diff --git a/lldap/.footprint b/lldap/.footprint
new file mode 100644
index 000000000..935f1df1a
--- /dev/null
+++ b/lldap/.footprint
@@ -0,0 +1,36 @@
+drwxr-xr-x	root/root	etc/
+-rw-r-----	root/root	etc/lldap.toml
+drwxr-xr-x	root/root	etc/rc.d/
+-rwxr-xr-x	root/root	etc/rc.d/lldap
+drwxr-xr-x	root/root	usr/
+drwxr-xr-x	root/root	usr/bin/
+-rwxr-xr-x	root/root	usr/bin/lldap
+-rwxr-xr-x	root/root	usr/bin/lldap_migration_tool
+-rwxr-xr-x	root/root	usr/bin/lldap_set_password
+drwxr-xr-x	root/root	var/
+drwxr-xr-x	root/root	var/lib/
+drwxr-x---	lldap/lldap	var/lib/lldap/
+drwxr-xr-x	lldap/lldap	var/lib/lldap/app/
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/index.html
+drwxr-xr-x	lldap/lldap	var/lib/lldap/app/pkg/
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/pkg/lldap_app.d.ts
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/pkg/lldap_app.js
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/pkg/lldap_app_bg.wasm
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/pkg/lldap_app_bg.wasm.d.ts
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/pkg/lldap_app_bg.wasm.gz
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/pkg/package.json
+drwxr-xr-x	lldap/lldap	var/lib/lldap/app/static/
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/bootstrap-icons.css
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/bootstrap-nightshade.min.css
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/bootstrap.bundle.min.js
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/darkmode.min.js
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/font-awesome.min.css
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/fonts.css
+drwxr-xr-x	lldap/lldap	var/lib/lldap/app/static/fonts/
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/fonts/JTUSjIg69CK48gW7PXoo9Wdhyzbi.woff2
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/fonts/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/fonts/bootstrap-icons.woff2
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/main.js
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/spinner.gif
+-rw-r--r--	lldap/lldap	var/lib/lldap/app/static/style.css
+drwxr-x---	lldap/lldap	var/lib/lldap/data/
diff --git a/lldap/.signature b/lldap/.signature
new file mode 100644
index 000000000..0553fc2f6
--- /dev/null
+++ b/lldap/.signature
@@ -0,0 +1,7 @@
+untrusted comment: verify with /etc/ports/contrib.pub
+RWSagIOpLGJF34fub/5i2sivN9DhNJMmOkQ+mqINjGnkc7c9pmFU/SjmDsujrnxjrKUzZiMYkamzm+/hG5KbIZC8odwgJm3PQAU=
+SHA256 (Pkgfile) = 4ad01fe1786df94a55954f5cf8874c5899514496598c3e8664f3a0a19ff5f04c
+SHA256 (.footprint) = 288003d820c8422b3f451ac448cbbbca366f3b7d100a9491da9a9dc603eb46b4
+SHA256 (lldap-0.5.0.tar.gz) = e8f199127ac9c146f48464e6c74c9a03dab6041752263d6388fccec640b81522
+SHA256 (lldap.service) = 28de64593ef1faec040d4d733caf503f68e0e3c45494de2892de9232ba08d0a3
+SHA256 (config-template.patch) = b5bca8b36c2e7926f9b958c644623adbf793c0175a7b33b60214348a2b20c719
diff --git a/lldap/Pkgfile b/lldap/Pkgfile
new file mode 100644
index 000000000..5a4762254
--- /dev/null
+++ b/lldap/Pkgfile
@@ -0,0 +1,50 @@
+# Description: Light LDAP implementation
+# URL: https://github.com/lldap/lldap
+# Maintainer: Tim Biermann, tbier at posteo dot de
+# Depends on: wasm-bindgen wasm-pack
+
+name=lldap
+version=0.5.0
+release=1
+source=(https://github.com/lldap/lldap/archive/v$version/$name-$version.tar.gz
+  lldap.service
+  config-template.patch)
+
+build() {
+  prt-get isinst sccache && export RUSTC_WRAPPER=/usr/bin/sccache
+  [[ ! -e $PKGMK_SOURCE_DIR/rust ]] && mkdir $PKGMK_SOURCE_DIR/rust
+
+  cd $name-$version
+  patch -p1 -i $SRC/config-template.patch
