265 lines
5.9 KiB
YAML
265 lines
5.9 KiB
YAML
env: dev # For storage class provisioning
|
|
host: localhost # For reverse proxy rule
|
|
|
|
mongo-express:
|
|
enabled: true
|
|
mongodbServer: dev-mongodb.dev
|
|
mongodbPort: 27017
|
|
mongodbEnableAdmin: true
|
|
mongodbAdminUsername: root
|
|
mongodbAdminPassword: rootpwd
|
|
siteBaseUrl: /mongoexpress
|
|
basicAuthUsername: test
|
|
basicAuthPassword: testme
|
|
mongodb:
|
|
enabled: false
|
|
|
|
mongodb:
|
|
enabled: true
|
|
global:
|
|
defaultStorageClass: kind-sc
|
|
storageClass: kind-sc
|
|
architecture: standalone
|
|
useStatefulSet: false
|
|
auth:
|
|
enabled: true
|
|
rootUser: root
|
|
rootPassword: rootpwd
|
|
databases: ["DC_myDC"]
|
|
usernames: ["opencloud"]
|
|
passwords: ["opencloud"]
|
|
resourcesPreset: "small"
|
|
replicaCount: 1
|
|
persistence:
|
|
enabled: true
|
|
storageClass: kind-sc
|
|
existingClaim: mongo-pvc
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
size: 100Mi
|
|
persistentVolumeClaimRetentionPolicy:
|
|
enabled: true
|
|
whenDeleted: Retain
|
|
whenScaled: Retain
|
|
arbiter:
|
|
enabled: false
|
|
livenessProbe:
|
|
enabled: true
|
|
readinessProbe:
|
|
enabled: true
|
|
|
|
nats:
|
|
enabled: true
|
|
jetstream:
|
|
enabled: true
|
|
fileStore:
|
|
size: 20Mi
|
|
storageClassName: kind-sc
|
|
|
|
|
|
openldap:
|
|
enabled: true
|
|
test:
|
|
enabled: false
|
|
ltb-passwd:
|
|
enabled: false
|
|
replicaCount: 1
|
|
image:
|
|
repository: osixia/openldap
|
|
tag: 1.5.0
|
|
tls:
|
|
enabled: false
|
|
env:
|
|
LDAP_ORGANISATION: "Example opencloud"
|
|
LDAP_DOMAIN: "example.com"
|
|
LDAP_BACKEND: "mdb"
|
|
LDAP_TLS: "false"
|
|
LDAP_TLS_ENFORCE: "false"
|
|
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
|
|
adminPassword: "admin@password"
|
|
configPassword: "config@password"
|
|
phpldapadmin:
|
|
enabled: false
|
|
persistence:
|
|
enabled: true
|
|
accessMode: ReadWriteOnce
|
|
size: 10Mi
|
|
storageClass: kind-sc
|
|
replication:
|
|
enabled: false
|
|
customLdifFiles:
|
|
|
|
01-schema.ldif: |-
|
|
dn: ou=groups,dc=example,dc=com
|
|
objectClass: organizationalUnit
|
|
ou: groups
|
|
|
|
dn: ou=users,dc=example,dc=com
|
|
objectClass: organizationalUnit
|
|
ou: users
|
|
|
|
dn: cn=lastGID,dc=example,dc=com
|
|
objectClass: device
|
|
objectClass: top
|
|
description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
|
|
cn: lastGID
|
|
serialNumber: 2001
|
|
|
|
dn: cn=lastUID,dc=example,dc=com
|
|
objectClass: device
|
|
objectClass: top
|
|
serialNumber: 2001
|
|
description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
|
|
cn: lastUID
|
|
|
|
dn: cn=everybody,ou=groups,dc=example,dc=com
|
|
objectClass: top
|
|
objectClass: posixGroup
|
|
cn: everybody
|
|
memberUid: admin
|
|
gidNumber: 2003
|
|
|
|
02-ldapadmin.ldif : |-
|
|
dn: cn=ldapadmin,ou=groups,dc=example,dc=com
|
|
objectClass: top
|
|
objectClass: posixGroup
|
|
cn: ldapadmin
|
|
memberUid: ldapadmin
|
|
gidNumber: 2001
|
|
|
|
dn: uid=ldapadmin,ou=users,dc=example,dc=com
