# Jitsi Meet Docker LDAP Authentication configuration
# .env

# Enable authentication
ENABLE_AUTH=1

# Enable guest access
ENABLE_GUESTS=0

# Select authentication type: internal, jwt or ldap
AUTH_TYPE=ldap

# LDAP authentication (for more information see the Cyrus SASL saslauthd.conf man page)
#

# LDAP url for connection
LDAP_URL=ldap://IP:3890

# LDAP base DN. Can be empty
LDAP_BASE=dc=example,dc=com

# LDAP user DN. Do not specify this parameter for the anonymous bind
LDAP_BINDDN=cn=admin,ou=people,dc=example,dc=com

# LDAP user password. Do not specify this parameter for the anonymous bind
LDAP_BINDPW=LLDAP admin password

# LDAP filter. Tokens example:
# %1-9 - if the input key is user@mail.domain.com, then %1 is com, %2 is domain and %3 is mail
# %s - %s is replaced by the complete service string
# %r - %r is replaced by the complete realm string
LDAP_FILTER=(&(uid=%u)(objectClass=person))

# LDAP authentication method
LDAP_AUTH_METHOD=bind

# LDAP version
#LDAP_VERSION=3

# LDAP TLS using
#LDAP_USE_TLS=0

# List of SSL/TLS ciphers to allow
#LDAP_TLS_CIPHERS=SECURE256:SECURE128:!AES-128-CBC:!ARCFOUR-128:!CAMELLIA-128-CBC:!3DES-CBC:!CAMELLIA-128-CBC

# Require and verify server certificate
#LDAP_TLS_CHECK_PEER=1

# Path to CA cert file. Used when server certificate verify is enabled
#LDAP_TLS_CACERT_FILE=/etc/ssl/certs/ca-certificates.crt

# Path to CA certs directory. Used when server certificate verify is enabled
#LDAP_TLS_CACERT_DIR=/etc/ssl/certs

# Wether to use starttls, implies LDAPv3 and requires ldap:// instead of ldaps://
# LDAP_START_TLS=1