diff --git a/helmfile/apps/collabora/values.gotmpl b/helmfile/apps/collabora/values.gotmpl index c6cf5371..f3301363 100644 --- a/helmfile/apps/collabora/values.gotmpl +++ b/helmfile/apps/collabora/values.gotmpl @@ -5,24 +5,24 @@ SPDX-License-Identifier: Apache-2.0 --- image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.collabora.repository }}" - tag: "{{ .Values.images.collabora.tag }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + tag: {{ .Values.images.collabora.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} ingress: enabled: {{ .Values.ingress.enabled }} - className: "{{ .Values.ingress.ingressClassName }}" + className: {{ .Values.ingress.ingressClassName | quote }} hosts: - host: "{{ .Values.global.hosts.collabora }}.{{ .Values.global.domain }}" paths: - path: "/" pathType: "Prefix" tls: - - secretName: "{{ .Values.ingress.tls.secretName }}" + - secretName: {{ .Values.ingress.tls.secretName | quote }} hosts: - "{{ .Values.global.hosts.collabora }}.{{ .Values.global.domain }}" @@ -33,7 +33,6 @@ collabora: aliasgroups: - host: "https://{{ .Values.global.hosts.nextcloud }}.{{ .Values.global.domain }}:443" - replicaCount: {{ .Values.replicas.collabora }} resources: diff --git a/helmfile/apps/element/values-element.gotmpl b/helmfile/apps/element/values-element.gotmpl index b71d8851..8b749e0a 100644 --- a/helmfile/apps/element/values-element.gotmpl +++ b/helmfile/apps/element/values-element.gotmpl @@ -4,8 +4,8 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - registry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + registry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: @@ -103,18 +103,18 @@ configuration: welcomeUserId: "@meetings-bot:{{ .Values.global.domain }}" image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.element.repository }}" - tag: "{{ .Values.images.element.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.element.repository | quote }} + tag: {{ .Values.images.element.tag | quote }} ingress: host: "{{ .Values.global.hosts.element }}.{{ .Values.global.domain }}" - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} theme: {{ .Values.theme | toYaml | nindent 2 }} diff --git a/helmfile/apps/element/values-matrix-neoboard-widget.gotmpl b/helmfile/apps/element/values-matrix-neoboard-widget.gotmpl index 057033b3..0de7efb0 100644 --- a/helmfile/apps/element/values-matrix-neoboard-widget.gotmpl +++ b/helmfile/apps/element/values-matrix-neoboard-widget.gotmpl @@ -4,24 +4,24 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - imageRegistry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + imageRegistry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.matrixNeoBoardWidget.repository }}" - tag: "{{ .Values.images.matrixNeoBoardWidget.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.matrixNeoBoardWidget.repository | quote }} + tag: {{ .Values.images.matrixNeoBoardWidget.tag | quote }} ingress: - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} theme: {{ .Values.theme | toYaml | nindent 2 }} diff --git a/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl b/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl index 4e0e5c8a..c4c2baea 100644 --- a/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl +++ b/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl @@ -4,24 +4,24 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - imageRegistry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + imageRegistry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.matrixNeoChoiceWidget.repository }}" - tag: "{{ .Values.images.matrixNeoChoiceWidget.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.matrixNeoChoiceWidget.repository | quote }} + tag: {{ .Values.images.matrixNeoChoiceWidget.tag | quote }} ingress: - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} theme: {{ .Values.theme | toYaml | nindent 2 }} diff --git a/helmfile/apps/element/values-matrix-neodatefix-bot-bootstrap.gotmpl b/helmfile/apps/element/values-matrix-neodatefix-bot-bootstrap.gotmpl index dd8b7da6..823f270b 100644 --- a/helmfile/apps/element/values-matrix-neodatefix-bot-bootstrap.gotmpl +++ b/helmfile/apps/element/values-matrix-neodatefix-bot-bootstrap.gotmpl @@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "{{ .Values.global.imageRegistry }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} @@ -16,8 +16,8 @@ configuration: password: {{ .Values.secrets.matrixNeoDateFixBot.password | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - url: "{{ .Values.images.synapseCreateUser.repository }}" - tag: "{{ .Values.images.synapseCreateUser.