lldap: add catalog app

ix-dev/community/lldap/README.md

@@ -0,0 +1,32 @@
+# LLDAP
+
+LLDAP is a lightweight LDAP directory server with a built-in web interface for managing users, groups, and application credentials.
+
+## Endpoints
+
+- Web UI: `http://<host>:17170`
+- LDAP: `ldap://<host>:3890`
+- LDAPS (optional): `ldaps://<host>:6360`
+
+## Default Access
+
+- Admin username: `admin`
+- Admin password: generated during install (displayed in install dialog)
+
+## Required Configuration
+
+- LDAP domain (e.g. `example.com`)
+- Data directory (`/data` is persisted to the host)
+
+## Optional Configuration
+
+- Custom ports / bind addresses
+- External PostgreSQL / MySQL database URL
+- SMTP settings for email-based password reset
+- LDAPS certificate/key paths
+
+## Reference
+
+- Project: https://github.com/lldap/lldap
+- Documentation: https://github.com/lldap/lldap/tree/main/docs
+- Docker image: https://hub.docker.com/r/lldap/lldap

ix-dev/community/lldap/app.yaml

@@ -0,0 +1,34 @@
+app_version: 0.6.2
+capabilities: []
+categories:
+  - identity
+  - authentication
+changelog_url: https://github.com/lldap/lldap/releases
+date_added: '2025-12-25'
+description: Lightweight LDAP server with a built-in web interface for identity management.
+home: https://lldap.io
+host_mounts: []
+icon: https://media.sys.truenas.net/apps/lldap/icons/icon.png
+keywords:
+  - ldap
+  - identity
+  - authentication
+lib_version: 2.1.74
+maintainers:
+  - email: dev@truenas.com
+    name: TrueNAS
+    url: https://www.truenas.com/
+name: lldap
+run_as_context:
+  user_context:
+    - description: LLDAP runs as an unprivileged user inside the container.
+      gid: 568
+      group_name: lldap
+      uid: 568
+      user_name: lldap
+sources:
+  - https://github.com/lldap/lldap
+  - https://hub.docker.com/r/lldap/lldap
+title: LLDAP
+train: community
+version: 1.0.0

ix-dev/community/lldap/item.yaml

@@ -0,0 +1,10 @@
+categories:
+  - identity
+  - authentication
+icon_url: https://media.sys.truenas.net/apps/lldap/icons/icon.png
+screenshots: []
+short_description: Lightweight LDAP server with a built-in web UI for credentials management.
+tags:
+  - ldap
+  - identity
+  - authentication

ix-dev/community/lldap/ix_values.yaml

@@ -0,0 +1,107 @@
+images:
+  image:
+    repository: lldap/lldap
+    tag: stable
+consts:
+  main_container_name: lldap
+  data_mount_path: /data
+  ldap_port: 3890
+  ldaps_port: 6360
+  http_port: 17170
+  default_domain: example.com
+  jwt_secret_length: 32
+  admin_password_length: 16
+values:
+  TZ: Etc/UTC
+  settings:
+    domain: example.com
+    admin_user: admin
+    admin_email: admin@example.com
+    admin_password_reset: never
+  run_as:
+    user: 0
+    group: 0
+    supplementary_groups: []
+  networking:
+    http_port:
+      bind_mode: published
+      port_number: 17170
+      host_ips:
+      - 0.0.0.0
+      - '::'
+    ldap_port:
+      bind_mode: published
+      port_number: 3890
+      host_ips:
+      - 0.0.0.0
+      - '::'
+    ldaps_port:
+      bind_mode: ''
+      port_number: 6360
+      host_ips:
+      - 0.0.0.0
+      - '::'
+  resources:
+    limits:
+      cpus: 2.0
+      memory: 2048
+    requests:
+      cpus: 0.2
+      memory: 256
+  storage:
+    data:
+      type: ix_volume
+      ix_volume_config:
+        dataset_name: lldap-data
+        acl_enable: false
+        create_host_path: true
+        auto_permissions: true
+    additional_storage: []
+  additional_storage_defaults: []
+  database:
+    type: sqlite
+    external_url: ''
+  smtp:
+    enabled: false
+    server: smtp.example.com
+    port: 587
+    encryption: STARTTLS
+    username: user@example.com
+    password: ''
+    from: LLDAP Admin <no-reply@example.com>
+    reply_to: LLDAP Admin <no-reply@example.com>
+  tls:
+    ldaps_enabled: false
+    certificate_path: /certs/ldaps.crt
+    key_path: /certs/ldaps.key
+  advanced:
+    environment: []
+secrets:
+  admin_password:
+    random: false
+    value: ChangeMe!
+  jwt_secret:
+    random: true
+    length: 32
+  key_seed:
+    random: true
+    length: 32
+notes:
+- title: Credentials
+  level: INFO
+  message: 'The default admin account is `admin` with password `ChangeMe!`. Please
+    sign in and change it immediately from the web interface or via `lldap admin setPassword`.
+
+    '
+- title: LDAP Recommendations
+  level: WARNING
+  message: 'Do not expose LDAP/LDAPS ports directly to the internet. Place them behind
+    a VPN or reverse proxy when federating external services.
+
+    '
+storage_defaults:
+  data:
+    type: ix_volume
+    ix_volume_config:
+      dataset_name: lldap-data
+      acl_enable: false