|
|
givenName: ldap
|
|
sn: admin
|
|
uid: ldapadmin
|
|
cn: ldapadmin
|
|
mail: ldapadmin@example.com
|
|
objectClass: person
|
|
objectClass: inetOrgPerson
|
|
objectClass: posixAccount
|
|
userPassword: ldapadmin
|
|
uidNumber: 2001
|
|
gidNumber: 2001
|
|
loginShell: /bin/bash
|
|
homeDirectory: /home/ldapadmin
|
|
|
|
03-opencloudadmin.ldif : |-
|
|
dn: cn=admin,ou=groups,dc=example,dc=com
|
|
objectClass: top
|
|
objectClass: posixGroup
|
|
cn: admin
|
|
memberUid: admin
|
|
gidNumber: 2002
|
|
|
|
dn: uid=admin,ou=users,dc=example,dc=com
|
|
givenName: John
|
|
sn: Doe
|
|
uid: admin
|
|
mail: john.doe@example.com
|
|
cn: JohnDoe
|
|
objectClass: person
|
|
objectClass: inetOrgPerson
|
|
objectClass: posixAccount
|
|
userPassword:: e0NSWVBUfSQ2JDdTZ0daU1FXJGw1ZWRTTHVDaDV6a0NvUlllZzFLd3MwUHRKQ
|
|
jJQL09CQWdoc0RkbWhzTXJPcEpCbzR3b01yNWJQcjlubi8udWdzM25LcHlKQmt2eHVJWFM0eUQ1
|
|
cnox
|
|
uidNumber: 2002
|
|
gidNumber: 2002
|
|
loginShell: /bin/bash
|
|
homeDirectory: /home/admin
|
|
|
|
# ldap user manager configuration
|
|
ldapUserManager:
|
|
enabled: true
|
|
env:
|
|
SERVER_HOSTNAME: "users.example.com"
|
|
LDAP_BASE_DN: "dc=example,dc=com"
|
|
LDAP_REQUIRE_STARTTLS: "false"
|
|
LDAP_ADMINS_GROUP: "ldapadmin"
|
|
LDAP_ADMIN_BIND_DN: "cn=admin,dc=example,dc=com"
|
|
LDAP_ADMIN_BIND_PWD: "admin@password"
|
|
LDAP_IGNORE_CERT_ERRORS: "true"
|
|
EMAIL_DOMAIN: ""
|
|
NO_HTTPS: "true"
|
|
SERVER_PATH: "/users"
|
|
ORGANISATION_NAME: "Example"
|
|
LDAP_USER_OU: "users"
|
|
LDAP_GROUP_OU: "groups"
|
|
ACCEPT_WEAK_PASSWORDS: "true"
|
|
resources:
|
|
limits:
|
|
cpu: "128m"
|
|
memory: "256Mi"
|
|
requests:
|
|
cpu: "128m"
|
|
memory: "256Mi"
|
|
|
|
traefik:
|
|
enabled: true
|
|
service:
|
|
type: NodePort
|
|
ingressRoute:
|
|
dashboard:
|
|
enabled: true
|
|
matchRule: Host(`localhost`) && PathPrefix(`/api`) || PathPrefix(`/dashboard`)
|
|
entryPoints: [web]
|
|
ports:
|
|
web:
|
|
nodePort: 30950
|
|
|
|
hydra:
|
|
enabled: true
|
|
maester:
|
|
enabled: true
|
|
hydra:
|
|
dev: true
|
|
config:
|
|
dsn: memory
|
|
urls:
|
|
login: http://localhost/authentication/login
|
|
consent: http://localhost/consent/consent
|
|
logout: http://localhost/authentication/logout
|
|
self:
|
|
issuer: http://localhost/idp
|
|
|
|
keto:
|
|
enabled: true
|
|
keto:
|
|
config:
|
|
serve:
|
|
read:
|
|
port: 4466
|
|
write:
|
|
port: 4467
|
|
metrics:
|
|
port: 4468
|
|
namespaces:
|
|
- id: 0
|
|
name: open-cloud
|
|
dsn: memory
|
|
|
|
ocAuth:
|
|
enabled: true
|
|
image: oc/oc-auth:0.0.1
|
|
authType: hydra
|
|
keto:
|
|
adminRole: admin
|
|
hydra:
|
|
openCloudOauth2ClientSecretName: oc-auth-got-secret
|
|
ldap:
|
|
bindDn: "cn=admin,dc=example,dc=com"
|
|
binPwd: "admin@password"
|
|
baseDn: "dc=example,dc=com"
|
|
roleBaseDn: "ou=AppRoles,dc=example,dc=com"
|
|
resources:
|
|
limits:
|
|
cpu: "128m"
|
|
memory: "128Mi"
|
|
requests:
|
|
cpu: "128m"
|
|
memory: "256Mi"
|
|
|
|
loki:
|
|
enabled: false
|
|
|
|
grafana:
|
|
enabled: false |