sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-07 16:01:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(helmfile): Integrate oD EE

Browse Source
This commit is contained in:
Thorsten Roßner
2025-01-27 14:45:01 +01:00
parent 40aa9d0e63
commit 03ec70435c
60 changed files with 754 additions and 160 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
helmfile/apps/collabora/helmfile-child.yaml.gotmpl
View File

@@ -28,17 +28,23 @@ releases:
version: "{{ .Values.charts.collabora.version }}"
values:
- "values.yaml.gotmpl"
{{ range .Values.customization.release.collaboraOnline }}
{{- if (env "OPENDESK_ENTERPRISE") }}
- "values-enterprise.yaml.gotmpl"
{{- end }}
{{- range .Values.customization.release.collaboraOnline }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.collabora.enabled }}
- name: "collabora-controller"
chart: "collabora-controller-repo/{{ .Values.charts.collaboraController.name }}"
version: "{{ .Values.charts.collaboraController.version }}"
values:
{{ range .Values.customization.release.collaboraController }}
{{- if (env "OPENDESK_ENTERPRISE") }}
- "values-coco-enterprise.yaml.gotmpl"
{{- end }}
{{- range .Values.customization.release.collaboraController }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.collaboraController.enabled }}
commonLabels:

2
helmfile/apps/collabora/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

63
helmfile/apps/collabora/values-coco-enterprise.yaml.gotmpl Normal file
View File

@@ -0,0 +1,63 @@
{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
*/}}
---
controller:
enableHashmapParallelization: true
ingressUrl: "https://{{ .Values.global.hosts.collabora }}.{{ .Values.global.domain }}"
namespacedRole: true
# CoolController uses `app.kubernetes.io/name` label to find deployment resource
# openDesk uses `fullnameOverride` in Collabora Deployment that updates `metadata.name` not the `app.kubernetes.io/name`
# Therefore we use the default of `collabora-online` for the `resourceName`
resourceName: "collabora-online"
statsInterval: 2000
watchNamespace: {{ (.Values.collabora.namespace | default .Release.Namespace | quote) }}
documentMigrator:
enabled: true
coolMemoryUtilization: {{ .Values.enterpriseFeatures.collabora.autoscaling.targetMemoryUtilizationPercentage }}
coolMemoryLimit: {{ .Values.resources.collabora.limits.memory }}
leaderElection:
enabled: {{ if gt .Values.replicas.collaboraController 1 }}true{{ else }}false{{ end }}
image:
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.collaboraController.registry }}/{{ .Values.images.collaboraController.repository }}"
tag: {{ .Values.images.collaboraController.tag | quote }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . | quote }}
{{- end }}
ingress:
enabled: {{ .Values.ingress.enabled }}
className: {{ .Values.ingress.ingressClassName | quote }}
hosts:
- host: "{{ .Values.global.hosts.collabora }}.{{ .Values.global.domain }}"
paths:
- path: "/controller"
pathType: "Prefix"
podAnnotations: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsGroup: 2000
runAsUser: 1000
seccompProfile:
type: "RuntimeDefault"
seLinuxOptions:
replicaCount: {{ .Values.replicas.collaboraController }}
resources:
{{ .Values.resources.collaboraController | toYaml | nindent 2 }}
...

15
helmfile/apps/collabora/values-enterprise.yaml.gotmpl Normal file
View File

@@ -0,0 +1,15 @@
{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
*/}}
---
image:
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.collabora.registry }}/{{ .Values.images.collabora.repository }}"
autoscaling:
enabled: {{ .Values.collaboraController.enabled }}
minReplicas: {{ .Values.enterpriseFeatures.collabora.autoscaling.minReplicas }}
maxReplicas: {{ .Values.enterpriseFeatures.collabora.autoscaling.maxReplicas }}
targetMemoryUtilizationPercentage: {{ .Values.enterpriseFeatures.collabora.autoscaling.targetMemoryUtilizationPercentage }}
targetCPUUtilizationPercentage: {{ .Values.enterpriseFeatures.collabora.autoscaling.targetCPUUtilizationPercentage }}
scaleDownDisabled: {{ .Values.enterpriseFeatures.collabora.autoscaling.scaleDownDisabled }}
...

