[GH-ISSUE #1372] [BUG] KeyError on 'id' when starting a new instance via Docker deployment #478

New issue

Open

opened 2026-02-27 08:17:28 +03:00 by kerem · 2 comments

kerem commented 2026-02-27 08:17:28 +03:00

Owner

Copy link

Originally created by @nuvious on GitHub (Dec 29, 2025).
Original GitHub issue: https://github.com/lldap/lldap/issues/1372

Describe the bug

When starting a new instance with docker-compose, I receive the following error:

nuvious@identity:~/ServerNotes/lldap$ docker-compose up
Creating network "lldap_default" with the default driver
Creating volume "lldap_lldap_data" with local driver
Creating lldap_lldap_1 ... done
Attaching to lldap_lldap_1
lldap_1  | [entrypoint] Copying the default config to /data/lldap_config.toml
lldap_1  | [entrypoint] Edit this file to configure LLDAP.
lldap_1  | > Setup permissions..
lldap_1  | > Starting lldap..
lldap_1  | 
lldap_1  | Loading configuration from /data/lldap_config.toml
lldap_1  | WARNING: A key_seed was given, we will ignore the key_file and generate one from the seed! Set key_file to an empty string in the config to silence this message.
lldap_1  | Error: while binding the LDAP server
lldap_1  | 
lldap_1  | Caused by:
lldap_1  |     0: while setting up the SSL certificate
lldap_1  |     1: No such file or directory (os error 2)
lldap_1  | 2025-12-29T16:08:37.070141454+00:00  INFO     set_up_server [ 871ms | 100.00% ]
lldap_1  | 2025-12-29T16:08:37.070257936+00:00  INFO     ┝━ ｉ [info]: Starting LLDAP version 0.6.2
lldap_1  | 2025-12-29T16:08:37.342807133+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema from version 1
lldap_1  | 2025-12-29T16:08:37.342811813+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 2
lldap_1  | 2025-12-29T16:08:37.396875631+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 3
lldap_1  | 2025-12-29T16:08:37.489132875+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 4
lldap_1  | 2025-12-29T16:08:37.547164935+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 5
lldap_1  | 2025-12-29T16:08:37.613751702+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 6
lldap_1  | 2025-12-29T16:08:37.742379940+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 7
lldap_1  | 2025-12-29T16:08:37.824894167+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 8
lldap_1  | 2025-12-29T16:08:37.876792475+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 9
lldap_1  | 2025-12-29T16:08:37.931068236+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 10
lldap_1  | 2025-12-29T16:08:38.180985240+00:00  WARN     ┝━ 🚧 [warn]: Could not find lldap_admin group, trying to create it
lldap_1  | 2025-12-29T16:08:38.232271857+00:00  WARN     ┝━ 🚧 [warn]: Could not find lldap_password_manager group, trying to create it
lldap_1  | 2025-12-29T16:08:38.286291654+00:00  WARN     ┝━ 🚧 [warn]: Could not find lldap_strict_readonly group, trying to create it
lldap_1  | 2025-12-29T16:08:38.340858500+00:00  WARN     ┝━ 🚧 [warn]: Could not find an admin user, trying to create the user "admin" with the config-provided password
lldap_1  | 2025-12-29T16:08:38.783117567+00:00  INFO     ┝━ ｉ [info]: Successfully (re)set password for "admin"
lldap_1  | 2025-12-29T16:08:38.835387952+00:00  INFO     ┕━ ｉ [info]: Starting the LDAP server on port 3890
Exception in thread Thread-4 (watch_events):
Traceback (most recent call last):
  File "/usr/lib/python3.12/threading.py", line 1073, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.12/threading.py", line 1010, in run
    self._target(*self._args, **self._kwargs)
  File "/usr/lib/python3/dist-packages/compose/cli/log_printer.py", line 202, in watch_events
    for event in event_stream:
  File "/usr/lib/python3/dist-packages/compose/project.py", line 626, in yield_loop
    yield build_container_event(event)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/compose/project.py", line 594, in build_container_event
    container = Container.from_id(self.client, event['id'])
                                               ~~~~~^^^^^^
KeyError: 'id'
lldap_lldap_1 exited with code 1

Docker compose configuration below for reference:

version: "3"

