Install the module with:
add-module ghcr.io/ksat-design/lemonldapng:latest 1Sample output:
{
"module_id": "lemonldapng1",
"image_name": "lemonldapng",
"image_url": "ghcr.io/ksat-design/lemonldapng:latest"
}Official docs: lemonldap-ng.org/documentation/latest
Application Integration: lemonldap-ng.org/documentation/latest/applications.html
Create DNS records pointing to your server IP, replacing domain.com with your configured host:
-
auth.domain.com -
manager.domain.com -
test1.domain.com -
test2.domain.com -
lemonldapng.domain.com -
auth: app portal for users -
manager: admin portal (requires Domain Admins)
LDAP settings are auto-discovered at module start.
administratorandDomain Adminscan access the manager- All other LDAP users can access the auth portal
The llng directory stores custom themes and assets.
runagent -m lemonldapng1
cd llngAvailable subfolders:
./llng/
βββ apps
βββ auth
βββ captcha
βββ menutab
βββ plugins
βββ register
βββ template
βββ theme
βββ backgrounds
βββ userdb
| Volume | Mount Path |
|---|---|
etc |
/etc/lemonldap-ng |
var-conf |
/var/lib/lemonldap-ng/conf |
var-psessions |
/var/lib/lemonldap-ng/sessions |
var-sessions |
/var/lib/lemonldap-ng/psessions |
nginx |
/etc/nginx/sites-enabled |
To access:
runagent -m lemonldapng1
podman exec -ti lemonldapng-app bash
cd /etc/lemonldap-ngRun:
api-cli run configure-module --agent module/lemonldapng1 --data - <<EOF
{
"host": "lemonldapng.domain.com",
"http2https": true,
"lets_encrypt": false,
"ldap_domain": "domain.com"
}
EOFThis starts and configures the module and sets up a Traefik virtual host.
β οΈ Issue Notice
After reboot or restore,configure-modulemay fail due to outdated schema examples.
We will include this fix in the next update.
Create sync-lemonldapng-schema-example.sh:
Click to expand script
#!/bin/bash
echo "π Scanning for available LemonLDAP-NG modules in /home..."
MODULES=($(ls -d /home/lemonldapng* 2>/dev/null | xargs -n1 basename))
if [ ${#MODULES[@]} -eq 0 ]; then
echo "β No lemonldapng modules found under /home."
exit 1
fi
echo "π¦ Available modules:"
select MODULE in "${MODULES[@]}"; do
if [[ -n "$MODULE" ]]; then
echo "β
Selected module: $MODULE"
break
else
echo "β Invalid selection. Please try again."
fi
done
CONFIG_DIR="/home/$MODULE/.config/actions/configure-module"
GET_CONF_SCRIPT="/home/$MODULE/.config/actions/get-configuration/20read"
SCHEMA="$CONFIG_DIR/validate-input.json"
BACKUP="$SCHEMA.bak"
TMP_JSON=$(mktemp)
CLEAN_JSON=$(mktemp)
echo "π Getting current config from module..."
runagent -m "$MODULE" bash -c "/usr/local/agent/pyenv/bin/python3 $GET_CONF_SCRIPT" > "$TMP_JSON"
jq '{host, http2https, lets_encrypt, ldap_domain, cda_status, saml_status}' "$TMP_JSON" > "$CLEAN_JSON"
echo "π¦ Backing up schema..."
runagent -m "$MODULE" bash -c "cp $SCHEMA $BACKUP"
JSON_INLINE=$(cat "$CLEAN_JSON")
echo "π§ Updating validate-input.json..."
runagent -m "$MODULE" bash <<EOF
tmpfile="$CONFIG_DIR/tmp-validate-input.json"
jq --argjson example '$JSON_INLINE' '.examples = [\$example]' "$SCHEMA" > "\$tmpfile"
mv "\$tmpfile" "$SCHEMA"
EOF
runagent -m "$MODULE" bash -c "jq . $SCHEMA" >/dev/null && echo "β
Schema updated successfully." || echo "β Schema update failed."
rm -f "$TMP_JSON" "$CLEAN_JSON"Run it:
chmod +x sync-lemonldapng-schema-example.sh
./sync-lemonldapng-schema-example.shapi-cli run get-configuration --agent module/lemonldapng1remove-module --no-preserve lemonldapng1The module uses:
bin/discover-smarthostto populatesmarthost.envevents/smarthost-changed/10reload_servicesto reload the service on updates
- View env vars:
runagent -m lemonldapng1 env- Run agent shell:
runagent -m lemonldapng1- View running containers:
podman ps- Shell into container:
podman exec -ti lemonldapng-app sh- Container environment:
podman exec lemonldapng-app env./test-module.sh <NODE_ADDR> ghcr.io/ksat-design/lemonldapng:latest