Files
truecharts/charts/stable/lldap/values.yaml
T
TrueCharts Bot 20296f00bd fix(lldap): update image docker.io/nitnelave/lldap v0.6.2 → v0.6.3 (#47747)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/nitnelave/lldap](https://redirect.github.com/lldap/lldap) |
patch | `713f8f1` → `2f208d7` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>lldap/lldap (docker.io/nitnelave/lldap)</summary>

###
[`v0.6.3`](https://redirect.github.com/lldap/lldap/releases/tag/v0.6.3)

[Compare
Source](https://redirect.github.com/lldap/lldap/compare/v0.6.2...v0.6.3)

#### \[0.6.3] 2026-05-01

Small release, focused on LDAP compatibility, TLS maintenance,
dependency upgrades and documentation/examples.

##### Added

- LDAP schema definitions for `memberOf`, `modifyTimestamp` and
`pwdChangedTime`
- Support for configuring the healthcheck listen addresses
- Usernames are now included in password recovery emails

##### Changed

- JWT `exp` and `iat` claims are now serialized as NumericDate values to
comply with RFC7519
- Migrated to `rustls` 0.23 and centralized TLS handling
- The login form no longer enforces a password length limit

##### Fixed

- `pwdChangedTime` is now emitted as LDAP GeneralizedTime instead of
RFC3339
- LDAP base-scope searches for non-existent entries now return
`NoSuchObject`
- `cn` equality filters are now case insensitive
- The server now shuts down the database connection pool gracefully
- The bootstrap script now handles empty globs correctly

##### Security

- Updated the LDAP dependency stack, including `ldap3_proto`, in
response to
  security advisory

[`GHSA-qcxq-75wr-5cm8`](https://redirect.github.com/kanidm/ldap3/security/advisories/GHSA-qcxq-75wr-5cm8),
  where a specially crafted LDAP query could make the server crash

##### Cleanups

- Split GraphQL queries and mutations into smaller modules
- Refactored configuration and user update logic
- Upgraded the Rust toolchain and shared dependencies

##### New services

- Apache WebDAV
- Continuwuity
- Gerrit
- Gogs
- Open WebUI
- OpenCloud
- Pocket ID
- Semaphore
- TrueNAS

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC9sbGRhcCIsImF1dG9tZXJnZSIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvcGF0Y2giXX0=-->
2026-05-01 08:01:33 +02:00

67 lines
1.9 KiB
YAML

# yaml-language-server: $schema=./values.schema.json
image:
repository: docker.io/nitnelave/lldap
pullPolicy: IfNotPresent
tag: v0.6.3-debian@sha256:2f208d7dc45d0b01648ab9c869fa6f65b843a8c9647e99dd929739f5a51a945b
securityContext:
container:
readOnlyRootFilesystem: false
service:
main:
ports:
main:
port: 17170
ldap:
enabled: true
ports:
ldap:
enabled: true
port: 3890
workload:
main:
podSpec:
containers:
main:
command:
- "/app/lldap"
args:
- "run"
env:
LLDAP_HTTP_PORT: "{{ .Values.service.main.ports.main.port }}"
LLDAP_LDAP_PORT: "{{ .Values.service.ldap.ports.ldap.port }}"
LLDAP_HTTP_URL: "http://localhost:{{ .Values.service.main.ports.main.port }}"
LLDAP_LDAP_BASE_DN: "dc=example,dc=com"
# ADMIN
LLDAP_LDAP_USER_DN: "admin"
LLDAP_LDAP_USER_EMAIL: "admin@example.com"
LLDAP_LDAP_USER_PASS: "password"
# LOGGING
LLDAP_VERBOSE: false
# SMTP
LLDAP_SMTP_OPTIONS__ENABLE_PASSWORD_RESET: false
LLDAP_SMTP_OPTIONS__SERVER: ""
LLDAP_SMTP_OPTIONS__PORT: 587
LLDAP_SMTP_OPTIONS__SMTP_ENCRYPTION: "STARTTLS"
LLDAP_SMTP_OPTIONS__USER: ""
LLDAP_SMTP_OPTIONS__PASSWORD: ""
LLDAP_SMTP_OPTIONS__FROM: "LLDAP Admin <sender@gmail.com>"
LLDAP_SMTP_OPTIONS__REPLY_TO: "Do not reply <noreply@localhost>"
LLDAP_JWT_SECRET:
- secretRef:
name: secrets
key: LLDAP_JWT_SECRET
LLDAP_key_file: "/data/private_key"
LLDAP_database_url:
secretKeyRef:
name: cnpg-main-urls
key: std
persistence:
data:
enabled: true
mountPath: "/data"
cnpg:
main:
enabled: true
user: lldap
database: lldap