the recommended method of installation.

docker pull tiredofit/nginx-ldap

Quick Start

• The quickest way to get started is using docker-compose. See the examples folder for a working docker-compose.yml that can be modified for development or production use.

• Set various environment variables to understand the capabilities of this image.

• Map persistent storage for access to configuration and data files for backup.

• Make networking ports available for public access if necessary

Configuration

Data-Volumes

The container starts up and reads from /etc/nginx/nginx.conf for some basic configuration and to listen on port 73 internally for Nginx Status responses. /etc/nginx/conf.d contains a sample configuration file that can be used to customize a nginx server block. The LDAP configuration resides in the /etc/nginx/conf.d/01-ldap.conf upon container start.

The following directories are used for configuration and can be mapped for persistent storage.

Environment Variables

Along with the Environment Variables from the Base image, below is the complete list of available options that can be used to customize your installation.

Authentication Options

The LLNG option is for when using LemonLDAP:NG Handlers to protect your application and require modification to the /etc/nginx/conf.d/default.llng file to fully work properly!

General Options

Networking

The following ports are exposed.

Maintenance

Shell Access

For debugging and maintenance purposes you may want access the containers shell.

docker exec -it (whatever your container name is e.g. nginx-ldap) bash

References

• https://nginx.org/
• https://github.com/kvspb/nginx-auth-ldap