fix(helmfile): Move ldap host variable into helpers

2025-12-06 23:41:43 +01:00 · 2023-11-09 07:44:46 -06:00
parent 69ea840517
commit 08811decd9
12 changed files with 21 additions and 17 deletions
--- a/helmfile/apps/keycloak/values-keycloak.gotmpl
+++ b/helmfile/apps/keycloak/values-keycloak.gotmpl
@@ -34,7 +34,7 @@ keycloakConfigCli:
    - name: "LDAP_USERS_DN"
      value: "cn=users,dc=swp-ldap,dc=internal"
    - name: "LDAP_SERVER_URL"
-      value: {{ .Values.global.ldap.host | quote }}
+      value: {{ .Values.ldap.host | quote }}
    - name: "IDENTIFIER"
      value: "souvap"
    - name: "THEME"
--- a/helmfile/apps/nextcloud/values-bootstrap.gotmpl
+++ b/helmfile/apps/nextcloud/values-bootstrap.gotmpl
@@ -36,7 +36,7 @@ config:
    password: {{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser | quote }}

  ldapSearch:
-    host: {{ .Values.global.ldap.host | quote }}
+    host: {{ .Values.ldap.host | quote }}
    password: {{ .Values.secrets.univentionCorporateServer.ldapSearch.nextcloud | quote }}

  smtp:
--- a/helmfile/apps/open-xchange/values-dovecot.gotmpl
+++ b/helmfile/apps/open-xchange/values-dovecot.gotmpl
@@ -19,7 +19,7 @@ dovecot:
  password: {{ .Values.secrets.dovecot.doveadm | quote }}
  ldap:
    dn: "uid=ldapsearch_dovecot,cn=users,dc=swp-ldap,dc=internal"
-    host: {{ .Values.global.ldap.host | quote }}
+    host: {{ .Values.ldap.host | quote }}
    password: {{ .Values.secrets.univentionCorporateServer.ldapSearch.dovecot | quote }}
  oidc:
    introspectionURL: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/token/introspect"
--- a/helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.gotmpl
+++ b/helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.gotmpl
@@ -10,7 +10,7 @@ appsuite:
        contactsLdapClient:
          pool:
            host:
-              address: {{ .Values.global.ldap.host | quote }}
+              address: {{ .Values.ldap.host | quote }}
              port: 389
          auth:
            adminDN:
--- a/helmfile/apps/open-xchange/values-openxchange.gotmpl
+++ b/helmfile/apps/open-xchange/values-openxchange.gotmpl
@@ -83,7 +83,7 @@ appsuite:
    propertiesFiles:
      "/opt/open-xchange/etc/ldapauth.properties":
        bindDNPassword: {{ .Values.secrets.univentionCorporateServer.ldapSearch.ox | quote }}
-        java.naming.provider.url: "ldap://{{ .Values.global.ldap.host }}:389/dc=swp-ldap,dc=internal"
+        java.naming.provider.url: "ldap://{{ .Values.ldap.host }}:389/dc=swp-ldap,dc=internal"
    uiSettings:
      "io.ox.nextcloud//server": "https://{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}/fs/"
      "io.ox.public-sector//ics/url": "https://{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}/"
--- a/helmfile/apps/openproject/values.gotmpl
+++ b/helmfile/apps/openproject/values.gotmpl
@@ -62,7 +62,7 @@ environment:
  OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}"
  OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/logout"
  # Details: https://www.openproject-edge.com/docs/installation-and-operations/configuration/#seeding-ldap-connections
-  OPENPROJECT_SEED_LDAP_OPENDESK_HOST: {{ .Values.global.ldap.host | quote }}
+  OPENPROJECT_SEED_LDAP_OPENDESK_HOST: {{ .Values.ldap.host | quote }}
  OPENPROJECT_SEED_LDAP_OPENDESK_PORT: "389"
  OPENPROJECT_SOUVAP__NAVIGATION__SECRET: {{ .Values.secrets.centralnavigation.apiKey | quote }}
  OPENPROJECT_SOUVAP__NAVIGATION__URL: "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}/univention/portal/navigation.json?base=https%3A//{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}"
--- a/helmfile/apps/provisioning/values-oxconnector.gotmpl
+++ b/helmfile/apps/provisioning/values-oxconnector.gotmpl
@@ -19,8 +19,8 @@ persistence:

