values
This commit is contained in:
BIN
cmd/oc-k8s
BIN
cmd/oc-k8s
Binary file not shown.
@@ -1,9 +1,9 @@
|
||||
env: test # For storage class provisioning
|
||||
clusterName: opencloud2
|
||||
clusterName: opencloud
|
||||
hostNetwork: true
|
||||
host: beta.opencloud.com
|
||||
hostPort: 80
|
||||
registryHost: oc
|
||||
hostPort: 9000
|
||||
scheme: http
|
||||
|
||||
mongo-express:
|
||||
@@ -42,7 +42,7 @@ mongodb:
|
||||
storageClassName: "standard"
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
size: 5000Mi
|
||||
size: 5Gi
|
||||
persistentVolumeClaimRetentionPolicy:
|
||||
enabled: true
|
||||
whenDeleted: Retain
|
||||
@@ -96,9 +96,9 @@ openldap:
|
||||
LDAP_BACKEND: "mdb"
|
||||
LDAP_TLS: "false"
|
||||
LDAP_TLS_ENFORCE: "false"
|
||||
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
|
||||
adminPassword: admin
|
||||
configPassword: "config"
|
||||
LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
|
||||
adminPassword: "{SSHA}HMWJO7XCw80he2lqMf0PHzvvF14p6aLE"
|
||||
configPassword: "{SSHA}gr70yyCvtQo2zKe5OkvMkbkLRHUsVqOI"
|
||||
phpldapadmin:
|
||||
enabled: false
|
||||
persistence:
|
||||
@@ -113,33 +113,33 @@ openldap:
|
||||
externalLDAP:
|
||||
enabled: false
|
||||
url: ${OC_LDAP_EXTERNAL_ENDPOINT}
|
||||
bindDN: cn=admin,dc=example,dc=com
|
||||
bindPassword: admin
|
||||
bindDN: cn=admin,dc=opencloud,dc=com
|
||||
bindPassword: "{SSHA}HMWJO7XCw80he2lqMf0PHzvvF14p6aLE"
|
||||
customLdifFiles:
|
||||
01-schema.ldif: |-
|
||||
dn: ou=groups,dc=example,dc=com
|
||||
dn: ou=groups,dc=opencloud,dc=com
|
||||
objectClass: organizationalUnit
|
||||
ou: groups
|
||||
|
||||
dn: ou=users,dc=example,dc=com
|
||||
dn: ou=users,dc=opencloud,dc=com
|
||||
objectClass: organizationalUnit
|
||||
ou: users
|
||||
|
||||
dn: cn=lastGID,dc=example,dc=com
|
||||
dn: cn=lastGID,dc=opencloud,dc=com
|
||||
objectClass: device
|
||||
objectClass: top
|
||||
description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
|
||||
cn: lastGID
|
||||
serialNumber: 2001
|
||||
|
||||
dn: cn=lastUID,dc=example,dc=com
|
||||
dn: cn=lastUID,dc=opencloud,dc=com
|
||||
objectClass: device
|
||||
objectClass: top
|
||||
serialNumber: 2001
|
||||
description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
|
||||
cn: lastUID
|
||||
|
||||
dn: cn=everybody,ou=groups,dc=example,dc=com
|
||||
dn: cn=everybody,ou=groups,dc=opencloud,dc=com
|
||||
objectClass: top
|
||||
objectClass: posixGroup
|
||||
cn: everybody
|
||||
@@ -147,14 +147,14 @@ openldap:
|
||||
gidNumber: 2003
|
||||
|
||||
02-ldapadmin.ldif : |-
|
||||
dn: cn=ldapadmin,ou=groups,dc=example,dc=com
|
||||
dn: cn=ldapadmin,ou=groups,dc=opencloud,dc=com
|
||||
objectClass: top
|
||||
objectClass: posixGroup
|
||||
cn: ldapadmin
|
||||
memberUid: ldapadmin
|
||||
gidNumber: 2001
|
||||
|
||||
dn: uid=ldapadmin,ou=users,dc=example,dc=com
|
||||
dn: uid=ldapadmin,ou=users,dc=opencloud,dc=com
|
||||
givenName: ldap
|
||||
sn: admin
|
||||
uid: ldapadmin
|
||||
@@ -170,21 +170,21 @@ openldap:
|
||||
homeDirectory: /home/ldapadmin
|
||||
|
||||
03-opencloudadmin.ldif : |-
|
||||
dn: uid=admin,ou=users,dc=example,dc=com
|
||||
dn: uid=admin,ou=users,dc=opencloud,dc=com
|
||||
objectClass: inetOrgPerson
|
||||
cn: Admin
|
||||
sn: Istrator
|
||||
uid: admin
|
||||
userPassword: admin
|
||||
userPassword: "{SSHA}HMWJO7XCw80he2lqMf0PHzvvF14p6aLE"
|
||||
mail: admin@example.com
|
||||
ou: users
|
||||
|
||||
dn: ou=AppRoles,dc=example,dc=com
|
||||
dn: ou=AppRoles,dc=opencloud,dc=com
|
||||
objectClass: organizationalunit
|
||||
ou: AppRoles
|
||||
description: AppRoles
|
||||
|
||||
dn: ou=App1,ou=AppRoles,dc=example,dc=com
|
||||