4
helmfile/apps/cryptpad/helmfile-child.yaml.gotmpl
View File

@@ -18,9 +18,9 @@ releases:
version: "{{ .Values.charts.cryptpad.version }}"
values:
- "values.yaml.gotmpl"
{{ range .Values.customization.release.cryptpad }}
{{- range .Values.customization.release.cryptpad }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.cryptpad.enabled }}
commonLabels:

2
helmfile/apps/cryptpad/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

44
helmfile/apps/element/helmfile-child.yaml.gotmpl
View File

@@ -117,9 +117,9 @@ releases:
version: "{{ .Values.charts.element.version }}"
values:
- "values-element.yaml.gotmpl"
{{ range .Values.customization.release.opendeskElement }}
{{- range .Values.customization.release.opendeskElement }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.element.enabled }}
timeout: 900
@@ -128,9 +128,9 @@ releases:
version: "{{ .Values.charts.elementWellKnown.version }}"
values:
- "values-well-known.yaml.gotmpl"
{{ range .Values.customization.release.opendeskWellKnown }}
{{- range .Values.customization.release.opendeskWellKnown }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.element.enabled }}
timeout: 900
@@ -139,9 +139,9 @@ releases:
version: "{{ .Values.charts.synapseWeb.version }}"
values:
- "values-synapse-web.yaml.gotmpl"
{{ range .Values.customization.release.opendeskSynapseWeb }}
{{- range .Values.customization.release.opendeskSynapseWeb }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.element.enabled }}
timeout: 900
@@ -150,9 +150,9 @@ releases:
version: "{{ .Values.charts.synapse.version }}"
values:
- "values-synapse.yaml.gotmpl"
{{ range .Values.customization.release.opendeskSynapse }}
{{- range .Values.customization.release.opendeskSynapse }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.element.enabled }}
timeout: 900
@@ -217,9 +217,9 @@ releases:
chart: "synapse-admin-repo/{{ .Values.charts.synapseAdmin.name }}"
version: "{{ .Values.charts.synapseAdmin.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseAdmin }}
{{- range .Values.customization.release.opendeskSynapseAdmin }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementAdmin.enabled }}
timeout: 900
@@ -227,9 +227,9 @@ releases:
chart: "synapse-create-account-repo/{{ .Values.charts.synapseCreateAccount.name }}"
version: "{{ .Values.charts.synapseCreateAccount.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseAdminbotBootstrap }}
{{- range .Values.customization.release.opendeskSynapseAdminbotBootstrap }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementAdmin.enabled }}
timeout: 900
@@ -237,9 +237,9 @@ releases:
chart: "synapse-pipe-repo/{{ .Values.charts.synapsePipe.name }}"
version: "{{ .Values.charts.synapsePipe.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseAdminbotPipe }}
{{- range .Values.customization.release.opendeskSynapseAdminbotPipe }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementAdmin.enabled }}
timeout: 900
@@ -247,9 +247,9 @@ releases:
chart: "synapse-adminbot-web-repo/{{ .Values.charts.synapseAdminbotWeb.name }}"
version: "{{ .Values.charts.synapseAdminbotWeb.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseAdminbotWeb }}
{{- range .Values.customization.release.opendeskSynapseAdminbotWeb }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementAdmin.enabled }}
timeout: 900
@@ -257,9 +257,9 @@ releases:
chart: "synapse-create-account-repo/{{ .Values.charts.synapseCreateAccount.name }}"
version: "{{ .Values.charts.synapseCreateAccount.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseAuditbotBootstrap }}
{{- range .Values.customization.release.opendeskSynapseAuditbotBootstrap }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementAdmin.enabled }}
timeout: 900
@@ -267,9 +267,9 @@ releases:
chart: "synapse-pipe-repo/{{ .Values.charts.synapsePipe.name }}"
version: "{{ .Values.charts.synapsePipe.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseAuditbotPipe }}
{{- range .Values.customization.release.opendeskSynapseAuditbotPipe }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementAdmin.enabled }}
timeout: 900
@@ -277,9 +277,9 @@ releases:
chart: "synapse-groupsync-repo/{{ .Values.charts.synapseGroupsync.name }}"
version: "{{ .Values.charts.synapseGroupsync.version }}"
values:
{{ range .Values.customization.release.opendeskSynapseGroupsync }}
{{- range .Values.customization.release.opendeskSynapseGroupsync }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.elementGroupsync.enabled }}
timeout: 900

