Adding openldap + ldap user manager

opencloud/templates/ldapUserManager.yaml

@@ -0,0 +1,113 @@
+{{- if .Values.ldapUserManager.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: ldap-user-manager
+  name: {{ .Release.Name }}-ldap-user-manager
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ldap-user-manager
+  strategy: {}
+  template:
+    metadata:
+      labels:
+        app: ldap-user-manager
+    spec:
+      containers:
+      - image: wheelybird/ldap-user-manager:v1.8
+        name: ldap-user-manager
+        env:
+        - name: SERVER_HOSTNAME
+          value: "{{ .Values.ldapUserManager.env.SERVER_HOSTNAME }}"
+        - name: LDAP_URI
+          value: "ldap://{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local"
+        - name: LDAP_BASE_DN
+          value: "{{ .Values.ldapUserManager.env.LDAP_BASE_DN }}"
+        - name: LDAP_REQUIRE_STARTTLS
+          value: "{{ .Values.ldapUserManager.env.LDAP_REQUIRE_STARTTLS }}"
+        - name: LDAP_ADMINS_GROUP
+          value: "{{ .Values.ldapUserManager.env.LDAP_ADMINS_GROUP }}"
+        - name: LDAP_ADMIN_BIND_DN
+          value: "{{ .Values.ldapUserManager.env.LDAP_ADMIN_BIND_DN }}"
+        - name: LDAP_ADMIN_BIND_PWD
+          value: "{{ .Values.ldapUserManager.env.LDAP_ADMIN_BIND_PWD }}"
+        - name: LDAP_IGNORE_CERT_ERRORS
+          value: "{{ .Values.ldapUserManager.env.LDAP_IGNORE_CERT_ERRORS }}"
+        - name: NO_HTTPS
+          value: "{{ .Values.ldapUserManager.env.NO_HTTPS }}"
+        - name: EMAIL_DOMAIN
+          value: "{{ .Values.ldapUserManager.env.EMAIL_DOMAIN }}"
+        - name: ORGANISATION_NAME
+          value: "{{ .Values.ldapUserManager.env.ORGANISATION_NAME }}"
+        - name: LDAP_USER_OU
+          value: "{{ .Values.ldapUserManager.env.LDAP_USER_OU }}"
+        - name: LDAP_GROUP_OU
+          value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_OU }}"
+        - name: SERVER_PATH
+          value: "{{ .Values.ldapUserManager.env.SERVER_PATH }}"
+        - name: LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES
+          value: "{{ .Values.ldapUserManager.env.LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES }}"
+        - name: LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES
+          value: "{{ .Values.ldapUserManager.env.LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES }}"
+        - name: LDAP_GROUP_ADDITIONAL_OBJECTCLASSES
+          value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_ADDITIONAL_OBJECTCLASSES }}"
+        - name: LDAP_GROUP_ADDITIONAL_ATTRIBUTES
+          value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_ADDITIONAL_ATTRIBUTES }}"
+        - name: ACCEPT_WEAK_PASSWORDS
+          value: "{{ .Values.ldapUserManager.env.ACCEPT_WEAK_PASSWORDS }}"
+        ports:
+          - name: http
+            containerPort: 80
+            protocol: TCP
+          - name: https
+            containerPort: 443
+            protocol: TCP
+        resources:
+          limits:
+            cpu: "{{ .Values.ldapUserManager.resources.limits.cpu }}"
+            memory: "{{ .Values.ldapUserManager.resources.limits.memory }}"
+          requests:
+            cpu: "{{ .Values.ldapUserManager.resources.requests.cpu }}"
+            memory: "{{ .Values.ldapUserManager.resources.requests.memory }}"
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}-ldap-user-manager-svc
+  labels:
+    app: ldap-user-manager-svc
+spec:
+  ports:
+  - name: http
+    port: 8080
+    protocol: TCP
+    targetPort: 80
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: 443
+  selector:
+    app: ldap-user-manager
+  type: ClusterIP
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: ldap-user-manager-ingress
+spec:
+  entryPoints:
+    - web
+  routes:                           
+    - kind: Rule
+      match:  Host(`{{ .Values.host }}`) &&  PathPrefix(`/users`)
+      priority: 10                    
+      services:
+      - kind: Service
+        name: {{ .Release.Name }}-ldap-user-manager-svc
+        passHostHeader: true
+        port: 8080
+{{- end }}