If you do not want to expose your LDAP to the public you could use ssh instead:
Steps to reproduce:
On Maschine where you need the LDAP Server (not yunohost)
ssh -T -L 2389:localhost:389 yunohost-server
you should use admin account for ssh otherwise you have to allow TCPforwarding for the ssh account
I wanted to install zammad on a different server then yunohost but still be able to use ldap of yunohost…
so I am using autossh to allways have the local port 2389 forwarded to 389 on yunohost.
I am using this settings in LDAP config of zammad:
LDAP Host: lpad://localhost:2389
Base DN: dc=yunohost,dc=org
Bind User: cn=admin,dc=yunohost,dc=org
Bind Password: Password of admin account