Kanboard

version: '2'
services:
  kanboard:
    image: kanboard/kanboard:latest
    ports:
      - "980:80"
      - "9443:443"
    volumes:
      - ./config.php:/var/www/app/config.php
      - ./kanboard_data:/var/www/app/data
      - ./kanboard_plugins:/var/www/app/plugins
      - ./kanboard_ssl:/etc/nginx/ssl
    environment:
      #DATABASE_URL: mysql://kanboard:kanboard-secret@db/kanboard
      PLUGIN_INSTALLER: true
  db:
    image: mariadb:latest
    command: --default-authentication-plugin=mysql_native_password
    environment:
      MYSQL_ROOT_PASSWORD: secret
      MYSQL_DATABASE: kanboard
      MYSQL_USER: kanboard
      MYSQL_PASSWORD: kanboard-secret
    volumes:
      - ./db:/var/lib/mysql

cp config.default.php config.php

// Enable/disable email configuration from the user interface
define('MAIL_CONFIGURATION', true);

// E-mail address used for the "From" header (notifications)
define('MAIL_FROM', '[email protected]');

// Mail transport available: "smtp", "sendmail", "mail" (PHP mail function), "postmark", "mailgun", "se
define('MAIL_TRANSPORT', 'smtp');

// SMTP configuration to use when the "smtp" transport is chosen
define('MAIL_SMTP_HOSTNAME', 'smtp.exmail.qq.com');
define('MAIL_SMTP_PORT', 465);
define('MAIL_SMTP_USERNAME', '[email protected]');
define('MAIL_SMTP_PASSWORD', 'Password');
define('MAIL_SMTP_ENCRYPTION', 'ssl'); // Valid values are "null", "ssl" or "tls"

// Sendmail command to use when the transport is "sendmail"
define('MAIL_SENDMAIL_COMMAND', '/usr/sbin/sendmail -bs');

// Enable LDAP authentication (false by default)
define('LDAP_AUTH', true);

// LDAP server protocol, hostname and port URL (ldap[s]://hostname:port)
define('LDAP_SERVER', 'ldap://10.19.10.15:389');

// LDAP server port (389 by default)
define('LDAP_PORT', 389);

// By default, require certificate to be verified for ldaps:// style URL. Set to false to skip the verification
define('LDAP_SSL_VERIFY', false);

// Enable LDAP START_TLS
define('LDAP_START_TLS', false);

// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive)
// Set to true if you want to preserve the case
define('LDAP_USERNAME_CASE_SENSITIVE', false);
// LDAP bind type: "anonymous", "user" or "proxy"
// 这里是重点，使用kanboard服务所在服务器进行统一验证LDAP，选proxy
define('LDAP_BIND_TYPE', 'proxy');

// LDAP username to use with proxy mode
// LDAP username pattern to use with user mode
define('LDAP_USERNAME', 'CN=admin,OU=Service Account,DC=inc,DC=com,DC=cn');

// LDAP password to use for proxy mode
define('LDAP_PASSWORD', 'password');

// LDAP DN for users
// Example for ActiveDirectory: CN=Users,DC=kanboard,DC=local
// Example for OpenLDAP: ou=People,dc=example,dc=com
define('LDAP_USER_BASE_DN', 'DC=inc,DC=com,DC=cn');

// LDAP pattern to use when searching for a user account
// Example for ActiveDirectory: '(&(objectClass=user)(sAMAccountName=%s))'
// Example for OpenLDAP: 'uid=%s'
define('LDAP_USER_FILTER', '(&(objectClass=user)(sAMAccountName=%s))');

// LDAP attribute for username
// Example for ActiveDirectory: 'sAMAccountName'
// Example for OpenLDAP: 'uid'
define('LDAP_USER_ATTRIBUTE_USERNAME', 'sAMAccountName');

// LDAP attribute for user full name
// Example for ActiveDirectory: 'displayname'
// Example for OpenLDAP: 'cn'
define('LDAP_USER_ATTRIBUTE_FULLNAME', 'cn');

// LDAP attribute for user email
define('LDAP_USER_ATTRIBUTE_EMAIL', 'mail');

// LDAP attribute to find groups in user profile
define('LDAP_USER_ATTRIBUTE_GROUPS', 'memberof');

// LDAP attribute for user avatar image: thumbnailPhoto or jpegPhoto
define('LDAP_USER_ATTRIBUTE_PHOTO', '');

// LDAP attribute for user language, example: 'preferredlanguage'
// Put an empty string to disable language sync
define('LDAP_USER_ATTRIBUTE_LANGUAGE', '');

// Automatically create a user profile when a user authenticates via LDAP.
// If set to false, only LDAP users can log in for whom a Kanboard profile already exists.
define('LDAP_USER_CREATION', true);

// Set new user as Manager
define('LDAP_USER_DEFAULT_ROLE_MANAGER', false);

// LDAP DN for administrators
// Example: CN=Kanboard-Admins,CN=Users,DC=kanboard,DC=local
define('LDAP_GROUP_ADMIN_DN', '');

// LDAP DN for managers
// Example: CN=Kanboard Managers,CN=Users,DC=kanboard,DC=local
define('LDAP_GROUP_MANAGER_DN', '');

// Enable LDAP group provider for project permissions
// The end-user will be able to browse LDAP groups from the user interface and allow access to specified projects
define('LDAP_GROUP_PROVIDER', false);

// LDAP Base DN for groups
define('LDAP_GROUP_BASE_DN', '');

// LDAP group filter
// Example for ActiveDirectory: (&(objectClass=group)(sAMAccountName=%s*))
define('LDAP_GROUP_FILTER', '');

// LDAP user group filter
// If this filter is configured, Kanboard will search user groups in LDAP_GROUP_BASE_DN with this filter
// Example for OpenLDAP: (&(objectClass=posixGroup)(memberUid=%s))
define('LDAP_GROUP_USER_FILTER', '');

// LDAP attribute for the user in the group filter
// 'username' or 'dn'
define('LDAP_GROUP_USER_ATTRIBUTE', 'username');

// LDAP attribute for the group name
define('LDAP_GROUP_ATTRIBUTE_NAME', 'cn');

// Enable/Disable groups synchronization when external authentication is used.
define('LDAP_GROUP_SYNC', true);

// HTTP client proxy
define('HTTP_PROXY_HOSTNAME', 'ip');
define('HTTP_PROXY_PORT', '7890');
define('HTTP_PROXY_USERNAME', 'username');
define('HTTP_PROXY_PASSWORD', 'password');
define('HTTP_PROXY_EXCLUDE', 'localhost,127.0.0.1,.xxx.com');

// Enable/Disable debug
define('DEBUG', true);

define('PLUGIN_INSTALLER', true);

define('KANBOARD_URL', 'https://aaa.xxx.com/kanboard/');