plm/oc-k8s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2738dd614c
oc-k8s/opencloud/dev-values.yaml
plm f6fa0e22d2 Integrating argo
2025-01-16 13:11:31 +01:00

499 lines
10 KiB
YAML
Raw Blame History

env: dev # For storage class provisioning
host: beta.opencloud.com # For reverse proxy rule
scheme: http # For reverse proxy rule
mongo-express:
enabled: true
mongodbServer: dev-mongodb.dev
mongodbPort: 27017
mongodbEnableAdmin: true
mongodbAdminUsername: root
mongodbAdminPassword: rootpwd
siteBaseUrl: /mongoexpress
basicAuthUsername: test
basicAuthPassword: testme
mongodb:
enabled: false
mongodb:
enabled: true
global:
defaultStorageClass: kind-sc
storageClass: kind-sc
architecture: standalone
useStatefulSet: false
auth:
enabled: true
rootUser: root
rootPassword: rootpwd
databases: ["DC_myDC"]
usernames: ["opencloud"]
passwords: ["opencloud"]
resourcesPreset: "small"
replicaCount: 1
persistence:
enabled: true
storageClass: kind-sc
existingClaim: mongo-pvc
accessModes:
- ReadWriteOnce
size: 100Mi
persistentVolumeClaimRetentionPolicy:
enabled: true
whenDeleted: Retain
whenScaled: Retain
arbiter:
enabled: false
livenessProbe:
enabled: true
readinessProbe:
enabled: true
nats:
enabled: true
jetstream:
enabled: true
fileStore:
size: 20Mi
storageClassName: kind-sc
openldap:
enabled: true
test:
enabled: false
ltb-passwd:
enabled: false
replicaCount: 1
image:
repository: osixia/openldap
tag: 1.5.0
tls:
enabled: false
env:
LDAP_ORGANISATION: "Example opencloud"
LDAP_DOMAIN: "example.com"
LDAP_BACKEND: "mdb"
LDAP_TLS: "false"
LDAP_TLS_ENFORCE: "false"
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
adminPassword: "admin@password"
configPassword: "config@password"
phpldapadmin:
enabled: false
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 10Mi
storageClass: kind-sc
replication:
enabled: false
customLdifFiles:
01-schema.ldif: |-
dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
ou: groups
dn: ou=users,dc=example,dc=com
objectClass: organizationalUnit
ou: users
dn: cn=lastGID,dc=example,dc=com
objectClass: device
objectClass: top
description: Records the last GID used to create a Posix group. This prevents the re-use of a GID from a deleted group.
cn: lastGID
serialNumber: 2001
dn: cn=lastUID,dc=example,dc=com
objectClass: device
objectClass: top
serialNumber: 2001
description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
cn: lastUID
dn: cn=everybody,ou=groups,dc=example,dc=com
objectClass: top
objectClass: posixGroup
cn: everybody
memberUid: admin
gidNumber: 2003
02-ldapadmin.ldif : |-
dn: cn=ldapadmin,ou=groups,dc=example,dc=com
objectClass: top
objectClass: posixGroup
cn: ldapadmin
memberUid: ldapadmin
gidNumber: 2001
dn: uid=ldapadmin,ou=users,dc=example,dc=com
givenName: ldap
sn: admin
uid: ldapadmin
cn: ldapadmin
mail: ldapadmin@example.com
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
userPassword: ldapadmin
uidNumber: 2001
gidNumber: 2001
loginShell: /bin/bash
homeDirectory: /home/ldapadmin
03-opencloudadmin.ldif : |-
dn: cn=admin,ou=groups,dc=example,dc=com
objectClass: top
objectClass: posixGroup
cn: admin
memberUid: admin
gidNumber: 2002
dn: uid=admin,ou=users,dc=example,dc=com
givenName: John
sn: Doe
uid: admin
mail: john.doe@example.com
cn: JohnDoe
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
userPassword:: e0NSWVBUfSQ2JDdTZ0daU1FXJGw1ZWRTTHVDaDV6a0NvUlllZzFLd3MwUHRKQ
jJQL09CQWdoc0RkbWhzTXJPcEpCbzR3b01yNWJQcjlubi8udWdzM25LcHlKQmt2eHVJWFM0eUQ1
cnox
uidNumber: 2002
gidNumber: 2002
loginShell: /bin/bash
homeDirectory: /home/admin
# ldap user manager configuration
ldapUserManager:
enabled: true
env:
SERVER_HOSTNAME: "users.example.com"
LDAP_BASE_DN: "dc=example,dc=com"
LDAP_REQUIRE_STARTTLS: "false"
LDAP_ADMINS_GROUP: "ldapadmin"
LDAP_ADMIN_BIND_DN: "cn=admin,dc=example,dc=com"
LDAP_ADMIN_BIND_PWD: "admin@password"
LDAP_IGNORE_CERT_ERRORS: "true"
EMAIL_DOMAIN: ""
NO_HTTPS: "true"
SERVER_PATH: "/users"
ORGANISATION_NAME: "Example"
LDAP_USER_OU: "users"
LDAP_GROUP_OU: "groups"
ACCEPT_WEAK_PASSWORDS: "true"
