{{- if .Values.ldapUserManager.enabled }} apiVersion: apps/v1 kind: Deployment metadata: labels: app: ldap-user-manager name: {{ .Release.Name }}-ldap-user-manager spec: replicas: 1 selector: matchLabels: app: ldap-user-manager strategy: {} template: metadata: labels: app: ldap-user-manager spec: containers: - image: wheelybird/ldap-user-manager:v1.8 name: ldap-user-manager env: - name: SERVER_HOSTNAME value: "{{ .Values.ldapUserManager.env.SERVER_HOSTNAME }}" - name: LDAP_URI value: "ldap://{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local" - name: LDAP_BASE_DN value: "{{ .Values.ldapUserManager.env.LDAP_BASE_DN }}" - name: LDAP_REQUIRE_STARTTLS value: "{{ .Values.ldapUserManager.env.LDAP_REQUIRE_STARTTLS }}" - name: LDAP_ADMINS_GROUP value: "{{ .Values.ldapUserManager.env.LDAP_ADMINS_GROUP }}" - name: LDAP_ADMIN_BIND_DN value: "{{ .Values.ldapUserManager.env.LDAP_ADMIN_BIND_DN }}" - name: LDAP_ADMIN_BIND_PWD value: "{{ .Values.ldapUserManager.env.LDAP_ADMIN_BIND_PWD }}" - name: LDAP_IGNORE_CERT_ERRORS value: "{{ .Values.ldapUserManager.env.LDAP_IGNORE_CERT_ERRORS }}" - name: NO_HTTPS value: "{{ .Values.ldapUserManager.env.NO_HTTPS }}" - name: EMAIL_DOMAIN value: "{{ .Values.ldapUserManager.env.EMAIL_DOMAIN }}" - name: ORGANISATION_NAME value: "{{ .Values.ldapUserManager.env.ORGANISATION_NAME }}" - name: LDAP_USER_OU value: "{{ .Values.ldapUserManager.env.LDAP_USER_OU }}" - name: LDAP_GROUP_OU value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_OU }}" - name: SERVER_PATH value: "{{ .Values.ldapUserManager.env.SERVER_PATH }}" - name: LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES value: "{{ .Values.ldapUserManager.env.LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES }}" - name: LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES value: "{{ .Values.ldapUserManager.env.LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES }}" - name: LDAP_GROUP_ADDITIONAL_OBJECTCLASSES value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_ADDITIONAL_OBJECTCLASSES }}" - name: LDAP_GROUP_ADDITIONAL_ATTRIBUTES value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_ADDITIONAL_ATTRIBUTES }}" - name: ACCEPT_WEAK_PASSWORDS value: "{{ .Values.ldapUserManager.env.ACCEPT_WEAK_PASSWORDS }}" ports: - name: http containerPort: 80 protocol: TCP - name: https containerPort: 443 protocol: TCP resources: limits: cpu: "{{ .Values.ldapUserManager.resources.limits.cpu }}" memory: "{{ .Values.ldapUserManager.resources.limits.memory }}" requests: cpu: "{{ .Values.ldapUserManager.resources.requests.cpu }}" memory: "{{ .Values.ldapUserManager.resources.requests.memory }}" --- apiVersion: v1 kind: Service metadata: name: {{ .Release.Name }}-ldap-user-manager-svc labels: app: ldap-user-manager-svc spec: ports: - name: http port: 8080 protocol: TCP targetPort: 80 - name: https port: 8443 protocol: TCP targetPort: 443 selector: app: ldap-user-manager type: ClusterIP --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: ldap-user-manager-ingress spec: entryPoints: - web routes: - kind: Rule match: Host(`{{ .Values.host }}`) && PathPrefix(`/users`) priority: 10 services: - kind: Service name: {{ .Release.Name }}-ldap-user-manager-svc passHostHeader: true port: 8080 {{- end }}