volumes:
  lldap_data:
    driver: local

services:
  lldap:
    image: lldap/lldap:stable
    ports:
      # For LDAP, not recommended to expose, see Usage section.
      #- "3890:3890"
      # For LDAPS (LDAP Over SSL), enable port if LLDAP_LDAPS_OPTIONS__ENABLED set true, look env below
      - "6360:6360"
      # For the web front-end
      - "17170:17170"
    volumes:
      - "lldap_data:/data"
      # Alternatively, you can mount a local folder
      # - "./lldap_data:/data"
      - "./ldaps.crt:/etc/ldaps.crt:ro" # If using LDAPS, mount your cert file here
      - "./ldaps.key:/path/to/keyfile.key:ro" # If using LDAPS, mount your key file here
    restart: unless-stopped
    environment:
      - UID=999
      - GID=989
      - TZ=America/New_York
      - LLDAP_JWT_SECRET=SOME_SECRET_VALUE
      - LLDAP_KEY_SEED=SOME_SECRET_VALUE
      - LLDAP_LDAP_BASE_DN=dc=mydomain,dc=com
      - L7LDAP_LDAP_USER_PASS=changeme # If the password contains '$', escape it (e.g. Pas$$word sets Pas$word)
      # If using LDAPS, set enabled true and configure cert and key path
      - LLDAP_LDAPS_OPTIONS__ENABLED=true
      - LLDAP_LDAPS_OPTIONS__CERT_FILE=/etc/ldaps.crt
      - LLDAP_LDAPS_OPTIONS__KEY_FILE=/etc/ldaps.key
      # You can also set a different database:
      # - LLDAP_DATABASE_URL=mysql://mysql-user:password@mysql-server/my-database
      # - LLDAP_DATABASE_URL=postgres://postgres-user:password@postgres-server/my-database
      # If using SMTP, set the following variables
      # - LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET=true
      # - LLDAP_SMTP_OPTIONS__SERVER=smtp.example.com
      # - LLDAP_SMTP_OPTIONS__PORT=465 # Check your smtp provider's documentation for this setting
      # - LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=TLS # How the connection is encrypted, either "NONE" (no encryption, port 25), "TLS" (sometimes called SSL, port 465) or "STARTTLS" (sometimes called TLS, port 587).
      # - LLDAP_SMTP_OPTIONS__USER=no-reply@example.com # The SMTP user, usually your email address
      # - LLDAP_SMTP_OPTIONS__PASSWORD=PasswordGoesHere # The SMTP password
      # - LLDAP_SMTP_OPTIONS__FROM=no-reply <no-reply@example.com> # The header field, optional: how the sender appears in the email. The first is a free-form name, followed by an email between <>.
      # - LLDAP_SMTP_OPTIONS__TO=admin <admin@example.com> # Same for reply-to, optional.

My /etc/hosts file:

192.168.11.3 identity.mydomain.com identity
127.0.0.1 identity.mydomain.com
127.0.0.1 localhost
127.0.1.1 identity

# The following lines are desirable for IPv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Finally, I created a functional user for the server via:

adduser -r lldap

To Reproduce

Steps to reproduce the behavior:

1. Create a new ubuntu instance (I used a VM)
2. Create the lldap user: adduser -r lldap
3. Modify /etc/hosts per guidance on installation guide
4. Create certificates using openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out ldaps.crt -keyout ldaps.key
5. Use the above docker-compose.yml configuration
   a. Adjust UID and GID to those of the lldap user created in step 2
6. Run docker-compose up

Expected behavior

LLDAP service starts successfully

Logs

Logs with LLDAP_VERBOSE set.

