From 9ce48ab14907579fd44a6af7fd3f4c4466540faa Mon Sep 17 00:00:00 2001
From: Gitea Action <action@pi-farm.de>
Date: Fri, 3 Apr 2026 22:31:26 +0000
Subject: [PATCH]  [skip ci]

---
 README.md          | 57 ++++++++++++----------------------------------
 VERSION.history    |  1 +
 docker-compose.yml | 24 ++++---------------
 3 files changed, 21 insertions(+), 61 deletions(-)

diff --git a/README.md b/README.md
index 2fed0ba..8e741af 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 # baseimage-debian-rdp-ldap
-Debian Desktop with LDAP-Auth to use with Guacamole as RDP-destination
+Debian Desktop with LDAP-Auth, Gitea-Workflow compatible
 
 [![Build Status](https://git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap/actions/workflows/build-and-push.yaml/badge.svg)](https://git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap/actions)
 [![Gitea Repo](https://img.shields.io/badge/gitea-repository-blue?logo=gitea&logoColor=white)](__REPO_URL__)
@@ -11,8 +11,8 @@ This repository is built and pushed automatically.
 ### 🏗️ Platform Support
 | Architecture | Status | Base Image | Build Date |
 | :--- | :--- | :--- | :--- |
-| x86_64 (amd64) | ✅ Active | debian:bookworm | 02.04.2026 17:26 |
-| aarch64 (arm64) | ✅ Active | debian:bookworm | 02.04.2026 17:26 |
+| x86_64 (amd64) | ✅ Active | debian:bookworm | 04.04.2026 00:31 |
+| aarch64 (arm64) | ✅ Active | debian:bookworm | 04.04.2026 00:31 |
 