dn: ou=App1,ou=AppRoles,dc=opencloud,dc=com
|
||||
objectClass: organizationalunit
|
||||
ou: App1
|
||||
description: App1
|
||||
@@ -210,12 +210,12 @@ prometheus:
|
||||
ldapUserManager:
|
||||
enabled: true
|
||||
env:
|
||||
SERVER_HOSTNAME: ldap.exemple.com
|
||||
LDAP_BASE_DN: dc=example,dc=com
|
||||
SERVER_HOSTNAME: ldap.opencloud.com
|
||||
LDAP_BASE_DN: dc=opencloud,dc=com
|
||||
LDAP_REQUIRE_STARTTLS: "false"
|
||||
LDAP_ADMINS_GROUP: ldapadmin
|
||||
LDAP_ADMIN_BIND_DN: cn=admin,dc=example,dc=com
|
||||
LDAP_ADMIN_BIND_PWD: admin
|
||||
LDAP_ADMIN_BIND_DN: cn=admin,dc=opencloud,dc=com
|
||||
LDAP_ADMIN_BIND_PWD: "{SSHA}HMWJO7XCw80he2lqMf0PHzvvF14p6aLE"
|
||||
LDAP_IGNORE_CERT_ERRORS: "true"
|
||||
EMAIL_DOMAIN: ""
|
||||
NO_HTTPS: "true"
|
||||
@@ -426,10 +426,10 @@ ocAuth:
|
||||
hydra:
|
||||
openCloudOauth2ClientSecretName: oc-oauth2-client-secret
|
||||
ldap:
|
||||
bindDn: cn=admin,dc=example,dc=com
|
||||
bindDn: cn=admin,ou=users,dc=opencloud,dc=com
|
||||
binPwd: admin
|
||||
baseDn: dc=example,dc=com
|
||||
roleBaseDn: ou=AppRoles,dc=example,dc=com
|
||||
baseDn: dc=opencloud,dc=com
|
||||
roleBaseDn: ou=AppRoles,dc=opencloud,dc=com
|
||||
resources:
|
||||
limits:
|
||||
cpu: 128m
|
||||
|
||||
@@ -90,7 +90,7 @@ func loadEnvFile(path string) (map[string]string, error) {
|
||||
}
|
||||
|
||||
func renderTemplate(input string, envs map[string]string) string {
|
||||
return varPattern.ReplaceAllStringFunc(input, func(match string) string {
|
||||
s := varPattern.ReplaceAllStringFunc(input, func(match string) string {
|
||||
sub := varPattern.FindStringSubmatch(match)
|
||||
varName := sub[1]
|
||||
defaultVal := sub[2][1:]
|
||||
@@ -100,4 +100,5 @@ func renderTemplate(input string, envs map[string]string) string {
|
||||
}
|
||||
return defaultVal
|
||||
})
|
||||
return s
|
||||
}
|
||||
|
||||
@@ -96,9 +96,9 @@ openldap:
|
||||
LDAP_BACKEND: "mdb"
|
||||
LDAP_TLS: "${OC_LDAP_TLS:-false}"
|
||||
LDAP_TLS_ENFORCE: "${OC_LDAP_TLS:-false}"
|
||||
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
|
||||
adminPassword: ${OC_LDAP_ADMIN_PWD:-admin}
|
||||
configPassword: "${OC_LDAP_CONFIG_PWD:-config}"
|
||||
LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
|
||||
adminPassword: "{SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
configPassword: "{SSHA}${OC_LDAP_CONFIG_PWD:-gr70yyCvtQo2zKe5OkvMkbkLRHUsVqOI}"
|
||||
phpldapadmin:
|
||||
enabled: false
|
||||
persistence:
|
||||
@@ -113,33 +113,33 @@ openldap:
|
||||
externalLDAP:
|
||||
enabled: ${OC_LDAP_EXTERNAL:-false}
|
||||
url: ${OC_LDAP_EXTERNAL_ENDPOINT}
|
||||
bindDN: ${OC_LDAP_EXTERNAL_DN:-cn=admin,dc=example,dc=com}
|
||||
bindPassword: ${OC_LDAP_EXTERNAL_PWD:-admin}
|
||||
bindDN: ${OC_LDAP_EXTERNAL_DN:-cn=admin,dc=opencloud,dc=com}
|
||||
bindPassword: "{SSHA}${OC_LDAP_EXTERNAL_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
customLdifFiles:
|
||||
01-schema.ldif: |-
|
||||
dn: ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: organizationalUnit
|
||||
ou: ${OC_LDAP_GROUPS_OU:-groups}
|
||||
|
||||
dn: ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: organizationalUnit
|
||||
ou: ${OC_LDAP_USERS_OU:-users}
|
||||
|
||||
dn: cn=lastGID,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: cn=lastGID,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: device
|
||||
objectClass: top
|
||||
description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
|
||||
cn: lastGID
|
||||
serialNumber: 2001
|
||||
|
||||
dn: cn=lastUID,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: cn=lastUID,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: device
|
||||
objectClass: top
|
||||