Creating network "lldap_default" with the default driver
Creating volume "lldap_lldap_data" with local driver
Creating lldap_lldap_1 ... done
Attaching to lldap_lldap_1
lldap_1  | [entrypoint] Copying the default config to /data/lldap_config.toml
lldap_1  | [entrypoint] Edit this file to configure LLDAP.
lldap_1  | > Setup permissions..
lldap_1  | > Starting lldap..
lldap_1  | 
lldap_1  | Loading configuration from /data/lldap_config.toml
lldap_1  | Configuration: Configuration {
lldap_1  |     ldap_host: "0.0.0.0",
lldap_1  |     ldap_port: 3890,
lldap_1  |     http_host: "0.0.0.0",
lldap_1  |     http_port: 17170,
lldap_1  |     jwt_secret: Some(
lldap_1  |         ***SECRET***,
lldap_1  |     ),
lldap_1  |     ldap_base_dn: "dc=mydomain,dc=com",
lldap_1  |     ldap_user_dn: "admin",
lldap_1  |     ldap_user_email: "",
lldap_1  |     ldap_user_pass: Some(
lldap_1  |         ***SECRET***,
lldap_1  |     ),
lldap_1  |     force_ldap_user_pass_reset: False,
lldap_1  |     force_update_private_key: false,
lldap_1  |     database_url: "sqlite:///data/users.db?mode=rwc",
lldap_1  |     ignored_user_attributes: [],
lldap_1  |     ignored_group_attributes: [],
lldap_1  |     verbose: true,
lldap_1  |     key_file: "server_key",
lldap_1  |     key_seed: Some(
lldap_1  |         ***SECRET***,
lldap_1  |     ),
lldap_1  |     assets_path: "./app",
lldap_1  |     smtp_options: MailOptions {
lldap_1  |         enable_password_reset: false,
lldap_1  |         from: None,
lldap_1  |         reply_to: None,
lldap_1  |         server: "localhost",
lldap_1  |         port: 587,
lldap_1  |         user: "",
lldap_1  |         password: ***SECRET***,
lldap_1  |         smtp_encryption: Tls,
lldap_1  |         ..
lldap_1  |     },
lldap_1  |     ldaps_options: LdapsOptions {
lldap_1  |         enabled: true,
lldap_1  |         port: 6360,
lldap_1  |         cert_file: "/etc/ldaps.crt",
lldap_1  |         key_file: "/etc/ldaps.key",
lldap_1  |     },
lldap_1  |     http_url: "http://localhost/",
lldap_1  |     ..
lldap_1  | }
lldap_1  | WARNING: A key_seed was given, we will ignore the key_file and generate one from the seed! Set key_file to an empty string in the config to silence this message.
lldap_1  | 2025-12-29T16:17:39.009104667+00:00  INFO     set_up_server [ 886ms | 71.00% / 100.00% ]
lldap_1  | 2025-12-29T16:17:39.009135107+00:00  INFO     ┝━ ｉ [info]: Starting LLDAP version 0.6.2
lldap_1  | 2025-12-29T16:17:39.010967960+00:00  DEBUG    ┝━ get_schema_version [ 381µs | 0.04% ]
lldap_1  | 2025-12-29T16:17:39.012067800+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: None
lldap_1  | 2025-12-29T16:17:39.475414396+00:00  DEBUG    ┝━ get_schema_version [ 814µs | 0.09% ]
lldap_1  | 2025-12-29T16:17:39.476697019+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: Some(SchemaVersion(1))
lldap_1  | 2025-12-29T16:17:39.476728520+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema from version 1
lldap_1  | 2025-12-29T16:17:39.476731540+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 2
lldap_1  | 2025-12-29T16:17:39.536447558+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 3
lldap_1  | 2025-12-29T16:17:39.604976505+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 4
lldap_1  | 2025-12-29T16:17:39.652661096+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 5
lldap_1  | 2025-12-29T16:17:39.701647080+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 6
lldap_1  | 2025-12-29T16:17:39.746944728+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 7
lldap_1  | 2025-12-29T16:17:39.787315997+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 8
lldap_1  | 2025-12-29T16:17:39.839460068+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 9
lldap_1  | 2025-12-29T16:17:39.897377414+00:00  INFO     ┝━ ｉ [info]: Upgrading DB schema to version 10
lldap_1  | 2025-12-29T16:17:40.136030853+00:00  DEBUG    ┝━ list_groups [ 5.04ms | 0.57% ] filters: Some(DisplayName("lldap_admin"))
lldap_1  | 2025-12-29T16:17:40.142462369+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: []
lldap_1  | 2025-12-29T16:17:40.142472739+00:00  WARN     ┝━ 🚧 [warn]: Could not find lldap_admin group, trying to create it