2
helmfile/apps/element/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

4
helmfile/apps/jitsi/helmfile-child.yaml.gotmpl
View File

@@ -18,9 +18,9 @@ releases:
version: "{{ .Values.charts.jitsi.version }}"
values:
- "values-jitsi.yaml.gotmpl"
{{ range .Values.customization.release.jitsi }}
{{- range .Values.customization.release.jitsi }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.jitsi.enabled }}
timeout: 900

2
helmfile/apps/jitsi/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

14
helmfile/apps/nextcloud/helmfile-child.yaml.gotmpl
View File

@@ -25,9 +25,12 @@ releases:
version: "{{ .Values.charts.nextcloudManagement.version }}"
values:
- "values-nextcloud-mgmt.yaml.gotmpl"
{{ range .Values.customization.release.opendeskNextcloudManagement }}
{{- if (env "OPENDESK_ENTERPRISE") }}
- "values-nextcloud-mgmt-enterprise.yaml.gotmpl"
{{- end }}
{{- range .Values.customization.release.opendeskNextcloudManagement }}
- {{ . }}
{{ end }}
{{- end }}
waitForJobs: true
wait: true
installed: {{ .Values.nextcloud.enabled }}
@@ -37,9 +40,12 @@ releases:
version: "{{ .Values.charts.nextcloud.version }}"
values:
- "values-nextcloud.yaml.gotmpl"
{{ range .Values.customization.release.opendeskNextcloud }}
{{- if (env "OPENDESK_ENTERPRISE") }}
- "values-nextcloud-enterprise.yaml.gotmpl"
{{- end }}
{{- range .Values.customization.release.opendeskNextcloud }}
- {{ . }}
{{ end }}
{{- end }}
needs:
- "opendesk-nextcloud-management"
installed: {{ .Values.nextcloud.enabled }}

2
helmfile/apps/nextcloud/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

9
helmfile/apps/nextcloud/values-nextcloud-enterprise.yaml.gotmpl Normal file
View File

@@ -0,0 +1,9 @@
{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
*/}}
---
aio:
image:
registry: {{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.nextcloud.registry | quote }}
...

12
helmfile/apps/nextcloud/values-nextcloud-mgmt-enterprise.yaml.gotmpl Normal file
View File

@@ -0,0 +1,12 @@
{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
*/}}
---
image:
registry: {{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.nextcloud.registry | quote }}
configuration:
enterprise:
subscriptionKey: {{ if .Values.enterpriseKeys.nextcloud.subscriptionKey }}{{ .Values.enterpriseKeys.nextcloud.subscriptionKey | quote }}{{ end }}
subscriptionData: {{ if .Values.enterpriseKeys.nextcloud.subscriptionData}}{{ .Values.enterpriseKeys.nextcloud.subscriptionData | quote }}{{ end }}
...

4
helmfile/apps/notes/helmfile-child.yaml.gotmpl
View File

@@ -19,9 +19,9 @@ releases:
wait: true
values:
- "values.yaml.gotmpl"
{{ range .Values.customization.release.notes }}
{{- range .Values.customization.release.notes }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.notes.enabled }}
timeout: 1800

2
helmfile/apps/notes/helmfile.yaml.gotmpl
View File

@@ -2,7 +2,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

16
helmfile/apps/nubus/helmfile-child.yaml.gotmpl
View File

@@ -44,9 +44,9 @@ releases:
version: "{{ .Values.charts.nubus.version }}"
values:
- "values-nubus.yaml.gotmpl"
{{ range .Values.customization.release.ums }}
{{- range .Values.customization.release.ums }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.nubus.enabled }}
timeout: 900
# Intercom-Service
@@ -55,9 +55,9 @@ releases:
version: "{{ .Values.charts.intercomService.version }}"
values:
- "values-intercom-service.yaml.gotmpl"
{{ range .Values.customization.release.intercomService }}
{{- range .Values.customization.release.intercomService }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.nubus.enabled }}
# openDesk Keycloak Bootstrap Chart
@@ -66,9 +66,9 @@ releases:
version: "{{ .Values.charts.opendeskKeycloakBootstrap.version }}"
values:
- "values-opendesk-keycloak-bootstrap.yaml.gotmpl"
{{ range .Values.customization.release.opendeskKeycloakBootstrap }}
{{- range .Values.customization.release.opendeskKeycloakBootstrap }}
- {{ . }}
{{ end }}
{{- end }}
needs:
- "ums"
installed: {{ .Values.nubus.enabled }}
@@ -80,9 +80,9 @@ releases:
version: "{{ .Values.charts.nginxS3Gateway.version }}"
values:
- "values-nginx-s3-gateway.yaml.gotmpl"
{{ range .Values.customization.release.nginxS3Gateway }}
{{- range .Values.customization.release.nginxS3Gateway }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ not .Values.minio.enabled }}
timeout: 900