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + url: {{ .Values.images.synapseCreateUser.repository | quote }} + tag: {{ .Values.images.synapseCreateUser.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} ... diff --git a/helmfile/apps/element/values-matrix-neodatefix-bot.gotmpl b/helmfile/apps/element/values-matrix-neodatefix-bot.gotmpl index 68087586..190e0778 100644 --- a/helmfile/apps/element/values-matrix-neodatefix-bot.gotmpl +++ b/helmfile/apps/element/values-matrix-neodatefix-bot.gotmpl @@ -4,8 +4,8 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - imageRegistry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + imageRegistry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: @@ -15,20 +15,20 @@ configuration: openxchangeBaseUrl: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}" image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.matrixNeoDateFixBot.repository }}" - tag: "{{ .Values.images.matrixNeoDateFixBot.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.matrixNeoDateFixBot.repository | quote }} + tag: {{ .Values.images.matrixNeoDateFixBot.tag | quote }} ingress: - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} persistence: - size: "{{ .Values.persistence.size.matrixNeoDateFixBot }}" - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + size: {{ .Values.persistence.size.matrixNeoDateFixBot | quote }} + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} replicaCount: {{ .Values.replicas.matrixNeoDateFixBot }} diff --git a/helmfile/apps/element/values-matrix-neodatefix-widget.gotmpl b/helmfile/apps/element/values-matrix-neodatefix-widget.gotmpl index cd3f4389..24a64fdb 100644 --- a/helmfile/apps/element/values-matrix-neodatefix-widget.gotmpl +++ b/helmfile/apps/element/values-matrix-neodatefix-widget.gotmpl @@ -4,24 +4,24 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - imageRegistry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + imageRegistry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.matrixNeoDateFixWidget.repository }}" - tag: "{{ .Values.images.matrixNeoDateFixWidget.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.matrixNeoDateFixWidget.repository | quote }} + tag: {{ .Values.images.matrixNeoDateFixWidget.tag | quote }} ingress: - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} theme: {{ .Values.theme | toYaml | nindent 2 }} diff --git a/helmfile/apps/element/values-matrix-user-verification-service-bootstrap.gotmpl b/helmfile/apps/element/values-matrix-user-verification-service-bootstrap.gotmpl index 7be563c0..77882a14 100644 --- a/helmfile/apps/element/values-matrix-user-verification-service-bootstrap.gotmpl +++ b/helmfile/apps/element/values-matrix-user-verification-service-bootstrap.gotmpl @@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "{{ .Values.global.imageRegistry }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} @@ -13,11 +13,11 @@ cleanup: deletePodsOnSuccessTimeout: {{ .Values.cleanup.deletePodsOnSuccessTimeout }} configuration: - password: {{ .Values.secrets.matrixUserVerificationService.password }} + password: {{ .Values.secrets.matrixUserVerificationService.password | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - url: "{{ .Values.images.synapseCreateUser.repository }}" - tag: "{{ .Values.images.synapseCreateUser.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + url: {{ .Values.images.synapseCreateUser.repository | quote }} + tag: {{ .Values.images.synapseCreateUser.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} ... diff --git a/helmfile/apps/element/values-matrix-user-verification-service.gotmpl b/helmfile/apps/element/values-matrix-user-verification-service.gotmpl index 6a6f13e0..45cd9605 100644 --- a/helmfile/apps/element/values-matrix-user-verification-service.gotmpl +++ b/helmfile/apps/element/values-matrix-user-verification-service.gotmpl @@ -4,17 +4,17 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - imageRegistry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + imageRegistry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.matrixUserVerificationService.repository }}" - tag: "{{ .Values.images.matrixUserVerificationService.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.matrixUserVerificationService.repository | quote }} + tag: {{ .Values.images.matrixUserVerificationService.tag | quote }} replicaCount: {{ .Values.replicas.matrixUserVerificationService }} diff --git a/helmfile/apps/element/values-synapse-web.gotmpl b/helmfile/apps/element/values-synapse-web.gotmpl index 58789503..a4950bbe 100644 --- a/helmfile/apps/element/values-synapse-web.gotmpl +++ b/helmfile/apps/element/values-synapse-web.gotmpl @@ -4,26 +4,26 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - registry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + registry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.synapseWeb.repository }}" - tag: "{{ .Values.images.synapseWeb.