lldap_1  | 2025-12-29T16:17:40.142509300+00:00  DEBUG    ┝━ create_group [ 1.10ms | 0.12% ] request: CreateGroupRequest { display_name: "lldap_admin", attributes: [] }
lldap_1  | 2025-12-29T16:17:40.188746975+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: 1
lldap_1  | 2025-12-29T16:17:40.188790326+00:00  DEBUG    ┝━ list_groups [ 2.42ms | 0.27% ] filters: Some(DisplayName("lldap_password_manager"))
lldap_1  | 2025-12-29T16:17:40.192907590+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: []
lldap_1  | 2025-12-29T16:17:40.193007862+00:00  WARN     ┝━ 🚧 [warn]: Could not find lldap_password_manager group, trying to create it
lldap_1  | 2025-12-29T16:17:40.193015682+00:00  DEBUG    ┝━ create_group [ 721µs | 0.08% ] request: CreateGroupRequest { display_name: "lldap_password_manager", attributes: [] }
lldap_1  | 2025-12-29T16:17:40.234467131+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: 2
lldap_1  | 2025-12-29T16:17:40.234487921+00:00  DEBUG    ┝━ list_groups [ 3.41ms | 0.38% ] filters: Some(DisplayName("lldap_strict_readonly"))
lldap_1  | 2025-12-29T16:17:40.239058103+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: []
lldap_1  | 2025-12-29T16:17:40.239084884+00:00  WARN     ┝━ 🚧 [warn]: Could not find lldap_strict_readonly group, trying to create it
lldap_1  | 2025-12-29T16:17:40.239089374+00:00  DEBUG    ┝━ create_group [ 1.04ms | 0.12% ] request: CreateGroupRequest { display_name: "lldap_strict_readonly", attributes: [] }
lldap_1  | 2025-12-29T16:17:40.285104685+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: 3
lldap_1  | 2025-12-29T16:17:40.292000879+00:00  WARN     ┝━ 🚧 [warn]: Could not find an admin user, trying to create the user "admin" with the config-provided password
lldap_1  | 2025-12-29T16:17:40.285159486+00:00  DEBUG    ┝━ list_users [ 5.06ms | 0.57% ] filters: Some(MemberOf("lldap_admin")) | _get_groups: false
lldap_1  | 2025-12-29T16:17:40.291992468+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: []
lldap_1  | 2025-12-29T16:17:40.292014679+00:00  DEBUG    ┝━ create_user [ 2.43ms | 0.27% ] request: CreateUserRequest { user_id: "admin", email: "", display_name: Some("Administrator"), attributes: [] } | user_id: "admin"
lldap_1  | 2025-12-29T16:17:40.342281318+00:00  DEBUG    ┝━ register_password [ 185ms | 15.69% / 20.93% ] username: admin
lldap_1  | 2025-12-29T16:17:40.342616273+00:00  DEBUG    │  ┝━ registration_start [ 245µs | 0.03% ]
lldap_1  | 2025-12-29T16:17:40.526894860+00:00  DEBUG    │  ┕━ registration_finish [ 46.1ms | 5.21% ]
lldap_1  | 2025-12-29T16:17:40.574269915+00:00  INFO     │     ┕━ ｉ [info]: Successfully (re)set password for "admin"
lldap_1  | 2025-12-29T16:17:40.574321046+00:00  DEBUG    ┝━ list_groups [ 2.59ms | 0.29% ] filters: Some(DisplayName("lldap_admin"))
lldap_1  | 2025-12-29T16:17:40.577709817+00:00  DEBUG    │  ┕━ 🐛 [debug]:  | return: [Group { id: 1, display_name: "lldap_admin", creation_date: 2025-12-29T16:17:40.142510860, uuid: "477ce554-2def-3d85-aed8-442fee0e8ccc", users: [], attributes: [] }]
lldap_1  | 2025-12-29T16:17:40.577718158+00:00  DEBUG    ┝━ add_user_to_group [ 46.5ms | 5.25% ] user_id: "admin"
lldap_1  | 2025-12-29T16:17:40.625739534+00:00  INFO     ┕━ ｉ [info]: Starting the LDAP server on port 3890
lldap_1  | Error: while binding the LDAP server
lldap_1  | 
lldap_1  | Caused by:
lldap_1  |     0: while setting up the SSL certificate
lldap_1  |     1: No such file or directory (os error 2)
Exception in thread Thread-4 (watch_events):
Traceback (most recent call last):
  File "/usr/lib/python3.12/threading.py", line 1073, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.12/threading.py", line 1010, in run
    self._target(*self._args, **self._kwargs)
  File "/usr/lib/python3/dist-packages/compose/cli/log_printer.py", line 202, in watch_events
    for event in event_stream:
  File "/usr/lib/python3/dist-packages/compose/project.py", line 626, in yield_loop
    yield build_container_event(event)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/compose/project.py", line 594, in build_container_event
    container = Container.from_id(self.client, event['id'])
                                               ~~~~~^^^^^^
KeyError: 'id'
lldap_lldap_1 exited with code 1

