core/oc-k8s
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

values

Browse Source
This commit is contained in:
mr
2026-01-21 14:36:51 +01:00
parent 7a8a4f678a
commit 5acf96919c
4 changed files with 51 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
utils/assets/values.yaml.template
View File

@@ -96,9 +96,9 @@ openldap:
LDAP_BACKEND: "mdb"
LDAP_TLS: "${OC_LDAP_TLS:-false}"
LDAP_TLS_ENFORCE: "${OC_LDAP_TLS:-false}"
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
adminPassword: ${OC_LDAP_ADMIN_PWD:-admin}
configPassword: "${OC_LDAP_CONFIG_PWD:-config}"
LDAP_REMOVE_CONFIG_AFTER_SETUP: "false"
adminPassword: "{SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
configPassword: "{SSHA}${OC_LDAP_CONFIG_PWD:-gr70yyCvtQo2zKe5OkvMkbkLRHUsVqOI}"
phpldapadmin:
enabled: false
persistence:
@@ -113,33 +113,33 @@ openldap:
externalLDAP:
enabled: ${OC_LDAP_EXTERNAL:-false}
url: ${OC_LDAP_EXTERNAL_ENDPOINT}
bindDN: ${OC_LDAP_EXTERNAL_DN:-cn=admin,dc=example,dc=com}
bindPassword: ${OC_LDAP_EXTERNAL_PWD:-admin}
bindDN: ${OC_LDAP_EXTERNAL_DN:-cn=admin,dc=opencloud,dc=com}
bindPassword: "{SSHA}${OC_LDAP_EXTERNAL_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
customLdifFiles:
01-schema.ldif: |-
dn: ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: organizationalUnit
ou: ${OC_LDAP_GROUPS_OU:-groups}
dn: ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: organizationalUnit
ou: ${OC_LDAP_USERS_OU:-users}
dn: cn=lastGID,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: cn=lastGID,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: device
objectClass: top
description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
cn: lastGID
serialNumber: 2001
dn: cn=lastUID,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: cn=lastUID,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: device
objectClass: top
serialNumber: 2001
description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
cn: lastUID
dn: cn=everybody,ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: cn=everybody,ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: top
objectClass: posixGroup
cn: everybody
@@ -147,14 +147,14 @@ openldap:
gidNumber: 2003
02-ldapadmin.ldif : |-
dn: cn=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: cn=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_GROUPS_OU:-groups},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: top
objectClass: posixGroup
cn: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
memberUid: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
gidNumber: 2001
dn: uid=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: uid=${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin},ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
givenName: ldap
sn: admin
uid: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
@@ -170,21 +170,21 @@ openldap:
homeDirectory: /home/ldapadmin
03-opencloudadmin.ldif : |-
dn: uid=admin,ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: uid=admin,ou=${OC_LDAP_USERS_OU:-users},${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: inetOrgPerson
cn: Admin
sn: Istrator
uid: ${OC_LDAP_ADMIN_USER:-admin}
userPassword: ${OC_LDAP_ADMIN_PWD:-admin}
userPassword: "{SSHA}${OC_LDAP_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
mail: admin@example.com
ou: ${OC_LDAP_USERS_OU:-users}
dn: ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: organizationalunit
ou: AppRoles
description: AppRoles
dn: ou=App1,ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=example,dc=com}
dn: ou=App1,ou=AppRoles,${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
objectClass: organizationalunit
ou: App1
description: App1
@@ -210,12 +210,12 @@ prometheus:
ldapUserManager:
enabled: true
env:
SERVER_HOSTNAME: ${OC_LDAP_MNGT_HOST:-ldap.exemple.com}
LDAP_BASE_DN: ${OC_LDAP_MNGT_DN:-dc=example,dc=com}
SERVER_HOSTNAME: ${OC_LDAP_MNGT_HOST:-ldap.opencloud.com}
LDAP_BASE_DN: ${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
LDAP_REQUIRE_STARTTLS: "${OC_LDAP_MNGT_REQUIRE_TLS:-false}"
LDAP_ADMINS_GROUP: ${OC_LDAP_MNGT_ADMIN_GROUP:-ldapadmin}
LDAP_ADMIN_BIND_DN: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=example,dc=com}
LDAP_ADMIN_BIND_PWD: ${OC_LDAP_MNGT_ADMIN_PWD:-admin}
LDAP_ADMIN_BIND_DN: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=opencloud,dc=com}
LDAP_ADMIN_BIND_PWD: "{SSHA}${OC_LDAP_MNGT_ADMIN_PWD:-HMWJO7XCw80he2lqMf0PHzvvF14p6aLE}"
LDAP_IGNORE_CERT_ERRORS: "${OC_LDAP_MNGT_IGNORE_CERTS_ERRORS:-true}"
EMAIL_DOMAIN: ${OC_LDAP_MNGT_EMAIL_DOMAIN:-""}
NO_HTTPS: "${OC_LDAP_MNGT_NO_HTTPS:-true}"
@@ -426,10 +426,10 @@ ocAuth:
hydra:
openCloudOauth2ClientSecretName: oc-oauth2-client-secret
ldap:
bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,dc=example,dc=com}
bindDn: ${OC_LDAP_MNGT_ADMIN_DN:-cn=admin,ou=users,dc=opencloud,dc=com}
binPwd: ${OC_LDAP_ADMIN_PWD:-admin}
baseDn: ${OC_LDAP_MNGT_DN:-dc=example,dc=com}
roleBaseDn: ${OC_LDAP_ROLE_DN:-ou=AppRoles,dc=example,dc=com}
baseDn: ${OC_LDAP_MNGT_DN:-dc=opencloud,dc=com}
roleBaseDn: ${OC_LDAP_ROLE_DN:-ou=AppRoles,dc=opencloud,dc=com}
resources:
limits:
cpu: ${OC_AUTH_LIMITS_CPU:-128m}