docker-compose部署
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
version: "3.3"
services:
freeipa:
image: freeipa/freeipa-server:centos-7-4.6.8
domainname: freeipa.xtrfr.cn
container_name: freeipa-server
ports:
- "80:80/tcp"
- "443:443/tcp"
# DNS
- "53:53/tcp"
- "53:53/udp"
# LDAP(S)
- "389:389/tcp"
- "636:636/tcp"
# Kerberos
- "88:88/tcp"
- "88:88/udp"
- "464:464/tcp"
- "464:464/udp"
# NTP
- "123:123/udp"
dns:
- 127.0.0.1
- 114.114.114.114
tty: true
stdin_open: true
environment:
IPA_SERVER_HOSTNAME: freeipa.xtrfr.cn
IPA_SERVER_IP: 10.38.180.248
TZ: "Asia/Shanghai"
command:
- --domain=freeipa.xtrfr.cn
- --realm=FREEIPA.XTRFR.CN
- --admin-password=12345678 #freeapi的admin管理员账号
- --ds-password=12345678
- --no-dnssec-validation
- --no-host-dns
- --setup-dns
- --auto-forwarders
- --allow-zone-overlap
- --unattended # 自动无人工干预安装
cap_add:
- SYS_TIME
- NET_ADMIN
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /data/free-ipa/data:/data
- /data/free-ipa/var/logs:/var/logs
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
- net.ipv6.conf.lo.disable_ipv6=0
- net.ipv6.conf.default.disable_ipv6=0
security_opt:
- "seccomp:unconfined"
labels:
- freeipa-server
extra_hosts:
- "freeipa.xtrfr.cn:10.38.180.248"
- "freeipa.xtrfr.cn:172.18.0.2"
本文由作者按照
CC BY 4.0
进行授权