Additional context

The jwt secret and seeds were set with randomly generated hex and the mydomain.com is used in the above as a redaction to my real domain.

Originally created by @nuvious on GitHub (Dec 29, 2025). Original GitHub issue: https://github.com/lldap/lldap/issues/1372 **Describe the bug** When starting a new instance with docker-compose, I receive the following error: ```bash nuvious@identity:~/ServerNotes/lldap$ docker-compose up Creating network "lldap_default" with the default driver Creating volume "lldap_lldap_data" with local driver Creating lldap_lldap_1 ... done Attaching to lldap_lldap_1 lldap_1 | [entrypoint] Copying the default config to /data/lldap_config.toml lldap_1 | [entrypoint] Edit this file to configure LLDAP. lldap_1 | > Setup permissions.. lldap_1 | > Starting lldap.. lldap_1 | lldap_1 | Loading configuration from /data/lldap_config.toml lldap_1 | WARNING: A key_seed was given, we will ignore the key_file and generate one from the seed! Set key_file to an empty string in the config to silence this message. lldap_1 | Error: while binding the LDAP server lldap_1 | lldap_1 | Caused by: lldap_1 | 0: while setting up the SSL certificate lldap_1 | 1: No such file or directory (os error 2) lldap_1 | 2025-12-29T16:08:37.070141454+00:00 INFO set_up_server [ 871ms | 100.00% ] lldap_1 | 2025-12-29T16:08:37.070257936+00:00 INFO ┝━ ｉ [info]: Starting LLDAP version 0.6.2 lldap_1 | 2025-12-29T16:08:37.342807133+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema from version 1 lldap_1 | 2025-12-29T16:08:37.342811813+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 2 lldap_1 | 2025-12-29T16:08:37.396875631+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 3 lldap_1 | 2025-12-29T16:08:37.489132875+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 4 lldap_1 | 2025-12-29T16:08:37.547164935+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 5 lldap_1 | 2025-12-29T16:08:37.613751702+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 6 lldap_1 | 2025-12-29T16:08:37.742379940+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 7 lldap_1 | 2025-12-29T16:08:37.824894167+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 8 lldap_1 | 2025-12-29T16:08:37.876792475+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 9 lldap_1 | 2025-12-29T16:08:37.931068236+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 10 lldap_1 | 2025-12-29T16:08:38.180985240+00:00 WARN ┝━ 🚧 [warn]: Could not find lldap_admin group, trying to create it lldap_1 | 2025-12-29T16:08:38.232271857+00:00 WARN ┝━ 🚧 [warn]: Could not find lldap_password_manager group, trying to create it lldap_1 | 2025-12-29T16:08:38.286291654+00:00 WARN ┝━ 🚧 [warn]: Could not find lldap_strict_readonly group, trying to create it lldap_1 | 2025-12-29T16:08:38.340858500+00:00 WARN ┝━ 🚧 [warn]: Could not find an admin user, trying to create the user "admin" with the config-provided password lldap_1 | 2025-12-29T16:08:38.783117567+00:00 INFO ┝━ ｉ [info]: Successfully (re)set password for "admin" lldap_1 | 2025-12-29T16:08:38.835387952+00:00 INFO ┕━ ｉ [info]: Starting the LDAP server on port 3890 Exception in thread Thread-4 (watch_events): Traceback (most recent call last): File "/usr/lib/python3.12/threading.py", line 1073, in _bootstrap_inner self.run() File "/usr/lib/python3.12/threading.py", line 1010, in run self._target(*self._args, **self._kwargs) File "/usr/lib/python3/dist-packages/compose/cli/log_printer.py", line 202, in watch_events for event in event_stream: File "/usr/lib/python3/dist-packages/compose/project.py", line 626, in yield_loop yield build_container_event(event) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/compose/project.py", line 594, in build_container_event container = Container.from_id(self.client, event['id']) ~~~~~^^^^^^ KeyError: 'id' lldap_lldap_1 exited with code 1 ``` Docker compose configuration below for reference: ```yaml version: "3" volumes: lldap_data: driver: local services: lldap: image: lldap/lldap:stable ports: # For LDAP, not recommended to expose, see Usage section. #- "3890:3890" # For LDAPS (LDAP Over SSL), enable port if LLDAP_LDAPS_OPTIONS__ENABLED set true, look env below - "6360:6360" # For the web front-end - "17170:17170" volumes: - "lldap_data:/data" # Alternatively, you can mount a local folder # - "./lldap_data:/data" - "./ldaps.crt:/etc/ldaps.crt:ro" # If using LDAPS, mount your cert file here - "./ldaps.key:/path/to/keyfile.key:ro" # If using LDAPS, mount your key file here restart: unless-stopped environment: - UID=999 - GID=989 - TZ=America/New_York - LLDAP_JWT_SECRET=SOME_SECRET_VALUE - LLDAP_KEY_SEED=SOME_SECRET_VALUE - LLDAP_LDAP_BASE_DN=dc=mydomain,dc=com - L7LDAP_LDAP_USER_PASS=changeme # If the password contains '$', escape it (e.g. Pas$$word sets Pas$word) # If using LDAPS, set enabled true and configure cert and key path - LLDAP_LDAPS_OPTIONS__ENABLED=true - LLDAP_LDAPS_OPTIONS__CERT_FILE=/etc/ldaps.crt - LLDAP_LDAPS_OPTIONS__KEY_FILE=/etc/ldaps.key # You can