version: '3'
services:

  opensearch-ldap-node1:
    image: opensearchproject/opensearch:1.0.1
    container_name: opensearch-ldap-node1
    environment:
      - cluster.name=opensearch-ldap-cluster
      - node.name=opensearch-ldap-node1
      - discovery.seed_hosts=opensearch-ldap-node1
      - cluster.initial_master_nodes=opensearch-ldap-node1
      - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536 # maximum number of open files for the OpenSearch user, set to at least 65536 on modern systems
        hard: 65536
    volumes:
      - opensearch-ldap-data1:/usr/share/opensearch/data
      - ./config.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/config.yml
      - ./internal_users.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/internal_users.yml
      - ./roles_mapping.yml:/usr/share/opensearch/plugins/opensearch-security/securityconfig/roles_mapping.yml
    ports:
      - 9200:9200
      - 9600:9600 # required for Performance Analyzer
    networks:
      - opensearch-net

  openldap:
    image: osixia/openldap
    container_name: openldap
    command: --copy-service # seemingly required to load directory.ldif
    ports:
      - 389:389
      - 636:636
    environment:
      - LDAP_ADMIN_PASSWORD=changethis
      - LDAP_READONLY_USER=true
      - LDAP_READONLY_USER_PASSWORD=changethistoo
    volumes:
      - ./directory.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/directory.ldif
    networks:
      - opensearch-net

  openldap-admin:
    image: osixia/phpldapadmin
    container_name: openldap-admin
    ports:
      - 6443:443
    environment:
      - PHPLDAPADMIN_LDAP_HOSTS=openldap
    networks:
      - opensearch-net

volumes:
  opensearch-ldap-data1:

networks:
  opensearch-net: