feat: add ldap config

feat: add LDAP login and user creation

feat: add diagnostic commands

Co-authored-by: Jason Volk <jason@zemos.net>
Signed-off-by: Jason Volk <jason@zemos.net>

tuwunel-example.toml

@@ -1626,3 +1626,66 @@
 # is 33.55MB. Setting it to 0 disables blurhashing.
 #
 #blurhash_max_raw_size = 33554432
+
+[global.ldap]
+
+# Whether to enable LDAP login.
+#
+# example: "true"
+#
+#enable = false
+
+# URI of the LDAP server.
+#
+# example: "ldap://ldap.example.com:389"
+#
+#uri =
+
+# Whether to use StartTLS to bind to the LDAP server.
+#
+# example: true
+#
+#start_tls = false
+
+# Root of the searches.
+#
+# example: "ou=users,dc=example,dc=org"
+#
+#base_dn = false
+
+# Bind DN if anonymous search is not enabled.
+#
+# example: "cn=ldap-reader,dc=example,dc=org"
+#
+#bind_dn = false
+
+# Path to a file on the system that contains the password for the
+# `bind_dn`.
+#
+# The server must be able to access the file, and it must not be empty.
+#
+#bind_password_file = false
+
+# Search filter to limit user searches.
+#
+# example: "(&(objectClass=person)(memberOf=matrix))"
+#
+#filter = "(objectClass=*)"
+
+# Attribute to use to uniquely identify the user.
+#
+# example: "uid" or "cn"
+#
+#uid_attribute = "uid"
+
+# Attribute containing the mail of the user.
+#
+# example: "mail"
+#
+#mail_attribute =
+
+# Attribute containing the distinguished name of the user.
+#
+# example: "givenName" or "sn"
+#
+#name_attribute =