also set a different database: # - LLDAP_DATABASE_URL=mysql://mysql-user:password@mysql-server/my-database # - LLDAP_DATABASE_URL=postgres://postgres-user:password@postgres-server/my-database # If using SMTP, set the following variables # - LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET=true # - LLDAP_SMTP_OPTIONS__SERVER=smtp.example.com # - LLDAP_SMTP_OPTIONS__PORT=465 # Check your smtp provider's documentation for this setting # - LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION=TLS # How the connection is encrypted, either "NONE" (no encryption, port 25), "TLS" (sometimes called SSL, port 465) or "STARTTLS" (sometimes called TLS, port 587). # - LLDAP_SMTP_OPTIONS__USER=no-reply@example.com # The SMTP user, usually your email address # - LLDAP_SMTP_OPTIONS__PASSWORD=PasswordGoesHere # The SMTP password # - LLDAP_SMTP_OPTIONS__FROM=no-reply <no-reply@example.com> # The header field, optional: how the sender appears in the email. The first is a free-form name, followed by an email between <>. # - LLDAP_SMTP_OPTIONS__TO=admin <admin@example.com> # Same for reply-to, optional. ``` My /etc/hosts file: ``` 192.168.11.3 identity.mydomain.com identity 127.0.0.1 identity.mydomain.com 127.0.0.1 localhost 127.0.1.1 identity # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ``` Finally, I created a functional user for the server via: ``` adduser -r lldap ``` **To Reproduce** Steps to reproduce the behavior: 1. Create a new ubuntu instance (I used a VM) 2. Create the lldap user: `adduser -r lldap` 3. Modify `/etc/hosts` per guidance on installation guide 4. Create certificates using `openssl req -newkey rsa:4096 -x509 -sha256 -days 3650 -nodes -out ldaps.crt -keyout ldaps.key` 5. Use the above `docker-compose.yml` configuration a. Adjust UID and GID to those of the lldap user created in step 2 7. Run `docker-compose up` **Expected behavior** LLDAP service starts successfully **Logs** Logs with LLDAP_VERBOSE set. ``` Creating network "lldap_default" with the default driver Creating volume "lldap_lldap_data" with local driver Creating lldap_lldap_1 ... done Attaching to lldap_lldap_1 lldap_1 | [entrypoint] Copying the default config to /data/lldap_config.toml lldap_1 | [entrypoint] Edit this file to configure LLDAP. lldap_1 | > Setup permissions.. lldap_1 | > Starting lldap.. lldap_1 | lldap_1 | Loading configuration from /data/lldap_config.toml lldap_1 | Configuration: Configuration { lldap_1 | ldap_host: "0.0.0.0", lldap_1 | ldap_port: 3890, lldap_1 | http_host: "0.0.0.0", lldap_1 | http_port: 17170, lldap_1 | jwt_secret: Some( lldap_1 | ***SECRET***, lldap_1 | ), lldap_1 | ldap_base_dn: "dc=mydomain,dc=com", lldap_1 | ldap_user_dn: "admin", lldap_1 | ldap_user_email: "", lldap_1 | ldap_user_pass: Some( lldap_1 | ***SECRET***, lldap_1 | ), lldap_1 | force_ldap_user_pass_reset: False, lldap_1 | force_update_private_key: false, lldap_1 | database_url: "sqlite:///data/users.db?mode=rwc", lldap_1 | ignored_user_attributes: [], lldap_1 | ignored_group_attributes: [], lldap_1 | verbose: true, lldap_1 | key_file: "server_key", lldap_1 | key_seed: Some( lldap_1 | ***SECRET***, lldap_1 | ), lldap_1 | assets_path: "./app", lldap_1 | smtp_options: MailOptions { lldap_1 | enable_password_reset: false, lldap_1 | from: None, lldap_1 | reply_to: None, lldap_1 | server: "localhost", lldap_1 | port: 587, lldap_1 | user: "", lldap_1 | password: ***SECRET***, lldap_1 | smtp_encryption: Tls, lldap_1 | .. lldap_1 | }, lldap_1 | ldaps_options: LdapsOptions { lldap_1 | enabled: true, lldap_1 | port: 6360, lldap_1 | cert_file: "/etc/ldaps.crt", lldap_1 | key_file: "/etc/ldaps.key", lldap_1 | }, lldap_1 | http_url: "http://localhost/", lldap_1 | .. lldap_1 | } lldap_1 | WARNING: A key_seed was given, we will ignore the key_file and generate one from the seed! Set key_file to an empty string in the config to silence this message. lldap_1 | 2025-12-29T16:17:39.009104667+00:00 INFO set_up_server [ 886ms | 71.00% / 100.00% ] lldap_1 | 2025-12-29T16:17:39.009135107+00:00 INFO ┝━ ｉ [info]: Starting LLDAP version 0.6.2 lldap_1 | 2025-12-29T16:17:39.010967960+00:00 DEBUG ┝━ get_schema_version [ 381µs | 0.04% ] lldap_1 | 2025-12-29T16:17:39.012067800+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: None lldap_1 | 2025-12-29T16:17:39.475414396+00:00 DEBUG ┝━ get_schema_version [ 814µs | 0.09% ] lldap_1 | 2025-12-29T16:17:39.476697019+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: Some(SchemaVersion(1)) lldap_1 | 2025-12-29T16:17:39.476728520+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema from version 1 lldap_1 | 2025-12-29T16:17:39.476731540+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 2 lldap_1 | 2025-12-29T16:17:39.536447558+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 3 lldap_1 | 2025-12-29T16:17:39.604976505+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 4 lldap_1 | 2025-12-29T16:17:39.652661096+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 5 lldap_1 | 