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
traefik:
enabled: true
service:
type: NodePort
ingressRoute:
dashboard:
enabled: true
matchRule: Host(`localhost`) && PathPrefix(`/api`) || PathPrefix(`/dashboard`)
entryPoints: [web]
ports:
web:
nodePort: 30950
hydra:
enabled: true
maester:
enabled: true
hydra:
dev: true
config:
dsn: memory
urls:
login: http://localhost/authentication/login
consent: http://localhost/consent/consent
logout: http://localhost/authentication/logout
self:
issuer: http://localhost/idp
keto:
enabled: true
keto:
config:
serve:
read:
port: 4466
write:
port: 4467
metrics:
port: 4468
namespaces:
- id: 0
name: open-cloud
dsn: memory
loki:
enabled: true
loki:
auth_enabled: false
commonConfig:
replication_factor: 1
storage:
type: filesystem
filesystem:
chunks_directory: /var/loki/chunks
rules_directory: /var/loki/rules
admin_api_directory: /var/loki/admin
storage_config:
boltdb_shipper:
active_index_directory: /var/loki/index
filesystem:
directory: /var/loki/chunks
limits_config:
allow_structured_metadata: false
schemaConfig:
configs:
- from: "2020-01-01"
store: boltdb-shipper
object_store: filesystem
schema: v11
index:
prefix: index_
period: 24h
ingester:
chunk_encoding: snappy
tracing:
enabled: true
querier:
max_concurrent: 2
deploymentMode: SingleBinary
singleBinary:
extraVolumes:
- name: loki-storage
persistentVolumeClaim:
claimName: loki-pvc
persistence:
enabled: false # Deactivate loki auto provisioning, rely on existing PVC
accessMode: ReadWriteOnce
size: 1Gi
storageClassName: kind-sc
claimName: loki-pvc
extraVolumeMounts:
- name: loki-storage
mountPath: /var/loki
replicas: 1
resources:
limits:
cpu: 3
memory: 4Gi
requests:
cpu: 1
memory: 0.5Gi
extraEnv:
- name: GOMEMLIMIT
value: 3750MiB
chunksCache:
# default is 500MB, with limited memory keep this smaller
writebackSizeLimit: 10MB
# Enable minio for storage
minio:
enabled: false
# Zero out replica counts of other deployment modes
backend:
replicas: 0
read:
replicas: 0
write:
replicas: 0
ingester:
replicas: 0
querier:
replicas: 0
queryFrontend:
replicas: 0
queryScheduler:
replicas: 0
distributor:
replicas: 0
compactor:
replicas: 0
indexGateway:
replicas: 0
bloomCompactor:
replicas: 0
bloomGateway:
replicas: 0
grafana:
enabled: false
argo-workflows:
enabled: true
workflow:
serviceAccount:
create: false
name: argo-workflow
rbac:
create: false # Manual provisioning
controller:
workflowNamespaces: [] #All of them
controller:
workflowDefaults:
spec:
serviceAccountName: argo-workflow
ocAuth:
enabled: true
image: oc/oc-auth:0.0.1
authType: hydra
keto:
adminRole: admin
hydra:
openCloudOauth2ClientSecretName: oc-auth-got-secret
ldap:
bindDn: "cn=admin,dc=example,dc=com"
binPwd: "admin@password"
baseDn: "dc=example,dc=com"
roleBaseDn: "ou=AppRoles,dc=example,dc=com"
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocFront:
enabled: true
image: oc/oc-front:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocWorkspace:
enabled: true
image: oc/oc-workspace:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocShared:
enabled: true
image: oc/oc-shared:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocWorkflow:
enabled: true
image: oc/oc-workflow:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocCatalog:
enabled: true
image: oc/oc-catalog:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocPeer:
enabled: true
image: oc/oc-peer:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocDatacenter:
enabled: true
image: oc/oc-datacenter:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocSchedulerd:
enabled: true
image: oc/oc-schedulerd:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocDiscovery:
enabled: true
image: oc/oc-discovery:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocScheduler:
enabled: true
image: oc/oc-scheduler:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
ocAggregator:
enabled: true
image: oc/oc-aggregator:0.0.1
resources:
limits:
cpu: "128m"
memory: "256Mi"
requests:
cpu: "128m"
memory: "256Mi"
Reference in New Issue View Git Blame Copy Permalink