 ### 🚀 Docker Pull
 ```bash
@@ -28,27 +28,13 @@ services:
     ports:
       - 3889
     environment:
-      - SSSD_DEBUG_LEVEL=9
-      - LDAP_SCHEMA=rfc2307
-      - LDAP_AUTH_DISABLE_TLS=true
-      - LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER
-      - LDAP_BIND_USER=admin
-      - LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM
+      - SSSD_DEBUG_LEVEL=5
+      - LDAP_URI=ldap://10.0.2.123:389
+      - LDAP_BASE_DN=dc=pi-farm,dc=de
+      - LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de
       - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD
-      - LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM
-      - LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM
-      - LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM
-      - LDAP_USER_PASSWORD_ATTRIBUTE=userPassword
-      - LDAP_USER_OBJECT_CLASS=posixAccount
-      - LDAP_USER_NAME=uid
-      - LDAP_USER_DN_ATTRIBUTE=cn
-      - LDAP_GROUP_OBJECTS_CLASS=posixGroup
-      - LDAP_ID_USE_START_TLS=false
-      - LDAP_AUTH_USE_START_TLS=false
-      - LDAP_TLS_REQCERT=never
-      - LDAP_SIMPLE_ALLOW_GROUPS=users
+      - LDAP_SUDO_GROUP=sudo_users
     volumes:
-      - ./sssd.conf:/etc/sssd/sssd.conf:ro
       - ./home:/home
 ```
 ### 🚀 Docker Run
@@ -56,36 +42,23 @@ services:
 docker run -d \
   --name baseimage-debian-rdp-ldap \
   --restart unless-stopped \
-  -e SSSD_DEBUG_LEVEL=9 \
-  -e LDAP_SCHEMA=rfc2307 \
-  -e LDAP_AUTH_DISABLE_TLS=true \
-  -e LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER \
-  -e LDAP_BIND_USER=admin \
-  -e LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM \
+  -e SSSD_DEBUG_LEVEL=5 \
+  -e LDAP_URI=ldap://10.0.2.123:389 \
+  -e LDAP_BASE_DN=dc=pi-farm,dc=de \
+  -e LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de \
   -e LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD \
-  -e LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM \
-  -e LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM \
-  -e LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM \
-  -e LDAP_USER_PASSWORD_ATTRIBUTE=userPassword \
-  -e LDAP_USER_OBJECT_CLASS=posixAccount \
-  -e LDAP_USER_NAME=uid \
-  -e LDAP_USER_DN_ATTRIBUTE=cn \
-  -e LDAP_GROUP_OBJECTS_CLASS=posixGroup \
-  -e LDAP_ID_USE_START_TLS=false \
-  -e LDAP_AUTH_USE_START_TLS=false \
-  -e LDAP_TLS_REQCERT=never \
-  -e LDAP_SIMPLE_ALLOW_GROUPS=users \
-  -v ./sssd.conf:/etc/sssd/sssd.conf:ro \
+  -e LDAP_SUDO_GROUP=sudo_users \
   -v ./home:/home \
   -p 3889 \
   git.pi-farm.de/pi-farm/baseimage-debian-rdp-ldap:bookworm-de
 ```
 
-*Last updated on: 02.04.2026 17:26*
+*Last updated on: 04.04.2026 00:31*
 
 ### 📜 Version History
 | Version | Date | Status |
 | :--- | :--- | :--- |
+| **bookworm-de** | 04.04.2026 00:31 |  ✅ |
 | **bookworm-de** | 02.04.2026 17:26 |  ✅ |
 | **bookworm-de** | 02.04.2026 16:44 |  ✅ |
 | **bookworm-de** | 02.04.2026 15:37 |  ✅ |
diff --git a/VERSION.history b/VERSION.history
index a60b796..46295ea 100644
--- a/VERSION.history
+++ b/VERSION.history
@@ -1,3 +1,4 @@
+| **bookworm-de** | 04.04.2026 00:31 |  ✅ |
 | **bookworm-de** | 02.04.2026 17:26 |  ✅ |
 | **bookworm-de** | 02.04.2026 16:44 |  ✅ |
 | **bookworm-de** | 02.04.2026 15:37 |  ✅ |
diff --git a/docker-compose.yml b/docker-compose.yml
index 9b3a2f4..f0d5728 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,25 +6,11 @@ services:
     ports:
       - 3889
     environment:
-      - SSSD_DEBUG_LEVEL=9
-      - LDAP_SCHEMA=rfc2307bis
-      - LDAP_AUTH_DISABLE_TLS=true
-      - LDAP_SERVER_URI=URL-OF-YOUR-LDAP-SERVER
-      - LDAP_BIND_USER=admin
-      - LDAP_DOMAIN_DC=dc=YOUR-DOMAIN,dc=COM
+      - SSSD_DEBUG_LEVEL=5
+      - LDAP_URI=ldap://10.0.2.123:389
+      - LDAP_BASE_DN=dc=pi-farm,dc=de
+      - LDAP_BIND_DN=cn=admin,dc=pi-farm,dc=de
       - LDAP_BIND_PASSWORD=YOUR-SUPER-SECRET-PASSWORD
-      - LDAP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM
-      - LDAP_USER_SEARCH_BASE=ou=users,dc=YOUR-DOMAIN,dc=COM
-      - LDAP_GROUP_SEARCH_BASE=dc=YOUR-DOMAIN,dc=COM
-      - LDAP_USER_PASSWORD_ATTRIBUTE=userPassword
-      - LDAP_USER_OBJECT_CLASS=posixAccount
-      - LDAP_USER_NAME=uid
-      - LDAP_USER_DN_ATTRIBUTE=cn
-      - LDAP_GROUP_OBJECTS_CLASS=posixGroup
-      - LDAP_ID_USE_START_TLS=false
-      - LDAP_AUTH_USE_START_TLS=false
-      - LDAP_TLS_REQCERT=never
-      - LDAP_SIMPLE_ALLOW_GROUPS=users
+      - LDAP_SUDO_GROUP=sudo_users
     volumes:
-      - ./sssd.conf:/etc/sssd/sssd.conf:ro
       - ./home:/home