diff --git a/helmfile/apps/univention-management-stack/helmfile.yaml b/helmfile/apps/univention-management-stack/helmfile.yaml index 57c82c95..5e5515c5 100644 --- a/helmfile/apps/univention-management-stack/helmfile.yaml +++ b/helmfile/apps/univention-management-stack/helmfile.yaml @@ -35,6 +35,7 @@ releases: - "values-common.gotmpl" - "values-common.yaml" - "values-ldap-notifier.gotmpl" + - "values-ldap-notifier.yaml" condition: "univentionManagementStack.enabled" - name: "ums-udm-rest-api" chart: "univention/udm-rest-api" @@ -75,6 +76,7 @@ releases: - "values-common.gotmpl" - "values-common.yaml" - "values-notifications-api.gotmpl" + - "values-notifications-api.yaml" condition: "univentionManagementStack.enabled" - name: "ums-portal-listener" chart: "univention/portal-listener" @@ -83,6 +85,7 @@ releases: - "values-common.gotmpl" - "values-common.yaml" - "values-portal-listener.gotmpl" + - "values-portal-listener.yaml" condition: "univentionManagementStack.enabled" - name: "ums-portal-frontend" chart: "univention/portal-frontend" @@ -99,6 +102,7 @@ releases: - "values-common.gotmpl" - "values-common.yaml" - "values-umc-gateway.gotmpl" + - "values-umc-gateway.yaml" condition: "univentionManagementStack.enabled" - name: "ums-umc-server" chart: "univention/umc-server" diff --git a/helmfile/apps/univention-management-stack/values-common.gotmpl b/helmfile/apps/univention-management-stack/values-common.gotmpl index 69e50241..6e44f8f5 100644 --- a/helmfile/apps/univention-management-stack/values-common.gotmpl +++ b/helmfile/apps/univention-management-stack/values-common.gotmpl @@ -8,3 +8,7 @@ ingress: enabled: {{ .Values.ingress.enabled }} host: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}" ingressClassName: "{{ .Values.ingress.ingressClassName }}" + tls: + # The TLS configuration is on the "master" Ingress, see "portal-frontend" + enabled: false + secretName: "" diff --git a/helmfile/apps/univention-management-stack/values-common.yaml b/helmfile/apps/univention-management-stack/values-common.yaml index 069ba816..a090def8 100644 --- a/helmfile/apps/univention-management-stack/values-common.yaml +++ b/helmfile/apps/univention-management-stack/values-common.yaml @@ -1,14 +1,6 @@ -{{/* -SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" -SPDX-License-Identifier: Apache-2.0 -*/}} +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 --- -ingress: - tls: - # The TLS configuration is on the "master" Ingress, see "portal-frontend" - enabled: false - secretName: "" - istio: enabled: false diff --git a/helmfile/apps/univention-management-stack/values-ldap-notifier.yaml b/helmfile/apps/univention-management-stack/values-ldap-notifier.yaml index 14e0ee35..060a373a 100644 --- a/helmfile/apps/univention-management-stack/values-ldap-notifier.yaml +++ b/helmfile/apps/univention-management-stack/values-ldap-notifier.yaml @@ -1,7 +1,5 @@ -{{/* -SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" -SPDX-License-Identifier: Apache-2.0 -*/}} +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 --- volumes: diff --git a/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl b/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl index 5e619ab4..2c8d45dd 100644 --- a/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl +++ b/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl @@ -3,14 +3,6 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze SPDX-License-Identifier: Apache-2.0 */}} --- -notificationsapi: - apply_database_migrations: "True" - dev_mode: "False" - environment: "staging" - log_level: "DEBUG" - sql_echo: "False" - api_prefix: "/univention/portal/notifications-api" - postgresql: bundled: false connection: diff --git a/helmfile/apps/univention-management-stack/values-notifications-api.yaml b/helmfile/apps/univention-management-stack/values-notifications-api.yaml new file mode 100644 index 00000000..46aa5731 --- /dev/null +++ b/helmfile/apps/univention-management-stack/values-notifications-api.yaml @@ -0,0 +1,12 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- +notificationsapi: + apply_database_migrations: "True" + dev_mode: "False" + environment: "staging" + log_level: "DEBUG" + sql_echo: "False" + api_prefix: "/univention/portal/notifications-api" + +... diff --git a/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl b/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl index fc84ba60..ef7b73c8 100644 --- a/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl +++ b/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl @@ -3,9 +3,6 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze SPDX-License-Identifier: Apache-2.0 */}} --- -portalFrontend: - environment: "staging" - log_level: "INFO" image: registry: "{{ .Values.global.imageRegistry }}" diff --git a/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl b/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl index 87ed5969..1158fb34 