2
helmfile/apps/nubus/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

2
helmfile/apps/nubus/values-nubus.yaml.gotmpl
View File

@@ -1151,7 +1151,7 @@ nubusStackDataUms:
portaltileGroupNotes:
- 'cn=managed-by-attribute-Notes,cn=groups,{{ .Values.ldap.baseDn }}'
systemInformation:
releaseVersion: "Release: {{ .Values.global.systemInformation.releaseVersion }}"
releaseVersion: "Release: {{ .Values.global.systemInformation.releaseVersion }}{{ if (env "OPENDESK_ENTERPRISE") }}-ee{{ end }}"
{{- if .Values.functional.admin.portal.deploymentTimestamp.enabled }}
deployDate: "Deployed: {{ now | date "2006-01-02T15:04:05-0700" }}"
{{- else }}

21
helmfile/apps/open-xchange/helmfile-child.yaml.gotmpl
View File

@@ -45,9 +45,9 @@ releases:
version: "{{ .Values.charts.dovecot.version }}"
values:
- "values-dovecot.yaml.gotmpl"
{{ range .Values.customization.release.dovecot }}
{{- range .Values.customization.release.dovecot }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.dovecot.enabled }}
timeout: 900
@@ -56,10 +56,13 @@ releases:
version: "{{ .Values.charts.oxAppSuite.version }}"
values:
- "values-openxchange.yaml.gotmpl"
- "values-openxchange-enterprise-contact-picker.yaml.gotmpl"
{{ range .Values.customization.release.openxchange }}
- "values-openxchange-contact-picker.yaml.gotmpl"
{{- if (env "OPENDESK_ENTERPRISE") }}
- "values-openxchange-enterprise.yaml.gotmpl"
{{- end }}
{{- range .Values.customization.release.openxchange }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.oxAppSuite.enabled }}
timeout: 900
@@ -68,9 +71,9 @@ releases:
version: "{{ .Values.charts.oxAppSuiteBootstrap.version }}"
values:
- "values-openxchange-bootstrap.yaml.gotmpl"
{{ range .Values.customization.release.opendeskOpenxchangeBootstrap }}
{{- range .Values.customization.release.opendeskOpenxchangeBootstrap }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.oxAppSuite.enabled }}
timeout: 900
@@ -79,9 +82,9 @@ releases:
version: "{{ .Values.charts.oxConnector.version }}"
values:
- "values-oxconnector.yaml.gotmpl"
{{ range .Values.customization.release.oxConnector }}
{{- range .Values.customization.release.oxConnector }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.oxAppSuite.enabled }}
needs:
- "open-xchange"

2
helmfile/apps/open-xchange/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

0
helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.yaml.gotmpl → helmfile/apps/open-xchange/values-openxchange-contact-picker.yaml.gotmpl
View File

19
helmfile/apps/open-xchange/values-openxchange-enterprise.yaml.gotmpl Normal file
View File

@@ -0,0 +1,19 @@
{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
*/}}
---
appsuite:
plugins-ui:
enabled: false
core-mw:
global:
extras:
monitoring:
enabled: true
image:
registry: {{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.openxchangeCoreMW.registry | quote }}
update:
image:
registry: {{ coalesce .Values.repositories.image.registryOpencodeDeEnterprise .Values.global.imageRegistry .Values.images.openxchangeCoreMW.registry | quote }}
...

4
helmfile/apps/opendesk-migrations-post/helmfile-child.yaml.gotmpl
View File

@@ -21,9 +21,9 @@ releases:
values:
- "values.yaml.gotmpl"
- "../../shared/migrations.yaml.gotmpl"
{{ range .Values.customization.release.migrationsPost }}
{{- range .Values.customization.release.migrationsPost }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.migrations.enabled }}
timeout: 900

2
helmfile/apps/opendesk-migrations-post/helmfile.yaml.gotmpl
View File

@@ -2,7 +2,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

4
helmfile/apps/opendesk-migrations-pre/helmfile-child.yaml.gotmpl
View File

@@ -21,9 +21,9 @@ releases:
values:
- "values.yaml.gotmpl"
- "../../shared/migrations.yaml.gotmpl"
{{ range .Values.customization.release.migrationsPre }}
{{- range .Values.customization.release.migrationsPre }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.migrations.enabled }}
timeout: 900

2
helmfile/apps/opendesk-migrations-pre/helmfile.yaml.gotmpl
View File

@@ -2,7 +2,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

4
helmfile/apps/opendesk-openproject-bootstrap/helmfile-child.yaml.gotmpl
View File

@@ -20,9 +20,9 @@ releases:
waitForJobs: true
values:
- "values.yaml.gotmpl"
{{ range .Values.customization.release.opendeskOpenprojectBootstrap }}
{{- range .Values.customization.release.opendeskOpenprojectBootstrap }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.openproject.enabled }}
timeout: 900

2
helmfile/apps/opendesk-openproject-bootstrap/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

24
helmfile/apps/opendesk-services/helmfile-child.yaml.gotmpl
View File

@@ -68,9 +68,9 @@ releases:
version: "{{ .Values.charts.otterize.version }}"
values:
- "values-otterize.yaml.gotmpl"
{{ range .Values.customization.release.opendeskOtterize }}
{{- range .Values.customization.release.opendeskOtterize }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.security.otterizeIntents.enabled }}
timeout: 900
@@ -79,9 +79,9 @@ releases:
version: "{{ .Values.charts.home.version }}"
values:
- "values-home.yaml.gotmpl"
{{ range .Values.customization.release.opendeskHome }}
{{- range .Values.customization.release.opendeskHome }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.home.enabled }}
- name: "opendesk-certificates"
@@ -89,9 +89,9 @@ releases:
version: "{{ .Values.charts.certificates.version }}"
values:
- "values-certificates.yaml.gotmpl"
{{ range .Values.customization.release.opendeskCertificates }}
{{- range .Values.customization.release.opendeskCertificates }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.certificates.enabled }}
timeout: 900
@@ -100,9 +100,9 @@ releases:
version: "{{ .Values.charts.opendeskAlerts.version }}"
values:
- "values-opendesk-alerts.yaml.gotmpl"
{{ range .Values.customization.release.opendeskAlerts}}
{{- range .Values.customization.release.opendeskAlerts }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.monitoring.prometheus.prometheusRules.enabled }}
timeout: 900
@@ -111,7 +111,9 @@ releases:
version: "{{ .Values.charts.opendeskDashboards.version }}"
values:
- "values-opendesk-dashboards.yaml.gotmpl"
- {{ .Values.customization.release.opendeskDashboards | default "additionalValues: false" }}
{{- range .Values.customization.release.opendeskDashboards }}
- {{ . }}
{{- end }}
installed: {{ .Values.monitoring.grafana.dashboards.enabled }}
timeout: 900
@@ -120,7 +122,9 @@ releases:
version: "{{ .Values.charts.opendeskStaticFiles.version }}"
values:
- "values-opendesk-static-files.yaml.gotmpl"
- {{ .Values.customization.release.opendeskStaticFiles | default "additionalValues: false" }}
{{- range .Values.customization.release.opendeskStaticFiles }}
- {{ . }}
{{- end }}
installed: {{ .Values.staticFiles.enabled }}
timeout: 900

2
helmfile/apps/opendesk-services/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

4
helmfile/apps/openproject/helmfile-child.yaml.gotmpl
View File

@@ -20,9 +20,9 @@ releases:
waitForJobs: true
values:
- "values.yaml.gotmpl"
{{ range .Values.customization.release.openproject }}
{{- range .Values.customization.release.openproject }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.openproject.enabled }}
timeout: 1800

2
helmfile/apps/openproject/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

3
helmfile/apps/openproject/values.yaml.gotmpl
View File

@@ -38,6 +38,9 @@ dbInit:
{{ .Values.resources.openprojectDbInit | toYaml | nindent 4 }}
environment:
{{- if and (env "OPENDESK_ENTERPRISE") .Values.enterpriseKeys.openproject.token }}
OPENPROJECT_ENTERPRISE__TOKEN: {{ .Values.enterpriseKeys.openproject.token | quote }}
{{- end }}
# For more details and more options see
# https://www.openproject.org/docs/installation-and-operations/configuration/environment/
OPENPROJECT_APP__TITLE: "Projekte - {{ .Values.theme.texts.productName }}"