serialNumber: 2001
|
||||
description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
|
||||
cn: lastUID
|
||||
|
||||
dn: cn=everybody,ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: cn=everybody,ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: top
|
||||
objectClass: posixGroup
|
||||
cn: everybody
|
||||
@@ -147,14 +147,14 @@ openldap:
|
||||
gidNumber: 2003
|
||||
|
||||
02-ldapadmin.ldif : |-
|
||||
dn: cn=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: cn=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: top
|
||||
objectClass: posixGroup
|
||||
cn: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
|
||||
memberUid: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
|
||||
gidNumber: 2001
|
||||
|
||||
dn: uid=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: uid=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
givenName: ldap
|
||||
sn: admin
|
||||
uid: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
|
||||
@@ -170,21 +170,21 @@ openldap:
|
||||
homeDirectory: /home/ldapadmin
|
||||
|
||||
03-opencloudadmin.ldif : |-
|
||||
dn: uid=admin,ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: uid=admin,ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: inetOrgPerson
|
||||
cn: Admin
|
||||
sn: Istrator
|
||||
uid: ${OC_LDAP_ADMIN_USER:-admin}
|
||||
userPassword: ${OC_LDAP_ADMIN_PWD:-admin}
|
||||
userPassword: "{SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
mail: admin@example.com
|
||||
ou: ${OC_LDAP_USERS_OU:-users}
|
||||
|
||||
dn: ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: organizationalunit
|
||||
ou: AppRoles
|
||||
description: AppRoles
|
||||
|
||||
dn: ou=App1,ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
dn: ou=App1,ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
objectClass: organizationalunit
|
||||
ou: App1
|
||||
description: App1
|
||||
@@ -210,12 +210,12 @@ prometheus:
|
||||
ldapUserManager:
|
||||
enabled: true
|
||||
env:
|
||||
SERVER_HOSTNAME: ${OC_LDAP_MNGT_HOST:-ldap.exemple.com}
|
||||
LDAP_BASE_DN: ${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
SERVER_HOSTNAME: ${OC_LDAP_MNGT_HOST:-ldap.opencloud.com}
|
||||
LDAP_BASE_DN: ${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
LDAP_REQUIRE_STARTTLS: "${OC_LDAP_MNGT_REQUIRE_TLS:-false}"
|
||||
LDAP_ADMINS_GROUP: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
|
||||
LDAP_ADMIN_BIND_DN: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=example,dc=com}
|
||||
LDAP_ADMIN_BIND_PWD: ${OC_LDAP_MNGT_ADMIN_PWD:-admin}
|
||||
LDAP_ADMIN_BIND_DN: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=opencloud,dc=com}
|
||||
LDAP_ADMIN_BIND_PWD: "{SSHA}${OC_LDAP_MNGT_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
|
||||
LDAP_IGNORE_CERT_ERRORS: "${OC_LDAP_MNGT_IGNORE_CERTS_ERRORS:-true}"
|
||||
EMAIL_DOMAIN: ${OC_LDAP_MNGT_EMAIL_DOMAIN:-""}
|
||||
NO_HTTPS: "${OC_LDAP_MNGT_NO_HTTPS:-true}"
|
||||
@@ -426,10 +426,10 @@ ocAuth:
|
||||
hydra:
|
||||
openCloudOauth2ClientSecretName: oc-oauth2-client-secret
|
||||
ldap:
|
||||
bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=example,dc=com}
|
||||
bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,ou=users,dc=opencloud,dc=com}
|
||||
binPwd: ${OC_LDAP_ADMIN_PWD:-admin}
|
||||
baseDn: ${OC_LDAP_MNGT_DN:-dc=example,dc=com}
|
||||
roleBaseDn: ${OC_LDAP_ROLE_DN:-ou=AppRoles,dc=example,dc=com}
|
||||
baseDn: ${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
|
||||
roleBaseDn: ${OC_LDAP_ROLE_DN:-ou=AppRoles,dc=opencloud,dc=com}
|
||||
resources:
|
||||
limits:
|
||||
cpu: ${OC_AUTH_LIMITS_CPU:-128m}
|
||||
|
||||
Reference in New Issue
Block a user