@arizeai/phoenix-mcp

services: ldap: profiles: ["ldap"] image: osixia/openldap:1.5.0 container_name: ${PROJECT_NAME:-devops}-ldap hostname: ldap.example.com ports: - "389:389" - "636:636" environment: - LDAP_ORGANISATION=Example Corp - LDAP_DOMAIN=example.com - LDAP_ADMIN_PASSWORD=admin_password - LDAP_CONFIG_PASSWORD=config_password - LDAP_READONLY_USER=true - LDAP_READONLY_USER_USERNAME=readonly - LDAP_READONLY_USER_PASSWORD=readonly_password - LDAP_TLS=false - LDAP_LOG_LEVEL=256 volumes: - ldap-data:/var/lib/ldap - ldap-config:/etc/ldap/slapd.d command: --copy-service --loglevel debug ldap-admin: profiles: ["ldap"] image: osixia/phpldapadmin:0.9.0 container_name: ${PROJECT_NAME:-devops}-ldap-admin ports: - "6443:443" environment: - PHPLDAPADMIN_LDAP_HOSTS=ldap - PHPLDAPADMIN_HTTPS=false depends_on: - ldap labels: - "ldap.admin.url=http://localhost:6443" ldap-seed: profiles: ["ldap"] image: osixia/openldap:1.5.0 container_name: ${PROJECT_NAME:-devops}-ldap-seed depends_on: - ldap volumes: - ./ldap-seed.ldif:/seed.ldif:ro entrypoint: /bin/bash command: > -c " echo 'Waiting for LDAP server to be ready...'; for i in $$(seq 1 30); do if ldapsearch -x -H ldap://ldap:389 -b 'dc=example,dc=com' '(objectClass=*)' dn 2>/dev/null | grep -q 'dc=example,dc=com'; then echo 'LDAP server is ready'; break; fi; echo 'Attempt '$$i'/30: LDAP not ready, waiting...'; sleep 2; done; echo 'Loading seed data...'; ldapadd -x -H ldap://ldap:389 -D 'cn=admin,dc=example,dc=com' -w admin_password -f /seed.ldif || true; echo 'LDAP seed data loaded'; echo 'SEED_COMPLETE' > /tmp/seed_status; tail -f /dev/null " phoenix: environment: # Enable LDAP authentication - PHOENIX_ENABLE_AUTH=true - PHOENIX_ADMINS= - PHOENIX_DISABLE_BASIC_AUTH=false # OAuth2 Dev IDP Configuration - PHOENIX_OAUTH2_DEV_ALLOW_SIGN_UP=true - PHOENIX_OAUTH2_DEV_AUTO_LOGIN=false # Role syncing via OIDC: request 'roles' scope, extract 'role' claim, map to Phoenix roles - PHOENIX_OAUTH2_DEV_SCOPES=roles - PHOENIX_OAUTH2_DEV_ROLE_ATTRIBUTE_PATH=role - PHOENIX_OAUTH2_DEV_ROLE_MAPPING=admin:ADMIN,editor:MEMBER,viewer:VIEWER # LDAP Configuration - PHOENIX_LDAP_HOST=ldap - PHOENIX_LDAP_TLS_MODE=none - PHOENIX_LDAP_BIND_DN=cn=readonly,dc=example,dc=com - PHOENIX_LDAP_BIND_PASSWORD=readonly_password - PHOENIX_LDAP_USER_SEARCH_BASE_DNS=["ou=users,dc=example,dc=com"] - PHOENIX_LDAP_USER_SEARCH_FILTER=(uid=%s) - PHOENIX_LDAP_ATTR_EMAIL=mail - PHOENIX_LDAP_ATTR_DISPLAY_NAME=displayName - PHOENIX_LDAP_ATTR_MEMBER_OF=memberOf # Optional: Immutable unique ID (only needed if you expect email changes) # - PHOENIX_LDAP_ATTR_UNIQUE_ID=entryUUID - PHOENIX_LDAP_GROUP_ROLE_MAPPINGS=[{"group_dn":"cn=admins,ou=groups,dc=example,dc=com","role":"ADMIN"},{"group_dn":"cn=members,ou=groups,dc=example,dc=com","role":"MEMBER"},{"group_dn":"*","role":"VIEWER"}] - PHOENIX_LDAP_ALLOW_SIGN_UP=true depends_on: - ldap labels: - "phoenix.auth.mode=ldap" - "phoenix.auth.ldap=enabled" volumes: ldap-data: ldap-config: