oc-k8s/opencloud/dev-values.yaml

env: dev # For storage class provisioning
host: localhost # For reverse proxy rule

mongo-express:
  enabled: true
  mongodbServer: dev-mongodb.dev
  mongodbPort: 27017
  mongodbEnableAdmin: true
  mongodbAdminUsername: root
  mongodbAdminPassword: rootpwd
  siteBaseUrl: /mongoexpress
  basicAuthUsername: test
  basicAuthPassword: testme
  mongodb:
    enabled: false

mongodb:
  enabled: true
  global:
    defaultStorageClass: kind-sc
    storageClass: kind-sc
  architecture: standalone
  useStatefulSet: false
  auth:
    rootUser: root
    rootPassword: rootpwd
    usernames: []
    passwords: []
  resourcesPreset: "small"
  replicaCount: 1
  persistence:
    enabled: true
    storageClass: kind-sc
    existingClaim: mongo-pvc
    accessModes: 
    - ReadWriteOnce
    size: 100Mi
  persistentVolumeClaimRetentionPolicy:
    enabled: true
    whenDeleted: Retain
    whenScaled: Retain
  arbiter:
    enabled: false
  livenessProbe:
    enabled: true
  readinessProbe:
    enabled: true

nats:
  enabled: true
  jetstream:
    enabled: true
    fileStore:
      size: 20Mi
      storageClassName: kind-sc


openldap:
  enabled: true
  test:
    enabled: false
  ltb-passwd:
    enabled: false
  replicaCount: 1
  image:
    repository: osixia/openldap
    tag: 1.5.0
  tls:
    enabled: false
  env:
    LDAP_ORGANISATION: "Example opencloud"
    LDAP_DOMAIN: "example.com"
    LDAP_BACKEND: "mdb"
    LDAP_TLS: "false"
    LDAP_TLS_ENFORCE: "false"
    LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
  adminPassword: "admin@password"
  configPassword: "config@password"
  phpldapadmin:
    enabled: false
  persistence:
    enabled: true
    accessMode: ReadWriteOnce
    size: 10Mi
    storageClass: kind-sc
  replication:
    enabled: false
  customLdifFiles:

    01-schema.ldif: |-
      dn: ou=groups,dc=example,dc=com
      objectClass: organizationalUnit
      ou: groups

      dn: ou=users,dc=example,dc=com
      objectClass: organizationalUnit
      ou: users

      dn: cn=lastGID,dc=example,dc=com
      objectClass: device
      objectClass: top
      description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
      cn: lastGID
      serialNumber: 2001

      dn: cn=lastUID,dc=example,dc=com
      objectClass: device
      objectClass: top
      serialNumber: 2001
      description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
      cn: lastUID

    02-ldapadmin.ldif : |-
      dn: cn=ldapadmin,ou=groups,dc=example,dc=com
      objectClass: top
      objectClass: posixGroup
      cn: ldapadmin
      memberUid: ldapadmin
      gidNumber: 2001

      dn: uid=ldapadmin,ou=users,dc=example,dc=com
      givenName: ldap
      sn: admin
      uid: ldapadmin
      cn: ldapadmin
      mail: ldapadmin@example.com
      objectClass: person
      objectClass: inetOrgPerson
      objectClass: posixAccount
      userPassword: ldapadmin
      uidNumber: 2001
      gidNumber: 2001
      loginShell: /bin/bash
      homeDirectory: /home/ldapadmin

# ldap user manager configuration
ldapUserManager:
  enabled: true
  env:
    SERVER_HOSTNAME: "users.example.com"
    LDAP_BASE_DN: "dc=example,dc=com"
    LDAP_REQUIRE_STARTTLS: "false"
    LDAP_ADMINS_GROUP: "ldapadmin"
    LDAP_ADMIN_BIND_DN: "cn=admin,dc=example,dc=com"
    LDAP_ADMIN_BIND_PWD: "admin@password"
    LDAP_IGNORE_CERT_ERRORS: "true"
    EMAIL_DOMAIN: ""
    NO_HTTPS: "true"
    SERVER_PATH: "/users"
    ORGANISATION_NAME: "Example"
    LDAP_USER_OU: "users"
    LDAP_GROUP_OU: "groups"
    ACCEPT_WEAK_PASSWORDS: "true"
  resources:
    limits:
      cpu: "128m"
      memory: "256Mi"
    requests:
      cpu: "128m"
      memory: "256Mi"

traefik:
  enabled: true
  service:
    type: NodePort
  ingressRoute:
    dashboard:
      enabled: true
      matchRule: Host(`localhost`) && PathPrefix(`/api`) || PathPrefix(`/dashboard`)
      entryPoints: [web]
  ports:
    web:
      nodePort: 30950

hydra:
  enabled: true
  maester:
    enabled: true
  hydra:
    dev: true
    config:
      dsn: memory
      urls:
        login: http://localhost/authentication/login
        consent: http://localhost/consent/consent
        logout: http://localhost/authentication/logout
        self:
          issuer: http://localhost/idp

keto:
  enabled: true

ocAuth:
  enabled: false
  image: oc-auth:latest
  authType: hydra
  hydra:
    adminRole: admin
    openCloudOauth2ClientSecretName: oc-auth-got-secret
  ldap:
    bindDn: "cn=admin,dc=example,dc=com"
    binPwd: "password"
    baseDn: "dc=example,dc=com"
    roleBaseDn: "ou=AppRoles,dc=example,dc=com"
  resources:
    limits:
      cpu: "128m"
      memory: "128Mi"
    requests:
      cpu: "128m"
      memory: "256Mi"
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`env: dev # For storage class provisioning`
			`host: localhost # For reverse proxy rule`

Pushing mongod and mongoexpress integration 2024-11-29 15:18:56 +01:00			`mongo-express:`
			`enabled: true`
			`mongodbServer: dev-mongodb.dev`
			`mongodbPort: 27017`
			`mongodbEnableAdmin: true`
			`mongodbAdminUsername: root`
			`mongodbAdminPassword: rootpwd`
			`siteBaseUrl: /mongoexpress`
			`basicAuthUsername: test`
			`basicAuthPassword: testme`
			`mongodb:`
			`enabled: false`

			`mongodb:`
			`enabled: true`
			`global:`
			`defaultStorageClass: kind-sc`
			`storageClass: kind-sc`
			`architecture: standalone`
			`useStatefulSet: false`
			`auth:`
			`rootUser: root`
			`rootPassword: rootpwd`
			`usernames: []`
			`passwords: []`
			`resourcesPreset: "small"`
			`replicaCount: 1`
			`persistence:`
			`enabled: true`
			`storageClass: kind-sc`
PVC 'manually' added for mongodb 2024-11-29 16:35:05 +01:00			`existingClaim: mongo-pvc`
			`accessModes:`
			`- ReadWriteOnce`
Pushing mongod and mongoexpress integration 2024-11-29 15:18:56 +01:00			`size: 100Mi`
			`persistentVolumeClaimRetentionPolicy:`
			`enabled: true`
			`whenDeleted: Retain`
			`whenScaled: Retain`
			`arbiter:`
			`enabled: false`
			`livenessProbe:`
			`enabled: true`
			`readinessProbe:`
			`enabled: true`

useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`nats:`
			`enabled: true`
			`jetstream:`
			`enabled: true`
			`fileStore:`
			`size: 20Mi`
			`storageClassName: kind-sc`


Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`openldap:`
			`enabled: true`
			`test:`
			`enabled: false`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`ltb-passwd:`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`enabled: false`
			`replicaCount: 1`
			`image:`
			`repository: osixia/openldap`
			`tag: 1.5.0`
			`tls:`
			`enabled: false`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`env:`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`LDAP_ORGANISATION: "Example opencloud"`
			`LDAP_DOMAIN: "example.com"`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`LDAP_BACKEND: "mdb"`
			`LDAP_TLS: "false"`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`LDAP_TLS_ENFORCE: "false"`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`adminPassword: "admin@password"`
			`configPassword: "config@password"`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`phpldapadmin:`
			`enabled: false`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`persistence:`
			`enabled: true`
			`accessMode: ReadWriteOnce`
			`size: 10Mi`
			`storageClass: kind-sc`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`replication:`
			`enabled: false`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`customLdifFiles:`

			`01-schema.ldif: \|-`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`dn: ou=groups,dc=example,dc=com`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`objectClass: organizationalUnit`
			`ou: groups`

Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`dn: ou=users,dc=example,dc=com`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`objectClass: organizationalUnit`
			`ou: users`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`dn: cn=lastGID,dc=example,dc=com`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`objectClass: device`
			`objectClass: top`
			`description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.`
			`cn: lastGID`
			`serialNumber: 2001`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`dn: cn=lastUID,dc=example,dc=com`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`objectClass: device`
			`objectClass: top`
			`serialNumber: 2001`
			`description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.`
			`cn: lastUID`

			`02-ldapadmin.ldif : \|-`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`dn: cn=ldapadmin,ou=groups,dc=example,dc=com`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`objectClass: top`
			`objectClass: posixGroup`
			`cn: ldapadmin`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`memberUid: ldapadmin`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`gidNumber: 2001`

Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`dn: uid=ldapadmin,ou=users,dc=example,dc=com`
			`givenName: ldap`
			`sn: admin`
			`uid: ldapadmin`
			`cn: ldapadmin`
			`mail: ldapadmin@example.com`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`objectClass: person`
			`objectClass: inetOrgPerson`
			`objectClass: posixAccount`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`userPassword: ldapadmin`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`uidNumber: 2001`
			`gidNumber: 2001`
			`loginShell: /bin/bash`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`homeDirectory: /home/ldapadmin`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00
			`# ldap user manager configuration`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`ldapUserManager:`
Adding openldap + ldap user manager 2024-12-02 13:57:37 +01:00			`enabled: true`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`env:`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`SERVER_HOSTNAME: "users.example.com"`
			`LDAP_BASE_DN: "dc=example,dc=com"`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`LDAP_REQUIRE_STARTTLS: "false"`
			`LDAP_ADMINS_GROUP: "ldapadmin"`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`LDAP_ADMIN_BIND_DN: "cn=admin,dc=example,dc=com"`
			`LDAP_ADMIN_BIND_PWD: "admin@password"`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`LDAP_IGNORE_CERT_ERRORS: "true"`
			`EMAIL_DOMAIN: ""`
			`NO_HTTPS: "true"`
			`SERVER_PATH: "/users"`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`ORGANISATION_NAME: "Example"`
useless lock in conf, pushing default values for nat 2024-11-29 10:34:17 +01:00			`LDAP_USER_OU: "users"`
			`LDAP_GROUP_OU: "groups"`
			`ACCEPT_WEAK_PASSWORDS: "true"`
			`resources:`
			`limits:`
			`cpu: "128m"`
			`memory: "256Mi"`
			`requests:`
			`cpu: "128m"`
			`memory: "256Mi"`
Integrating traefik 2024-11-28 11:09:51 +01:00
			`traefik:`
			`enabled: true`
			`service:`
			`type: NodePort`
			`ingressRoute:`
			`dashboard:`
			`enabled: true`
			matchRule: Host(`localhost`) && PathPrefix(`/api`) \|\| PathPrefix(`/dashboard`)
			`entryPoints: [web]`
			`ports:`
			`web:`
hydra bootstraping 2024-12-02 13:20:11 +01:00			`nodePort: 30950`

			`hydra:`
			`enabled: true`
			`maester:`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`enabled: true`
hydra bootstraping 2024-12-02 13:20:11 +01:00			`hydra:`
			`dev: true`
			`config:`
			`dsn: memory`
			`urls:`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`login: http://localhost/authentication/login`
			`consent: http://localhost/consent/consent`
			`logout: http://localhost/authentication/logout`
hydra bootstraping 2024-12-02 13:20:11 +01:00			`self:`
Fixing ldap conf, initializing keto, oc-auth and co 2024-12-09 15:05:29 +01:00			`issuer: http://localhost/idp`

			`keto:`
			`enabled: true`

			`ocAuth:`
			`enabled: false`
			`image: oc-auth:latest`
			`authType: hydra`
			`hydra:`
			`adminRole: admin`
			`openCloudOauth2ClientSecretName: oc-auth-got-secret`
			`ldap:`
			`bindDn: "cn=admin,dc=example,dc=com"`
			`binPwd: "password"`
			`baseDn: "dc=example,dc=com"`
			`roleBaseDn: "ou=AppRoles,dc=example,dc=com"`
			`resources:`
			`limits:`
			`cpu: "128m"`
			`memory: "128Mi"`
			`requests:`
			`cpu: "128m"`
			`memory: "256Mi"`