{{ if eq (.Env.AUTH_TYPE | default "internal") "ldap" }} ldap_servers: {{ .Env.LDAP_URL }} ldap_search_base: {{ .Env.LDAP_BASE }} {{ if .Env.LDAP_BINDDN }} ldap_bind_dn: {{ .Env.LDAP_BINDDN }} ldap_bind_pw: {{ .Env.LDAP_BINDPW }} {{ end }} ldap_filter: {{ .Env.LDAP_FILTER | default "uid=%u" }} ldap_version: {{ .Env.LDAP_VERSION | default "3" }} ldap_auth_method: {{ .Env.LDAP_AUTH_METHOD | default "bind" }} {{ if .Env.LDAP_USE_TLS | default "0" | toBool }} ldap_tls_key: /config/certs/{{ .Env.XMPP_DOMAIN }}.key ldap_tls_cert: /config/certs/{{ .Env.XMPP_DOMAIN }}.crt {{ if .Env.LDAP_TLS_CHECK_PEER | default "0" | toBool }} ldap_tls_check_peer: yes ldap_tls_cacert_file: {{ .Env.LDAP_TLS_CACERT_FILE | default "/etc/ssl/certs/ca-certificates.crt" }} ldap_tls_cacert_dir: {{ .Env.LDAP_TLS_CACERT_DIR | default "/etc/ssl/certs" }} {{ end }} {{ if .Env.LDAP_TLS_CIPHERS }} ldap_tls_ciphers: {{ .Env.LDAP_TLS_CIPHERS }} {{ end }} {{ end }} {{ end }} {{ if .Env.LDAP_START_TLS | default "0" | toBool }} ldap_start_tls: yes {{ end }}