 oxConnector:
  domainName: {{ .Values.global.domain | quote }}
-  ldapHost: {{ .Values.global.ldap.host | quote }}
-  notifierServer: {{ .Values.global.ldap.notifierHost | quote }}
+  ldapHost: {{ .Values.ldap.host | quote }}
+  notifierServer: {{ .Values.ldap.notifierHost | quote }}
  #oxMasterAdmin: "(( .Values.appsuite.core-mw.masterAdmin ))"
  oxMasterAdmin: "admin"
  oxMasterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }}
--- a/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl
@@ -13,7 +13,7 @@ portalListener:
  umcSessionUrl: "http://ums-umc-server/get/session-info"

  ldapBaseDn: "dc=swp-ldap,dc=internal"
-  ldapHost: "{{ .Values.global.ldap.host }}"
+  ldapHost: "{{ .Values.ldap.host }}"
  ldapHostDn: "cn=admin,dc=swp-ldap,dc=internal"
  ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
  machineSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
--- a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl
+++ b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl
@@ -13,7 +13,7 @@ stackDataContext:
  domainname: "{{ .Values.global.domain }}"
  externalMailDomain: "{{ .Values.global.domain }}"
  hostname: "{{ .Values.global.hosts.univentionManagementStack }}"
-  ldapHost: "{{ .Values.global.ldap.host }}"
+  ldapHost: "{{ .Values.ldap.host }}"
  ldapBase: "dc=swp-ldap,dc=internal"
  # TODO: This should not be required, the machine account is not there
  # ldapHostDn: cn=stub-value,cn=dc,cn=computers,dc=swp-ldap,dc=internal
--- a/helmfile/apps/xwiki/values.gotmpl
+++ b/helmfile/apps/xwiki/values.gotmpl
@@ -18,7 +18,7 @@ customConfigs:
  "xwiki.cfg":
    "xwiki.superadminpassword": {{ .Values.secrets.xwiki.superadminpassword | quote }}
    ## LDAP Server configuration
-    xwiki.authentication.ldap.server: {{ .Values.global.ldap.host | quote }}
+    xwiki.authentication.ldap.server: {{ .Values.ldap.host | quote }}
    xwiki.authentication.ldap.port: 389
    ## Authentication to the LDAP server
    xwiki.authentication.ldap.bind_DN: "uid=ldapsearch_xwiki,cn=users,dc=swp-ldap,dc=internal"
--- a/helmfile/environments/default/_helper.gotmpl
+++ b/helmfile/environments/default/_helper.gotmpl
@@ -0,0 +1,10 @@
+{{/*
+SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
+SPDX-License-Identifier: Apache-2.0
+*/}}
+---
+## Define LDAP service (supports "ums_eval" from the CI pipeline)
+ldap:
+  host: {{ if eq (env "DEPLOY_UCS") "ums-eval" }} "ums-ldap-server" {{ else }} "univention-corporate-container" {{ end }}
+  notifierHost: {{ if eq (env "DEPLOY_UCS") "ums-eval" }} "ums-ldap-notifier" {{ else }} "univention-corporate-container" {{ end }}
+...
--- a/helmfile/environments/default/global.gotmpl
+++ b/helmfile/environments/default/global.gotmpl
@@ -11,12 +11,6 @@ global:
  #
  domain: {{ env "DOMAIN" | default "souvap.cloud" | quote }}

-
-  ## Define LDAP service (supports "ums_eval" from the CI pipeline)
-  ldap:
-    host: {{ if eq (env "DEPLOY_UCS") "ums-eval" }} "ums-ldap-server" {{ else }} "univention-corporate-container" {{ end }}
-    notifierHost: {{ if eq (env "DEPLOY_UCS") "ums-eval" }} "ums-ldap-notifier" {{ else }} "univention-corporate-container" {{ end }}
-
  ## Define docker registry address.
  #
  imageRegistry: {{ env "PRIVATE_IMAGE_REGISTRY_URL" | default "external-registry.souvap-univention.de/sovereign-workplace" | quote }}