docker/docker-compose.yaml

version: '2'
volumes:
    ldap_data:
services:
  vpn:
    build: ..
    cap_add:
        - NET_ADMIN
    depends_on:
        - ldap
    environment:
        - "AUTH_LDAP_PASSWORD=s3cr3t"
        - "AUTH_LDAP_URL=ldaps://ldap"
        - "AUTH_LDAP_BINDDN=cn=admin,dc=jenkins-ci,dc=org"
        - "AUTH_LDAP_GROUPS_MEMBER=cn=all"
        - "OPENVPN_NETWORK_NAME=mocked-vnet"
        - "OPENVPN_SERVER_SUBNET=10.8.0.0"
        - "OPENVPN_SERVER_NETMASK=255.255.255.0"
    volumes:
        - ./mock/vpn/ccd:/home/openvpn/available-ccds:ro
        - ./mock/vpn/ca.crt:/etc/openvpn/server/ca.crt:ro
        - ./mock/ldap/ca.crt:/usr/local/share/ca-certificates/ldapca.crt:ro
        - ./mock/vpn/vpn.crt:/etc/openvpn/server/server.crt:ro
        - ./mock/vpn/dh.pem:/etc/openvpn/server/dh.pem:ro
        - ./mock/vpn/vpn.key:/etc/openvpn/server/server.key:ro
        - ./mock/vpn/ca.crt:/usr/local/share/ca-certificates/ca.crt:ro
        - ./mock/clients:/root/openvpn-client:ro
    ports:
        - 443:443

  # Don't forget to run /entrypoint/restore, once database is started
  ldap:
    image: jenkinsciinfra/ldap:latest
    environment:
        - "OPENLDAP_DEBUG_LEVEL=1"
    volumes:
        - ldap_data:/var/lib/ldap
        - ./mock/ldap/ca.crt:/usr/local/share/ca-certificates/ca.crt:ro
        - ./mock/ldap/ca.crt:/etc/ldap/ssl-ca/ca.crt:ro # Override the Let's Encrypt CA embeded in the image
        - ./mock/ldap/ldap.crt:/etc/ldap/ssl/cert.pem:ro
        - ./mock/ldap/ldap.key:/etc/ldap/ssl/privkey.key:ro
        - ./mock/mock.ldif:/var/backups/backup.latest.ldif:ro