114 lines
3.8 KiB
YAML
114 lines
3.8 KiB
YAML
{{- if .Values.ldapUserManager.enabled }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app: ldap-user-manager
|
|
name: {{ .Release.Name }}-ldap-user-manager
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: ldap-user-manager
|
|
strategy: {}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ldap-user-manager
|
|
spec:
|
|
containers:
|
|
- image: wheelybird/ldap-user-manager:v1.8
|
|
name: ldap-user-manager
|
|
env:
|
|
- name: SERVER_HOSTNAME
|
|
value: "{{ .Values.ldapUserManager.env.SERVER_HOSTNAME }}"
|
|
- name: LDAP_URI
|
|
value: "ldap://{{ .Release.Name }}-openldap.{{ .Release.Namespace }}.svc.cluster.local"
|
|
- name: LDAP_BASE_DN
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_BASE_DN }}"
|
|
- name: LDAP_REQUIRE_STARTTLS
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_REQUIRE_STARTTLS }}"
|
|
- name: LDAP_ADMINS_GROUP
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_ADMINS_GROUP }}"
|
|
- name: LDAP_ADMIN_BIND_DN
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_ADMIN_BIND_DN }}"
|
|
- name: LDAP_ADMIN_BIND_PWD
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_ADMIN_BIND_PWD }}"
|
|
- name: LDAP_IGNORE_CERT_ERRORS
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_IGNORE_CERT_ERRORS }}"
|
|
- name: NO_HTTPS
|
|
value: "{{ .Values.ldapUserManager.env.NO_HTTPS }}"
|
|
- name: EMAIL_DOMAIN
|
|
value: "{{ .Values.ldapUserManager.env.EMAIL_DOMAIN }}"
|
|
- name: ORGANISATION_NAME
|
|
value: "{{ .Values.ldapUserManager.env.ORGANISATION_NAME }}"
|
|
- name: LDAP_USER_OU
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_USER_OU }}"
|
|
- name: LDAP_GROUP_OU
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_OU }}"
|
|
- name: SERVER_PATH
|
|
value: "{{ .Values.ldapUserManager.env.SERVER_PATH }}"
|
|
- name: LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_ACCOUNT_ADDITIONAL_OBJECTCLASSES }}"
|
|
- name: LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_ACCOUNT_ADDITIONAL_ATTRIBUTES }}"
|
|
- name: LDAP_GROUP_ADDITIONAL_OBJECTCLASSES
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_ADDITIONAL_OBJECTCLASSES }}"
|
|
- name: LDAP_GROUP_ADDITIONAL_ATTRIBUTES
|
|
value: "{{ .Values.ldapUserManager.env.LDAP_GROUP_ADDITIONAL_ATTRIBUTES }}"
|
|
- name: ACCEPT_WEAK_PASSWORDS
|
|
value: "{{ .Values.ldapUserManager.env.ACCEPT_WEAK_PASSWORDS }}"
|
|
ports:
|
|
- name: http
|
|
containerPort: 80
|
|
protocol: TCP
|
|
- name: https
|
|
containerPort: 443
|
|
protocol: TCP
|
|
resources:
|
|
limits:
|
|
cpu: "{{ .Values.ldapUserManager.resources.limits.cpu }}"
|
|
memory: "{{ .Values.ldapUserManager.resources.limits.memory }}"
|
|
requests:
|
|
cpu: "{{ .Values.ldapUserManager.resources.requests.cpu }}"
|
|
memory: "{{ .Values.ldapUserManager.resources.requests.memory }}"
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: {{ .Release.Name }}-ldap-user-manager-svc
|
|
labels:
|
|
app: ldap-user-manager-svc
|
|
spec:
|
|
ports:
|
|
- name: http
|
|
port: 8080
|
|
protocol: TCP
|
|
targetPort: 80
|
|
- name: https
|
|
port: 8443
|
|
protocol: TCP
|
|
targetPort: 443
|
|
selector:
|
|
app: ldap-user-manager
|
|
type: ClusterIP
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: ldap-user-manager-ingress
|
|
spec:
|
|
entryPoints:
|
|
- web
|
|
routes:
|
|
- kind: Rule
|
|
match: Host(`{{ .Values.host }}`) && PathPrefix(`/users`)
|
|
priority: 10
|
|
services:
|
|
- kind: Service
|
|
name: {{ .Release.Name }}-ldap-user-manager-svc
|
|
passHostHeader: true
|
|
port: 8080
|
|
{{- end }}
|