41
helmfile/apps/services-external/helmfile-child.yaml.gotmpl
View File

@@ -100,9 +100,9 @@ releases:
version: "{{ .Values.charts.redis.version }}"
values:
- "values-redis.yaml.gotmpl"
{{ range .Values.customization.release.redis }}
{{- range .Values.customization.release.redis }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.redis.enabled }}
timeout: 900
@@ -111,9 +111,9 @@ releases:
version: "{{ .Values.charts.memcached.version }}"
values:
- "values-memcached.yaml.gotmpl"
{{ range .Values.customization.release.memcached }}
{{- range .Values.customization.release.memcached }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.memcached.enabled }}
timeout: 900
@@ -122,9 +122,9 @@ releases:
version: "{{ .Values.charts.postgresql.version }}"
values:
- "values-postgresql.yaml.gotmpl"
{{ range .Values.customization.release.postgresql }}
{{- range .Values.customization.release.postgresql }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.postgresql.enabled }}
timeout: 900
@@ -133,9 +133,9 @@ releases:
version: "{{ .Values.charts.mariadb.version }}"
values:
- "values-mariadb.yaml.gotmpl"
{{ range .Values.customization.release.mariadb }}
{{- range .Values.customization.release.mariadb }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.mariadb.enabled }}
timeout: 900
@@ -144,9 +144,9 @@ releases:
version: "{{ .Values.charts.postfix.version }}"
values:
- "values-postfix.yaml.gotmpl"
{{ range .Values.customization.release.postfix }}
{{- range .Values.customization.release.postfix }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.postfix.enabled }}
timeout: 900
@@ -155,9 +155,9 @@ releases:
version: "{{ .Values.charts.dkimpy.version }}"
values:
- "values-dkimpy.yaml.gotmpl"
{{ range .Values.customization.release.opendeskDkimpyMilter }}
{{- range .Values.customization.release.opendeskDkimpyMilter }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.dkimpy.enabled }}
timeout: 900
@@ -166,9 +166,9 @@ releases:
version: "{{ .Values.charts.clamav.version }}"
values:
- "values-clamav-distributed.yaml.gotmpl"
{{ range .Values.customization.release.clamav }}
{{- range .Values.customization.release.clamav }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.clamavDistributed.enabled }}
timeout: 900
@@ -177,9 +177,9 @@ releases:
version: "{{ .Values.charts.clamavSimple.version }}"
values:
- "values-clamav-simple.yaml.gotmpl"
{{ range .Values.customization.release.clamavSimple }}
{{- range .Values.customization.release.clamavSimple }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.clamavSimple.enabled }}
timeout: 900
@@ -188,9 +188,9 @@ releases:
version: "{{ .Values.charts.minio.version }}"
values:
- "values-minio.yaml.gotmpl"
{{ range .Values.customization.release.minio }}
{{- range .Values.customization.release.minio }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.minio.enabled }}
timeout: 900
@@ -199,9 +199,10 @@ releases:
chart: "cassandra-repo/{{ .Values.charts.cassandra.name }}"
version: "{{ .Values.charts.cassandra.version }}"
values:
{{ range .Values.customization.release.cassandra }}
- "values-cassandra.yaml.gotmpl"
{{- range .Values.customization.release.cassandra }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.cassandra.enabled }}
timeout: 900

2
helmfile/apps/services-external/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

98
helmfile/apps/services-external/values-cassandra.yaml.gotmpl Normal file
View File