100644 --- a/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl +++ b/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl @@ -46,7 +46,4 @@ resources: resourcesDependencyWaiter: {{ .Values.resources.umsPortalListenerDependencies | toYaml | nindent 2 }} -store-dav: - bundled: false - ... diff --git a/helmfile/apps/univention-management-stack/values-portal-listener.yaml b/helmfile/apps/univention-management-stack/values-portal-listener.yaml new file mode 100644 index 00000000..6b0d060d --- /dev/null +++ b/helmfile/apps/univention-management-stack/values-portal-listener.yaml @@ -0,0 +1,8 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- + +store-dav: + bundled: false + +... diff --git a/helmfile/apps/univention-management-stack/values-store-dav.gotmpl b/helmfile/apps/univention-management-stack/values-store-dav.gotmpl index 6858104b..4b791d47 100644 --- a/helmfile/apps/univention-management-stack/values-store-dav.gotmpl +++ b/helmfile/apps/univention-management-stack/values-store-dav.gotmpl @@ -21,6 +21,7 @@ image: configHtpasswd: registry: "{{ .Values.global.imageRegistry }}" repository: "{{ .Values.images.umsConfigHtpasswd.repository }}" + pullPolicy: "Always" pullPolicy: "{{ .Values.global.imagePullPolicy }}" tag: "{{ .Values.images.umsConfigHtpasswd.tag }}" pullSecrets: diff --git a/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl b/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl index 22bdd262..9e2cbe65 100644 --- a/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl +++ b/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl @@ -9,7 +9,6 @@ udmRestApi: dcBackup: "cn=DC Backup Hosts,cn=groups,dc=univention-organization,dc=intranet" dcSlaves: "cn=DC Slave Hosts,cn=groups,dc=univention-organization,dc=intranet" domainAdmins: "cn=Domain Admins,cn=groups,dc=univention-organization,dc=intranet" - environment: "staging" ldapHost: "ums-ldap-server" ldapBaseDn: "dc=univention-organization,dc=intranet" # TODO: This should not be required, the machine account is not there @@ -26,8 +25,6 @@ udmRestApi: # TODO: This should not be part of the udm-rest-api anymore loadJoinData: enabled: true - # TODO: probably to INFO - logLevel: "DEBUG" # TODO: configurable tlsMode: "off" diff --git a/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl b/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl index 4c4f27e1..e337c5b3 100644 --- a/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl +++ b/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl @@ -8,13 +8,6 @@ umcGateway: hostname: "{{ .Values.global.hosts.univentionManagementStack }}" ssoFqdn: "localhost:8097" - showCookieBanner: true - cookieBannerTitleDE: "Cookie Zustimmung" - cookieBannerTitleEN: "Cookie Consent" - cookieBannerTextDE: "Die Nutzung dieses Angebots ist nur möglich, wenn Cookies gespeichert und verarbeitet werden können (essenzielle Cookies). Dafür benötigen wir Ihre Zustimmung. Bitte akzeptieren Sie um fortzufahren oder schließen Sie die Seite." - cookieBannerTextEN: "Usage of this site is only possible by storing and processing cookie information (essential cookies). We require your consent. Please accept to continue or close the page." - - image: registry: "{{ .Values.global.imageRegistry }}" repository: "{{ .Values.images.umsUmcGateway.repository }}" diff --git a/helmfile/apps/univention-management-stack/values-umc-gateway.yaml b/helmfile/apps/univention-management-stack/values-umc-gateway.yaml new file mode 100644 index 00000000..97f63a1c --- /dev/null +++ b/helmfile/apps/univention-management-stack/values-umc-gateway.yaml @@ -0,0 +1,18 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- +umcGateway: + showCookieBanner: true + cookieBannerTitleDE: "Cookie Zustimmung" + cookieBannerTitleEN: "Cookie Consent" + cookieBannerTextDE: >- + Die Nutzung dieses Angebots ist nur möglich, wenn Cookies gespeichert und + verarbeitet werden können (essenzielle Cookies). Dafür benötigen wir Ihre + Zustimmung. Bitte akzeptieren Sie um fortzufahren oder schließen Sie die + Seite. + cookieBannerTextEN: >- + Usage of this site is only possible by storing and processing cookie + information (essential cookies). We require your consent. Please accept to + continue or close the page. + +... diff --git a/helmfile/apps/univention-management-stack/values-umc-server.gotmpl b/helmfile/apps/univention-management-stack/values-umc-server.gotmpl index fe4da71c..8a15da5c 100644 --- a/helmfile/apps/univention-management-stack/values-umc-server.gotmpl +++ b/helmfile/apps/univention-management-stack/values-umc-server.gotmpl @@ -13,6 +13,7 @@ umcServer: ldapHostDn: cn=admin,dc=univention-organization,dc=intranet enforceSessionCookie: "true" + # TODO: The keycloak integration is pending samlEnabled: false samlMetadataUrl: "http://localhost:8097/realms/ucs/protocol/saml/descriptor" samlMetadataUrlInternal: "http://keycloak/realms/ucs/protocol/saml/descriptor"