mirror of
https://github.com/lldap/lldap.git
synced 2026-04-26 00:36:01 +03:00
[GH-ISSUE #292] Letsencrypt Support #109
Labels
No labels
backend
blocked
bug
cleanup
dependencies
docker
documentation
duplicate
enhancement
enhancement
frontend
github_actions
good first issue
help wanted
help wanted
integration
invalid
ldap
pull-request
question
rust
rust
tests
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/lldap-lldap#109
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @zicklag on GitHub (Aug 26, 2022).
Original GitHub issue: https://github.com/lldap/lldap/issues/292
I need the ability to automatically create and renew LDAPS certificates with LetsEncrypt, and I might be willing to develop a pull request. Is this something you would be open to?
Edit: It might be easier for me just to integrate
acme.shinto the container instead of building it into service itself. That wouldn't be preferable for users in general, though, so we wouldn't want to implement it like that in this repo probably.I'm kind of in a hurry to get something working, so I might try that in a separate repo instead of a PR to the core.
@nitnelave commented on GitHub (Aug 26, 2022):
Hmm, yes, it seems like you could automate it outside of the container based on cron and
acme.sh, and just mount the certificates into the container. I don't think it belongs in LLDAP.@KetchupBomb commented on GitHub (Dec 30, 2024):
@nitnelave, this is the closest topical match I've seen so please pardon the old reply. Assuming the certificate & key are mounted in as Docker volumes from ACME to LLDAP, does LLDAP reload the certificate when ACME rotates them? Or would this require an LLDAP config reload?
If a config reload is required, does LLDAP support some form of signal (
SIGHUP?) to do so?I couldn't find the answer stumbling around the source code as I'm very unfamiliar with Rust. Thanks for any info.
@nitnelave commented on GitHub (Dec 30, 2024):
No, there's no form of certificate reloading implemented, you'd have to restart the server.
@KetchupBomb commented on GitHub (Dec 31, 2024):
Thanks @nitnelave.
For those interested, if you, too, want to reload LLDAP when ACME rotates the certificate, one option is Ofelia's
job-runexecution type. You can spawn an instance of thedockerimage anddocker restart lldap. A blind restart@weeklyseems to be sufficient.