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.synapseWeb.repository | quote }} + tag: {{ .Values.images.synapseWeb.tag | quote }} ingress: host: "{{ .Values.global.hosts.synapse }}.{{ .Values.global.domain }}" - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} replicaCount: {{ .Values.replicas.synapseWeb }} diff --git a/helmfile/apps/element/values-synapse.gotmpl b/helmfile/apps/element/values-synapse.gotmpl index af37fd46..2bad3af3 100644 --- a/helmfile/apps/element/values-synapse.gotmpl +++ b/helmfile/apps/element/values-synapse.gotmpl @@ -4,24 +4,24 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - registry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + registry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.synapse.repository }}" - tag: "{{ .Values.images.synapse.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.synapse.repository | quote }} + tag: {{ .Values.images.synapse.tag | quote }} configuration: database: - host: "{{ .Values.databases.synapse.host }}" - name: "{{ .Values.databases.synapse.name }}" - user: "{{ .Values.databases.synapse.username }}" + host: {{ .Values.databases.synapse.host | quote }} + name: {{ .Values.databases.synapse.name | quote }} + user: {{ .Values.databases.synapse.username | quote }} password: {{ .Values.databases.synapse.password | default .Values.secrets.postgresql.matrixUser | quote }} homeserver: @@ -37,32 +37,32 @@ configuration: sender_localpart: intercom-service oidc: - clientSecret: {{ .Values.secrets.keycloak.clientSecret.matrix }} + clientSecret: {{ .Values.secrets.keycloak.clientSecret.matrix | quote }} issuer: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap" turn: - sharedSecret: {{ .Values.turn.credentials }} + sharedSecret: {{ .Values.turn.credentials | quote }} servers: {{- if .Values.turn.tls.host }} - - server: {{ .Values.turn.tls.host }} + - server: {{ .Values.turn.tls.host | quote }} port: {{ .Values.turn.tls.port }} - transport: {{ .Values.turn.transport }} + transport: {{ .Values.turn.transport | quote }} {{- else if .Values.turn.server.host }} - - server: {{ .Values.turn.server.host }} + - server: {{ .Values.turn.server.host | quote }} port: {{ .Values.turn.server.port }} - transport: {{ .Values.turn.transport }} + transport: {{ .Values.turn.transport | quote }} {{- end }} guestModule: image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.synapseGuestModule.repository }}" - tag: "{{ .Values.images.synapseGuestModule.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.synapseGuestModule.repository | quote }} + tag: {{ .Values.images.synapseGuestModule.tag | quote }} persistence: - size: "{{ .Values.persistence.size.synapse }}" - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + size: {{ .Values.persistence.size.synapse | quote }} + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} replicaCount: {{ .Values.replicas.synapse }} diff --git a/helmfile/apps/element/values-well-known.gotmpl b/helmfile/apps/element/values-well-known.gotmpl index 2254f19f..0d08e730 100644 --- a/helmfile/apps/element/values-well-known.gotmpl +++ b/helmfile/apps/element/values-well-known.gotmpl @@ -4,26 +4,26 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - registry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + registry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.wellKnown.repository }}" - tag: "{{ .Values.images.wellKnown.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.wellKnown.repository | quote }} + tag: {{ .Values.images.wellKnown.tag | quote }} ingress: - host: "{{ .Values.global.domain }}" - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + host: {{ .Values.global.domain | quote }} + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} replicaCount: {{ .Values.replicas.wellKnown }} diff --git a/helmfile/apps/intercom-service/helmfile.yaml b/helmfile/apps/intercom-service/helmfile.yaml index c68aff7a..e3061b9b 100644 --- a/helmfile/apps/intercom-service/helmfile.yaml +++ b/helmfile/apps/intercom-service/helmfile.yaml @@ -19,7 +19,7 @@ repositories: releases: - name: "intercom-service" chart: "intercom-service-repo/intercom-service" - version: "2.0.0" + version: "2.0.1" values: - "values.gotmpl" installed: {{ .Values.intercom.enabled }} diff --git a/helmfile/apps/intercom-service/values.gotmpl b/helmfile/apps/intercom-service/values.gotmpl index 1e976801..a308c9e7 100644 --- a/helmfile/apps/intercom-service/values.gotmpl +++ b/helmfile/apps/intercom-service/values.gotmpl @@ -4,46 +4,46 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "{{ .Values.global.imageRegistry }}" - domain: "{{ .Values.global.domain }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} + domain: {{ .Values.global.domain | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} ics: - secret: {{ .Values.secrets.intercom.secret }} + secret: {{ .Values.secrets.intercom.secret | quote }} issuerBaseUrl: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap" originRegex: "{{ .Values.istio.domain }}|{{ .Values.global.domain }}" default: - domain: "{{ .Values.global.domain }}" + domain: {{ .Values.global.domain | quote }} oidc: - secret: {{ .Values.secrets.keycloak.clientSecret.intercom }} + secret: {{ .Values.secrets.keycloak.clientSecret.intercom | quote }} matrix: asSecret: {{ .Values.secrets.intercom.synapseAsToken | quote }} - subdomain: {{ .Values.global.hosts.synapse }} + subdomain: {{ .Values.global.hosts.synapse | quote }} serverName: "{{ .Values.global.hosts.synapse }}.{{ .Values.global.domain }}" nordeck: - subdomain: {{ .Values.global.hosts.matrixNeoDateFixBot }} + subdomain: {{ .Values.global.hosts.matrixNeoDateFixBot | quote }} portal: - apiKey: {{ .Values.secrets.centralnavigation.apiKey }} + apiKey: {{ .Values.secrets.centralnavigation.apiKey | quote }} redis: - host: {{ .Values.cache.intercomService.host }} + host: {{ .Values.cache.intercomService.host | quote }} port: {{ .Values.cache.intercomService.port }} password: {{ .Values.cache.intercomService.password | default .Values.secrets.redis.password | quote }} openxchange: url: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}" image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.intercom.repository }}" - tag: "{{ .Values.images.intercom.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.intercom.repository | quote }} + tag: {{ .Values.images.intercom.tag | quote }} ingress: host: "{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}" - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} ... diff --git a/helmfile/apps/jitsi/values-jitsi.gotmpl b/helmfile/apps/jitsi/values-jitsi.gotmpl index 839afbf6..9345132b 100644 --- a/helmfile/apps/jitsi/values-jitsi.gotmpl +++ b/helmfile/apps/jitsi/values-jitsi.gotmpl @@ -4,8 +4,8 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - registry: "{{ .Values.global.imageRegistry }}" + domain: {{ .Values.global.domain | quote }} + registry: {{ .Values.global.imageRegistry | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} imagePullSecrets: @@ -15,13 +15,13 @@ cleanup: deletePodsOnSuccess: {{ .Values.cleanup.deletePodsOnSuccess }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.jitsiKeycloakAdapter.repository }}" - tag: "{{ .Values.images.jitsiKeycloakAdapter.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.jitsiKeycloakAdapter.repository | quote }} + tag: {{ .Values.images.jitsiKeycloakAdapter.tag | quote }} settings: - jwtAppSecret: "{{ .Values.secrets.jitsi.jwtAppSecret }}" + jwtAppSecret: {{ .Values.secrets.jitsi.jwtAppSecret | quote }} theme: {{ .Values.theme | toYaml | nindent 2 }} @@ -32,16 +32,16 @@ jitsi: replicaCount: {{ .Values.replicas.jitsi }} image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.jitsi.repository }}" - tag: "{{ .Values.images.jitsi.tag }}" + tag: {{ .Values.images.jitsi.tag | quote }} ingress: - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} hosts: - host: "{{ .Values.global.hosts.jitsi }}.{{ .Values.global.domain }}" paths: - "/" tls: - - secretName: "{{ .Values.ingress.tls.secretName }}" + - secretName: {{ .Values.ingress.tls.secretName | quote }} hosts: - "{{ .Values.global.hosts.jitsi }}.{{ .Values.global.domain }}" extraEnvs: @@ -51,10 +51,10 @@ jitsi: prosody: image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.prosody.repository }}" - tag: "{{ .Values.images.prosody.tag }}" + tag: {{ .Values.images.prosody.tag | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} extraEnvs: - name: "AUTH_TYPE" @@ -62,74 +62,74 @@ jitsi: - name: "JWT_APP_ID" value: "myappid" - name: "JWT_APP_SECRET" - value: "{{ .Values.secrets.jitsi.jwtAppSecret }}" + value: {{ .Values.secrets.jitsi.jwtAppSecret | quote }} - name: "MATRIX_UVS_SYNC_POWER_LEVELS" value: "true" - name: "MATRIX_UVS_URL" value: "http://opendesk-matrix-user-verification-service.{{ .Release.Namespace }}.svc.