diff --git a/lldap/.env.example b/lldap/.env.example
new file mode 100644
index 0000000..4f0d62a
--- /dev/null
+++ b/lldap/.env.example
@@ -0,0 +1,6 @@
+UID=####
+GID=####
+TZ=####/####
+LLDAP_JWT_SECRET=REPLACE_WITH_RANDOM
+LLDAP_KEY_SEED=REPLACE_WITH_RANDOM
+LLDAP_LDAP_BASE_DN=dc=example,dc=com
\ No newline at end of file
diff --git a/lldap/compose.yml b/lldap/compose.yml
new file mode 100644
index 0000000..e3c67fd
--- /dev/null
+++ b/lldap/compose.yml
@@ -0,0 +1,32 @@
+services:
+  lldap:
+    container_name: lldap
+    image: lldap/lldap:stable
+    ports:
+      # For LDAP
+      #- "3890:3890"
+      # For LDAPS (LDAP Over SSL), enable port if LLDAP_LDAPS_OPTIONS__ENABLED set true, look env below
+      #- "6360:6360"
+      # For the web front-end
+      #- "17170:17170"
+    volumes:
+      - ./appdata:/data
+    env_file: .env
+    restart: unless-stopped
+    networks:
+      - dmz
+      - ldap
+    labels:
+      # Caddy
+      caddy: "*.{$$INT_DOMAIN}"
+      caddy.1_@lldap: "host lldap.{$$INT_DOMAIN}"
+      caddy.1_handle: "@lldap"
+      caddy.1_handle.reverse_proxy: "{{upstreams 17170}}"
+      # Diun
+      diun.enable: true
+
+networks:
+  dmz:
+    external: true
+  ldap:
+    external: true