@@ -0,0 +1,98 @@
{{/*
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
SPDX-License-Identifier: Apache-2.0
*/}}
---
containerSecurityContext:
enabled: true
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
seccompProfile:
type: "RuntimeDefault"
seLinuxOptions:
{{ .Values.seLinuxOptions.cassandra | toYaml | nindent 4 }}
dbUser:
user: "root"
password: {{ .Values.secrets.cassandra.rootPassword | quote }}
global:
imagePullSecrets:
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
image:
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.cassandra.registry | quote }}
repository: {{ .Values.images.cassandra.repository | quote }}
tag: {{ .Values.images.cassandra.tag | quote }}
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
initDB:
initUserData.cql: >
CREATE KEYSPACE IF NOT EXISTS {{ .Values.databases.dovecot.name | quote }} WITH REPLICATION = { 'class' : 'SimpleStrategy', 'replication_factor' : 1 };
CREATE ROLE IF NOT EXISTS {{ .Values.databases.dovecot.username | quote }};
ALTER ROLE {{ .Values.databases.dovecot.username | quote }} WITH PASSWORD = {{ regexReplaceAll "'" .Values.secrets.cassandra.dovecotUser "''" | squote }} AND LOGIN = true;
GRANT ALL ON KEYSPACE {{ .Values.databases.dovecot.name | quote }} TO {{ .Values.databases.dovecot.username | quote }};
# Will print a warning if unset but is automatically calculated:
jvm:
maxHeapSize: ""
newHeapSize: ""
livenessProbe:
enabled: true
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 30
successThreshold: 1
failureThreshold: 5
metrics:
enabled: false
image:
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.cassandraExporter.registry | quote }}
repository: {{ .Values.images.cassandraExporter.repository | quote }}
tag: {{ .Values.images.cassandraExporter.tag | quote }}
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
persistence:
commitLogsize: {{ .Values.persistence.storages.cassandra.commitLogsize | quote }}
size: {{ .Values.persistence.storages.cassandra.size | quote }}
storageClass: {{ coalesce .Values.persistence.storages.cassandra.storageClassName .Values.persistence.storageClassNames.RWO | quote }}
podAnnotations: {}
podSecurityContext:
enabled: true
fsGroup: 1001
fsGroupChangePolicy: "Always"
supplementalGroups: []
sysctls: []
readinessProbe:
enabled: true
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 30
successThreshold: 1
failureThreshold: 5
replicaCount: {{ .Values.replicas.cassandra }}
resources:
{{ .Values.resources.cassandra | toYaml | nindent 2 }}
startupProbe:
enabled: false
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 60
...

6
helmfile/apps/xwiki/helmfile-child.yaml.gotmpl
View File

@@ -11,7 +11,7 @@ repositories:
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
oci: true
url: "{{ .Values.global.helmRegistry | default .Values.charts.xwiki.registry }}/{{ .Values.charts.xwiki.repository }}"
releases:
- name: "xwiki"
chart: "xwiki-repo/{{ .Values.charts.xwiki.name }}"
@@ -19,9 +19,9 @@ releases:
wait: true
values:
- "values.yaml.gotmpl"
{{ range .Values.customization.release.xwiki }}
{{- range .Values.customization.release.xwiki }}
- {{ . }}
{{ end }}
{{- end }}
installed: {{ .Values.xwiki.enabled }}
timeout: 1800

2
helmfile/apps/xwiki/helmfile.yaml.gotmpl
View File

@@ -3,7 +3,7 @@
# SPDX-License-Identifier: Apache-2.0
---
bases:
- "../../bases/environments.yaml"
- "../../bases/environments.yaml.gotmpl"
---
helmfiles:
- path: "./helmfile-child.yaml.gotmpl"

10
helmfile/apps/xwiki/values.yaml.gotmpl
View File

@@ -17,12 +17,15 @@ image:
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
imagePullSecrets: {{ .Values.global.imagePullSecrets }}
{{- if .Values.certificate.selfSigned }}
javaOpts:
{{- if and (env "OPENDESK_ENTERPRISE") .Values.enterprise.xwiki.opendeskEnterpriseLicense .Values.enterprise.xwiki.proApplicationslicense }}
- "-Dlicenses={{ .Values.enterpriseKeys.xwiki.opendeskEnterpriseLicense }},{{ .Values.enterpriseKeys.xwiki.proApplicationslicense }}"
{{- end }}
{{- if .Values.certificate.selfSigned }}
- "-Djavax.net.ssl.trustStore=/etc/ssl/certs/truststore.jks"
- "-Djavax.net.ssl.trustStoreType=jks"
- {{ printf "%s=%s" "-Djavax.net.ssl.trustStorePassword" .Values.secrets.certificates.password | quote }}
{{- end }}
{{- end }}
externalDB:
{{- if eq .Values.databases.xwiki.type "mariadb" }}
@@ -83,6 +86,9 @@ customConfigs:
xwiki.authentication.ldap.fields_mapping: "last_name=sn,first_name=givenName,email=mailPrimaryAddress"
xwiki.properties:
{{- if (env "OPENDESK_ENTERPRISE") }}
distribution.defaultUI: "com.xwiki.projects.swp:xwiki-swp-flavor-enterprise-main"
{{- end }}
wikiInitializer.initialRequest.xwiki.url: "https://{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}/distribution/"
wikiInitializer.initialRequest.xwiki.contextPath: "/"
wikiInitializer.initialRequest.xwiki.remoteAddress: "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"