{{ .Values.cluster.networking.domain }}" - name: TURNS_HOST - value: "{{ .Values.turn.tls.host }}" + value: {{ .Values.turn.tls.host | quote }} - name: TURNS_PORT - value: "{{ .Values.turn.tls.port }}" + value: {{ .Values.turn.tls.port | quote }} - name: TURN_HOST - value: "{{ .Values.turn.server.host }}" + value: {{ .Values.turn.server.host | quote }} - name: TURN_PORT - value: "{{ .Values.turn.server.port }}" + value: {{ .Values.turn.server.port | quote }} - name: TURN_TRANSPORT - value: "{{ .Values.turn.transport }}" + value: {{ .Values.turn.transport | quote }} - name: TURN_CREDENTIALS - value: "{{ .Values.turn.credentials }}" + value: {{ .Values.turn.credentials | quote }} resources: {{ .Values.resources.prosody | toYaml | nindent 6 }} persistence: - size: "{{ .Values.persistence.size.prosody }}" - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" + size: {{ .Values.persistence.size.prosody | quote }} + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote }} jicofo: replicaCount: {{ .Values.replicas.jicofo }} image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.jicofo.repository }}" - tag: "{{ .Values.images.jicofo.tag }}" + tag: {{ .Values.images.jicofo.tag | quote }} xmpp: password: {{ .Values.secrets.jitsi.jicofoAuthPassword | quote }} - componentSecret: "{{ .Values.secrets.jitsi.jicofoComponentPassword }}" + componentSecret: {{ .Values.secrets.jitsi.jicofoComponentPassword | quote }} resources: {{ .Values.resources.jicofo | toYaml | nindent 6 }} jvb: replicaCount: {{ .Values.replicas.jvb }} image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.jvb.repository }}" - tag: "{{ .Values.images.jvb.tag }}" + tag: {{ .Values.images.jvb.tag | quote }} xmpp: - password: "{{ .Values.secrets.jitsi.jvbAuthPassword }}" + password: {{ .Values.secrets.jitsi.jvbAuthPassword | quote }} resources: {{ .Values.resources.jvb | toYaml | nindent 6 }} service: - type: "{{ .Values.cluster.service.type }}" + type: {{ .Values.cluster.service.type | quote }} jibri: replicaCount: {{ .Values.replicas.jibri }} image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.jibri.repository }}" - tag: "{{ .Values.images.jibri.tag }}" + tag: {{ .Values.images.jibri.tag | quote }} recorder: - password: "{{ .Values.secrets.jitsi.jibriRecorderPassword }}" + password: {{ .Values.secrets.jitsi.jibriRecorderPassword | quote }} xmpp: - password: "{{ .Values.secrets.jitsi.jibriXmppPassword }}" + password: {{ .Values.secrets.jitsi.jibriXmppPassword | quote }} resources: {{ .Values.resources.jibri | toYaml | nindent 6 }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} patchJVB: configuration: - staticLoadbalancerIP: "{{ .Values.cluster.networking.ingressGatewayIP }}" - loadbalancerStatusField: "{{ .Values.cluster.networking.loadBalancerStatusField }}" + staticLoadbalancerIP: {{ .Values.cluster.networking.ingressGatewayIP | quote }} + loadbalancerStatusField: {{ .Values.cluster.networking.loadBalancerStatusField | quote }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.jitsiPatchJVB.repository }}" - tag: "{{ .Values.images.jitsiPatchJVB.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.jitsiPatchJVB.repository | quote }} + tag: {{ .Values.images.jitsiPatchJVB.tag | quote }} replicaCount: {{ .Values.replicas.jitsiKeycloakAdapter }} resources: diff --git a/helmfile/apps/keycloak-bootstrap/helmfile.yaml b/helmfile/apps/keycloak-bootstrap/helmfile.yaml index 9173f6ed..cffafe77 100644 --- a/helmfile/apps/keycloak-bootstrap/helmfile.yaml +++ b/helmfile/apps/keycloak-bootstrap/helmfile.yaml @@ -21,7 +21,7 @@ repositories: releases: - name: "opendesk-keycloak-bootstrap" chart: "opendesk-keycloak-bootstrap-repo/sovereign-workplace-keycloak-bootstrap" - version: "1.1.11" + version: "1.1.12" values: - "values-bootstrap.gotmpl" - "values-bootstrap.yaml" diff --git a/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl b/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl index fb3fdb61..a863af80 100644 --- a/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl +++ b/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl @@ -4,10 +4,10 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" + domain: {{ .Values.global.domain | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} - registry: "{{ .Values.global.imageRegistry }}" + registry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} @@ -20,10 +20,10 @@ config: password: {{ .Values.secrets.keycloak.adminPassword | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.keycloakBootstrap.repository }}" - tag: "{{ .Values.images.keycloakBootstrap.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.keycloakBootstrap.repository | quote }} + tag: {{ .Values.images.keycloakBootstrap.