+  xargs curl --remote-name-all --output-dir app/static/fonts < app/static/fonts/fonts.txt
+  xargs curl --remote-name-all --output-dir app/static < app/static/libraries.txt
+  cargo fetch --locked --target "x86_64-unknown-linux-gnu"
+
+  cargo build \
+    --frozen \
+    --release \
+    --all-features \
+    -p lldap \
+    -p lldap_migration_tool \
+    -p lldap_set_password
+  ./app/build.sh
+  find target/release \
+    -maxdepth 1 \
+    -executable \
+    -type f \
+    -exec install -vDm755 -t "$PKG/usr/bin/" {} +
+
+  # configuration
+  install -Dm640 lldap_config.docker_template.toml "$PKG/etc/$name.toml"
+
+  # frontend assets
+  install -m 0750 -d $PKG/var/lib/$name
+  install -m 0750 -d $PKG/var/lib/$name/data
+  install -Dm644 app/index_local.html $PKG/var/lib/$name/app/index.html
+  install -Dm644 -t $PKG/var/lib/$name/app/static app/static/*.{css,js,gif}
+  install -Dm644 -t $PKG/var/lib/$name/app/static/fonts app/static/fonts/*.woff2
+  install -Dm644 -t $PKG/var/lib/$name/app/pkg app/pkg/*
+
+  chown -R lldap:lldap $PKG/var/lib/$name
+  install -o root -g root -m 0755 -D $SRC/$name.service $PKG/etc/rc.d/$name
+}
diff --git a/lldap/config-template.patch b/lldap/config-template.patch
new file mode 100644
index 000000000..176055474
--- /dev/null
+++ b/lldap/config-template.patch
@@ -0,0 +1,20 @@
+--- a/lldap_config.docker_template.toml
++++ b/lldap_config.docker_template.toml
+@@ -85,7 +85,7 @@
+ ##  - "mysql://mysql-user:password@mysql-server/my-database"
+ ##
+ ## This can be overridden with the LLDAP_DATABASE_URL env variable.
+-database_url = "sqlite:///data/users.db?mode=rwc"
++database_url = "sqlite:///var/lib/lldap/data/users.db?mode=rwc"
+ 
+ ## Private key file.
+ ## Contains the secret private key used to store the passwords safely.
+@@ -96,7 +96,7 @@ database_url = "sqlite:///data/users.db?mode=rwc"
+ ## Alternatively, you can use key_seed to override this instead of relying on
+ ## a file.
+ ## Env variable: LLDAP_KEY_FILE
+-key_file = "/data/private_key"
++key_file = "/var/lib/lldap/data/private_key"
+ 
+ ## Seed to generate the server private key, see key_file above.
+ ## This can be any random string, the recommendation is that it's at least 12
diff --git a/lldap/lldap.service b/lldap/lldap.service
new file mode 100644
index 000000000..83e432fdf
--- /dev/null
+++ b/lldap/lldap.service
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# /etc/rc.d/lldap: start/stop lldap daemon
+#
+
+SSD=/sbin/start-stop-daemon
+PROG=/usr/bin/lldap
+OPTS="run --config-file /etc/lldap.toml"
+HOME="/var/lib/lldap"
+USER="lldap"
+PID="/run/lldap.pid"
+
+case $1 in
+  start)
+    $SSD --start -b --user $USER --chuid $USER --chdir $HOME --make-pidfile --pidfile $PID --exec $PROG -- $OPTS ;;
+  stop)
+    $SSD --stop --retry 10 --exec $PROG --pidfile $PID ;;
+  restart)
+    $0 stop
+    $0 start
+    ;;
+  status)
+    $SSD --status --name lldap --pidfile $PID
+    case $? in
+      0) echo "$PROG is running with pid $(pidof $PROG)" ;;
+      1) echo "$PROG is not running but the pid file $PID exists" ;;
+      3) echo "$PROG is not running" ;;
+      4) echo "Unable to determine the program status" ;;
+      esac
+    ;;
+  *)
+    echo "usage: $0 [start|stop|restart|status]" ;;
+esac
+
+# End of file
diff --git a/lldap/pre-install b/lldap/pre-install
new file mode 100755
index 000000000..0353de468
--- /dev/null
+++ b/lldap/pre-install
@@ -0,0 +1,9 @@
+#!/bin/sh -e
+
+_USER=lldap
+_HOME=/var/lib/lldap
+_GROUP=lldap
+
+/usr/bin/getent group $_GROUP > /dev/null 2>&1 || /usr/sbin/groupadd $_GROUP
+/usr/bin/getent passwd $_USER > /dev/null 2>&1 || /usr/sbin/useradd -c 'lldap system user' -g $_GROUP -d $_HOME -s /bin/false $_USER
+passwd -l $_USER > /dev/null