2025-12-29T16:17:39.701647080+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 6 lldap_1 | 2025-12-29T16:17:39.746944728+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 7 lldap_1 | 2025-12-29T16:17:39.787315997+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 8 lldap_1 | 2025-12-29T16:17:39.839460068+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 9 lldap_1 | 2025-12-29T16:17:39.897377414+00:00 INFO ┝━ ｉ [info]: Upgrading DB schema to version 10 lldap_1 | 2025-12-29T16:17:40.136030853+00:00 DEBUG ┝━ list_groups [ 5.04ms | 0.57% ] filters: Some(DisplayName("lldap_admin")) lldap_1 | 2025-12-29T16:17:40.142462369+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: [] lldap_1 | 2025-12-29T16:17:40.142472739+00:00 WARN ┝━ 🚧 [warn]: Could not find lldap_admin group, trying to create it lldap_1 | 2025-12-29T16:17:40.142509300+00:00 DEBUG ┝━ create_group [ 1.10ms | 0.12% ] request: CreateGroupRequest { display_name: "lldap_admin", attributes: [] } lldap_1 | 2025-12-29T16:17:40.188746975+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: 1 lldap_1 | 2025-12-29T16:17:40.188790326+00:00 DEBUG ┝━ list_groups [ 2.42ms | 0.27% ] filters: Some(DisplayName("lldap_password_manager")) lldap_1 | 2025-12-29T16:17:40.192907590+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: [] lldap_1 | 2025-12-29T16:17:40.193007862+00:00 WARN ┝━ 🚧 [warn]: Could not find lldap_password_manager group, trying to create it lldap_1 | 2025-12-29T16:17:40.193015682+00:00 DEBUG ┝━ create_group [ 721µs | 0.08% ] request: CreateGroupRequest { display_name: "lldap_password_manager", attributes: [] } lldap_1 | 2025-12-29T16:17:40.234467131+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: 2 lldap_1 | 2025-12-29T16:17:40.234487921+00:00 DEBUG ┝━ list_groups [ 3.41ms | 0.38% ] filters: Some(DisplayName("lldap_strict_readonly")) lldap_1 | 2025-12-29T16:17:40.239058103+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: [] lldap_1 | 2025-12-29T16:17:40.239084884+00:00 WARN ┝━ 🚧 [warn]: Could not find lldap_strict_readonly group, trying to create it lldap_1 | 2025-12-29T16:17:40.239089374+00:00 DEBUG ┝━ create_group [ 1.04ms | 0.12% ] request: CreateGroupRequest { display_name: "lldap_strict_readonly", attributes: [] } lldap_1 | 2025-12-29T16:17:40.285104685+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: 3 lldap_1 | 2025-12-29T16:17:40.292000879+00:00 WARN ┝━ 🚧 [warn]: Could not find an admin user, trying to create the user "admin" with the config-provided password lldap_1 | 2025-12-29T16:17:40.285159486+00:00 DEBUG ┝━ list_users [ 5.06ms | 0.57% ] filters: Some(MemberOf("lldap_admin")) | _get_groups: false lldap_1 | 2025-12-29T16:17:40.291992468+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: [] lldap_1 | 2025-12-29T16:17:40.292014679+00:00 DEBUG ┝━ create_user [ 2.43ms | 0.27% ] request: CreateUserRequest { user_id: "admin", email: "", display_name: Some("Administrator"), attributes: [] } | user_id: "admin" lldap_1 | 2025-12-29T16:17:40.342281318+00:00 DEBUG ┝━ register_password [ 185ms | 15.69% / 20.93% ] username: admin lldap_1 | 2025-12-29T16:17:40.342616273+00:00 DEBUG │ ┝━ registration_start [ 245µs | 0.03% ] lldap_1 | 2025-12-29T16:17:40.526894860+00:00 DEBUG │ ┕━ registration_finish [ 46.1ms | 5.21% ] lldap_1 | 2025-12-29T16:17:40.574269915+00:00 INFO │ ┕━ ｉ [info]: Successfully (re)set password for "admin" lldap_1 | 2025-12-29T16:17:40.574321046+00:00 DEBUG ┝━ list_groups [ 2.59ms | 0.29% ] filters: Some(DisplayName("lldap_admin")) lldap_1 | 2025-12-29T16:17:40.577709817+00:00 DEBUG │ ┕━ 🐛 [debug]: | return: [Group { id: 1, display_name: "lldap_admin", creation_date: 2025-12-29T16:17:40.142510860, uuid: "477ce554-2def-3d85-aed8-442fee0e8ccc", users: [], attributes: [] }] lldap_1 | 2025-12-29T16:17:40.577718158+00:00 DEBUG ┝━ add_user_to_group [ 46.5ms | 5.25% ] user_id: "admin" lldap_1 | 2025-12-29T16:17:40.625739534+00:00 INFO ┕━ ｉ [info]: Starting the LDAP server on port 3890 lldap_1 | Error: while binding the LDAP server lldap_1 | lldap_1 | Caused by: lldap_1 | 0: while setting up the SSL certificate lldap_1 | 1: No such file or directory (os error 2) Exception in thread Thread-4 (watch_events): Traceback (most recent call last): File "/usr/lib/python3.12/threading.py", line 1073, in _bootstrap_inner self.run() File "/usr/lib/python3.12/threading.py", line 1010, in run self._target(*self._args, **self._kwargs) File "/usr/lib/python3/dist-packages/compose/cli/log_printer.py", line 202, in watch_events for event in event_stream: File "/usr/lib/python3/dist-packages/compose/project.py", line 626, in yield_loop yield build_container_event(event) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/compose/project.py", line 594, in build_container_event container = Container.from_id(self.client, event['id']) ~~~~~^^^^^^ KeyError: 'id' lldap_lldap_1 exited with code 1 ``` **Additional context** The jwt secret and seeds were set with randomly generated hex and the `mydomain.com` is used in the above as a redaction to my real domain.

kerem added the

bug

label 2026-02-27 08:17:28 +03:00

kerem commented 2026-02-27 08:17:29 +03:00

Author

Owner

Copy link

@coderabbitai[bot] commented on GitHub (Dec 29, 2025):

📝 CodeRabbit Plan Mode

Generate an implementation plan and prompts that you can use with your favorite coding agent.

• Create Plan

Examples

• Example 1
• Example 2

---

🔗 Similar Issues

Related Issues

• https://github.com/lldap/lldap/issues/1324
• https://github.com/lldap/lldap/issues/1184
• https://github.com/lldap/lldap/issues/1211
• https://github.com/lldap/lldap/issues/1206

🔗 Related PRs

lldap/lldap#1266 - document: Simple LDAPS:// configuration for Open WebUI [merged]
lldap/lldap#1287 - chore: upgrade Rust toolchain to 1.89 and modernize code with let-chains [merged]
lldap/lldap#1331 - docs: lldap password in docker install corrected [merged]

👤 Suggested Assignees

• Mindar
• Pierre-Lannoy
• crazytimmy
• BerkhanBerkdemir
• thchha

---

🧪 Issue enrichment is currently in open beta.

You can configure auto-planning by selecting labels in the issue_enrichment configuration.

To disable automatic issue enrichment, add the following to your .coderabbit.yaml:

issue_enrichment:
  auto_enrich:
    enabled: false

💬 Have feedback or questions? Drop into our discord!

<!-- gh-comment-id:3696950619 --> @coderabbitai[bot] commented on GitHub (Dec 29, 2025): <!-- This is an auto-generated issue plan by CodeRabbit --> ### 📝 CodeRabbit Plan Mode Generate an implementation plan and prompts that you can use with your favorite coding agent. - [ ] <!-- {"checkboxId": "8d4f2b9c-3e1a-4f7c-a9b2-d5e8f1c4a7b9"} --> Create Plan <details> <summary>Examples</summary> - [Example 1](https://github.com/coderabbitai/git-worktree-runner/issues/29#issuecomment-3589134556) - [Example 2](https://github.com/coderabbitai/git-worktree-runner/issues/12#issuecomment-3606665167) </details> --- <details> <summary><b>🔗 Similar Issues</b></summary> **Related Issues** - https://github.com/lldap/lldap/issues/1324 - https://github.com/lldap/lldap/issues/1184 - https://github.com/lldap/lldap/issues/1211 - https://github.com/lldap/lldap/issues/1206 </details> <details> <summary><b>🔗 Related PRs</b></summary> lldap/lldap#1266 - document: Simple `LDAPS://` configuration for Open WebUI [merged] lldap/lldap#1287 - chore: upgrade Rust toolchain to 1.89 and modernize code with let-chains [merged] lldap/lldap#1331 - docs: lldap password in docker install corrected [merged] </details> <details> <summary><b>👤 Suggested Assignees</b></summary> - [Mindar](https://github.com/Mindar) - [Pierre-Lannoy](https://github.com/Pierre-Lannoy) - [crazytimmy](https://github.com/crazytimmy) - [BerkhanBerkdemir](https://github.com/BerkhanBerkdemir) - [thchha](https://github.com/thchha) </details> --- <details> <summary> 🧪 Issue enrichment is currently in open beta.</summary> You can configure auto-planning by selecting labels in the issue_enrichment configuration. To disable automatic issue enrichment, add the following to your `.coderabbit.yaml`: ```yaml issue_enrichment: auto_enrich: enabled: false ``` </details> 💬 Have feedback or questions? Drop into our [discord](https://discord.gg/coderabbit)!

kerem commented 2026-02-27 08:17:29 +03:00

Author

Owner

Copy link

@nitnelave commented on GitHub (Dec 29, 2025):

The most relevant line is "Error: while binding the LDAP server lldap_1 | lldap_1 | Caused by: lldap_1 | 0: while setting up the SSL certificate lldap_1 | 1: No such file or directory (os error 2)"

The ssl certificates you specified in the config don't exist in the container.

<!-- gh-comment-id:3697033333 --> @nitnelave commented on GitHub (Dec 29, 2025): The most relevant line is "Error: while binding the LDAP server lldap_1 | lldap_1 | Caused by: lldap_1 | 0: while setting up the SSL certificate lldap_1 | 1: No such file or directory (os error 2)" The ssl certificates you specified in the config don't exist in the container.

kerem referenced this issue 2026-02-27 09:09:40 +03:00

[PR #478] [MERGED] clippy: fix new warning #767

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/github_actions/codecov/codecov-action-6

copilot/fix-equality-filters-list-attributes

dependabot/github_actions/docker/build-push-action-7

dependabot/github_actions/docker/metadata-action-6

dependabot/github_actions/docker/setup-buildx-action-4

dependabot/github_actions/docker/login-action-4

copilot/update-download-artifact-action

copilot/fix-opensuse-warnings

copilot/fix-1268

copilot/fix-727

copilot/fix-898

copilot/fix-1256

copilot/fix-1251

copilot/fix-1249

copilot/fix-1206

user-attribute-form

user-ui

group-ui

server-user-attribute-schema

crates

haveibeenpwned

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.0

v0.2.0

v0.0.1

Labels

Clear labels   

backend

  

blocked

  

bug

  

cleanup

  

dependencies

  

docker

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

frontend

  

github_actions

  

good first issue

  

help wanted

  

help wanted

  

integration

  

invalid

  

ldap

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

rust

  

rust

  

tests

  

wontfix

No labels

backend

blocked

bug

cleanup

dependencies

docker

documentation

duplicate

enhancement

enhancement

frontend

github_actions

good first issue

help wanted

help wanted

integration

invalid

ldap

pull-request

question

rust

rust

tests

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/lldap-lldap#478

No description provided.