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.keycloakBootstrap | toYaml | nindent 2 }} diff --git a/helmfile/apps/keycloak/values-extensions.gotmpl b/helmfile/apps/keycloak/values-extensions.gotmpl index 50fae0a3..5fb1cf76 100644 --- a/helmfile/apps/keycloak/values-extensions.gotmpl +++ b/helmfile/apps/keycloak/values-extensions.gotmpl @@ -8,39 +8,38 @@ global: adminPassword: {{ .Values.secrets.keycloak.adminPassword | quote }} postgresql: connection: - host: "{{ .Values.databases.keycloakExtension.host }}" - port: "{{ .Values.databases.keycloakExtension.port }}" + host: {{ .Values.databases.keycloakExtension.host | quote }} + port: {{ .Values.databases.keycloakExtension.port }} auth: - database: "{{ .Values.databases.keycloakExtension.name }}" - username: "{{ .Values.databases.keycloakExtension.username }}" + database: {{ .Values.databases.keycloakExtension.name | quote }} + username: {{ .Values.databases.keycloakExtension.username | quote }} password: {{ .Values.databases.keycloakExtension.password | default .Values.secrets.postgresql.keycloakExtensionUser | quote }} handler: image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.keycloakExtensionHandler.repository }}" - tag: "{{ .Values.images.keycloakExtensionHandler.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.keycloakExtensionHandler.repository | quote }} + tag: {{ .Values.images.keycloakExtensionHandler.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} appConfig: smtpPassword: {{ .Values.smtp.password | quote }} - smtpHost: "{{ .Values.smtp.host }}" - smtpUsername: "{{ .Values.smtp.username }}" + smtpHost: {{ .Values.smtp.host | quote }} + smtpUsername: {{ .Values.smtp.username | quote }} mailFrom: "noreply@{{ .Values.global.domain }}" resources: {{ .Values.resources.keycloakExtension | toYaml | nindent 4 }} proxy: image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.keycloakExtensionProxy.repository }}" - tag: "{{ .Values.images.keycloakExtensionProxy.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.keycloakExtensionProxy.repository | quote }} + tag: {{ .Values.images.keycloakExtensionProxy.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} ingress: - enabled: "{{ .Values.ingress.enabled }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + enabled: {{ .Values.ingress.enabled }} + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} host: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}" tls: - enabled: "{{ .Values.ingress.tls.enabled }}" - secretName: "{{ .Values.ingress.tls.secretName }}" + enabled: {{ .Values.ingress.tls.enabled }} + secretName: {{ .Values.ingress.tls.secretName | quote }} resources: {{ .Values.resources.keycloakProxy | toYaml | nindent 4 }} - ... diff --git a/helmfile/apps/keycloak/values-keycloak.gotmpl b/helmfile/apps/keycloak/values-keycloak.gotmpl index ae1c37b0..72daf955 100644 --- a/helmfile/apps/keycloak/values-keycloak.gotmpl +++ b/helmfile/apps/keycloak/values-keycloak.gotmpl @@ -4,22 +4,22 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "{{ .Values.global.imageRegistry }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.keycloak.repository }}" - tag: "{{ .Values.images.keycloak.tag }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.keycloak.repository | quote }} + tag: {{ .Values.images.keycloak.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} externalDatabase: - host: "{{ .Values.databases.keycloak.host }}" + host: {{ .Values.databases.keycloak.host | quote }} port: {{ .Values.databases.keycloak.port }} - user: "{{ .Values.databases.keycloak.username }}" - database: "{{ .Values.databases.keycloak.name }}" + user: {{ .Values.databases.keycloak.username | quote }} + database: {{ .Values.databases.keycloak.name | quote }} password: {{ .Values.databases.keycloak.password | default .Values.secrets.postgresql.keycloakUser | quote }} auth: @@ -34,7 +34,7 @@ keycloakConfigCli: - name: "LDAP_USERS_DN" value: "cn=users,dc=swp-ldap,dc=internal" - name: "LDAP_SERVER_URL" - value: "{{ .Values.global.ldap.host }}" + value: {{ .Values.global.ldap.host | quote }} - name: "IDENTIFIER" value: "souvap" - name: "THEME" @@ -62,23 +62,23 @@ keycloakConfigCli: - name: "INTERCOM_SERVICE_DOMAIN" value: "{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}" - name: "CLIENT_SECRET_INTERCOM_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.intercom }} + value: {{ .Values.secrets.keycloak.clientSecret.intercom | quote }} - name: "CLIENT_SECRET_MATRIX_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.matrix }} + value: {{ .Values.secrets.keycloak.clientSecret.matrix | quote }} - name: "CLIENT_SECRET_JITSI_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.jitsi }} + value: {{ .Values.secrets.keycloak.clientSecret.jitsi | quote }} - name: "CLIENT_SECRET_NCOIDC_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.ncoidc }} + value: {{ .Values.secrets.keycloak.clientSecret.ncoidc | quote }} - name: "CLIENT_SECRET_OPENPROJECT_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.openproject }} + value: {{ .Values.secrets.keycloak.clientSecret.openproject | quote }} - name: "CLIENT_SECRET_XWIKI_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.xwiki }} + value: {{ .Values.secrets.keycloak.clientSecret.xwiki | quote }} - name: "CLIENT_SECRET_AS8OIDC_PASSWORD" - value: {{ .Values.secrets.keycloak.clientSecret.as8oidc }} + value: {{ .Values.secrets.keycloak.clientSecret.as8oidc | quote }} - name: "KEYCLOAK_STORAGEPROVICER_UCSLDAP_NAME" value: "storage_provider_ucsldap" - name: "LDAPSEARCH_PASSWORD" - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.keycloak }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.keycloak | quote }} - name: "LDAPSEARCH_USERNAME" value: "ldapsearch_keycloak" resources: diff --git a/helmfile/apps/keycloak/values-theme.gotmpl b/helmfile/apps/keycloak/values-theme.gotmpl index 0fc5ec2d..f6394040 100644 --- a/helmfile/apps/keycloak/values-theme.gotmpl +++ b/helmfile/apps/keycloak/values-theme.gotmpl @@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" + domain: {{ .Values.global.domain | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} diff --git a/helmfile/apps/nextcloud/values-bootstrap.gotmpl b/helmfile/apps/nextcloud/values-bootstrap.gotmpl index 1a698a70..bf7f6c56 100644 --- a/helmfile/apps/nextcloud/values-bootstrap.gotmpl +++ b/helmfile/apps/nextcloud/values-bootstrap.gotmpl @@ -4,11 +4,11 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" - istioDomain: "{{ .Values.istio.domain }}" + domain: {{ .Values.global.domain | quote }} + istioDomain: {{ .Values.istio.domain | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} - registry: "{{ .Values.global.imageRegistry }}" + registry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} @@ -30,19 +30,19 @@ config: password: {{ .Values.secrets.keycloak.clientSecret.ncoidc | quote }} database: - host: "{{ .Values.databases.nextcloud.host }}" - name: "{{ .Values.databases.nextcloud.name }}" - user: "{{ .Values.databases.nextcloud.username }}" + host: {{ .Values.databases.nextcloud.host | quote }} + name: {{ .Values.databases.nextcloud.name | quote }} + user: {{ .Values.databases.nextcloud.username | quote }} password: {{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser | quote }} ldapSearch: - host: "{{ .Values.global.ldap.host }}" - password: "{{ .Values.secrets.univentionCorporateServer.ldapSearch.nextcloud }}" + host: {{ .Values.global.ldap.host | quote }} + password: {{ .Values.secrets.univentionCorporateServer.ldapSearch.nextcloud | quote }} smtp: - host: "{{ .Values.smtp.host }}" - username: "{{ .Values.smtp.username }}" - password: "{{ .Values.smtp.password }}" + host: {{ .Values.smtp.host | quote }} + username: {{ .Values.smtp.username | quote }} + password: {{ .Values.smtp.password | quote }} cleanup: deletePodsOnSuccess: {{ .Values.cleanup.deletePodsOnSuccess }} @@ -50,24 +50,24 @@ cleanup: keepPVCOnDelete: {{ .Values.cleanup.keepPVCOnDelete }} image: - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.nextcloud.repository }}" - tag: "{{ .Values.images.nextcloud.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.nextcloud.repository | quote }} + tag: {{ .Values.images.nextcloud.tag | quote }} persistence: {{- if .Values.cluster.persistence.readWriteMany.enabled }} accessModes: - "ReadWriteMany" - storageClass: "{{ .Values.persistence.storageClassNames.RWX }}" + storageClass: {{ .Values.persistence.storageClassNames.RWX | quote }} {{- else }} accessModes: - "ReadWriteOnce" - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} {{- end }} size: - main: "{{ .Values.persistence.size.nextcloud.main }}" - data: "{{ .Values.persistence.size.nextcloud.data }}" + main: {{ .Values.persistence.size.nextcloud.main | quote }} + data: {{ .Values.persistence.size.nextcloud.data | quote }} resources: {{ .Values.resources.nextcloud | toYaml | nindent 2 }} diff --git a/helmfile/apps/nextcloud/values-nextcloud.gotmpl b/helmfile/apps/nextcloud/values-nextcloud.gotmpl index e4a2defc..cafed186 100644 --- a/helmfile/apps/nextcloud/values-nextcloud.gotmpl +++ b/helmfile/apps/nextcloud/values-nextcloud.gotmpl @@ -8,9 +8,9 @@ nextcloud: username: "nextcloud" password: {{ .Values.secrets.nextcloud.adminPassword | quote }} externalDatabase: - database: "{{ .Values.databases.nextcloud.name }}" - user: "{{ .Values.databases.nextcloud.username }}" - host: "{{ .Values.databases.nextcloud.host }}" + database: {{ .Values.databases.nextcloud.name | quote }} + user: {{ .Values.databases.nextcloud.username | quote }} + host: {{ .Values.databases.nextcloud.host | quote }} password: {{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser | quote }} extraEnv: REDIS_HOST: {{ .Values.cache.nextcloud.host | quote }} @@ -22,20 +22,20 @@ redis: password: {{ .Values.cache.nextcloud.password | default .Values.secrets.redis.password | quote }} ingress: enabled: {{ .Values.ingress.enabled }} - className: {{ .Values.ingress.ingressClassName }} + className: {{ .Values.ingress.ingressClassName | quote }} tls: - - secretName: "{{ .Values.ingress.tls.secretName }}" + - secretName: {{ .Values.ingress.tls.secretName | quote }} hosts: - "{{ .Values.global.hosts.nextcloud }}.{{ .Values.global.domain }}" image: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.nextcloud.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.nextcloud.tag }}" + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.nextcloud.tag | quote }} pullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} metrics: - token: "{{ .Values.secrets.nextcloud.metricsToken }}" + token: {{ .Values.secrets.nextcloud.metricsToken | quote }} {{- if .Values.cluster.persistence.readWriteMany.enabled }} replicaCount: {{ .Values.replicas.nextcloud }} diff --git a/helmfile/apps/open-xchange/helmfile.yaml b/helmfile/apps/open-xchange/helmfile.yaml index 9155852b..314fcb68 100644 --- a/helmfile/apps/open-xchange/helmfile.yaml +++ b/helmfile/apps/open-xchange/helmfile.yaml @@ -35,7 +35,7 @@ repositories: releases: - name: "dovecot" chart: "opendesk-dovecot-repo/dovecot" - version: "1.3.1" + version: "1.3.4" values: - "values-dovecot.yaml" - "values-dovecot.gotmpl" diff --git a/helmfile/apps/open-xchange/values-dovecot.gotmpl b/helmfile/apps/open-xchange/values-dovecot.gotmpl index c1b8fdb4..bc8c1f7f 100644 --- a/helmfile/apps/open-xchange/values-dovecot.gotmpl +++ b/helmfile/apps/open-xchange/values-dovecot.gotmpl @@ -4,31 +4,31 @@ SPDX-License-Identifier: Apache-2.0 */}} --- image: - registry: "{{ .Values.global.imageRegistry }}" - url: "{{ .Values.images.dovecot.repository }}" - tag: "{{ .Values.images.dovecot.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + url: {{ .Values.images.dovecot.repository | quote }} + tag: {{ .Values.images.dovecot.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} dovecot: - mailDomain: "{{ .Values.global.domain }}" + mailDomain: {{ .Values.global.domain | quote }} password: {{ .Values.secrets.dovecot.doveadm | quote }} ldap: dn: "uid=ldapsearch_dovecot,cn=users,dc=swp-ldap,dc=internal" - host: "{{ .Values.global.ldap.host }}" + host: {{ .Values.global.ldap.host | quote }} password: {{ .Values.secrets.univentionCorporateServer.ldapSearch.dovecot | quote }} oidc: introspectionURL: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/token/introspect" - clientSecret: {{ .Values.secrets.keycloak.clientSecret.as8oidc }} + clientSecret: {{ .Values.secrets.keycloak.clientSecret.as8oidc | quote }} clientID: "as8oidc" - loginTrustedNetworks: "{{ .Values.cluster.networking.cidr }}" + loginTrustedNetworks: {{ .Values.cluster.networking.cidr | quote }} certificate: - secretName: "{{ .Values.ingress.tls.secretName }}" + secretName: {{ .Values.ingress.tls.secretName | quote }} {{- if .Values.cluster.persistence.readWriteMany.enabled }} replicaCount: {{ .Values.replicas.dovecot }} @@ -38,15 +38,15 @@ replicaCount: 1 persistence: {{- if .Values.cluster.persistence.readWriteMany.enabled }} - storageClassName: "{{ .Values.persistence.storageClassNames.RWX }}" + storageClassName: {{ .Values.persistence.storageClassNames.RWX | quote }} accessModes: - "ReadWriteMany" {{- else }} - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote }} accessModes: - "ReadWriteOnce" {{- end }} - size: "{{ .Values.persistence.size.dovecot }}" + size: {{ .Values.persistence.size.dovecot | quote }} resources: {{ .Values.resources.dovecot | toYaml | nindent 2 }} diff --git a/helmfile/apps/open-xchange/values-openxchange-bootstrap.gotmpl b/helmfile/apps/open-xchange/values-openxchange-bootstrap.gotmpl index 893031cf..3ac1f996 100644 --- a/helmfile/apps/open-xchange/values-openxchange-bootstrap.gotmpl +++ b/helmfile/apps/open-xchange/values-openxchange-bootstrap.gotmpl @@ -8,13 +8,13 @@ cleanup: deletePodsOnSuccessTimeout: {{ .Values.cleanup.deletePodsOnSuccessTimeout }} image: - registry: "{{ .Values.global.imageRegistry }}" - url: "{{ .Values.images.openxchangeBootstrap.repository }}" - tag: "{{ .Values.images.openxchangeBootstrap.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + url: {{ .Values.images.openxchangeBootstrap.repository | quote }} + tag: {{ .Values.images.openxchangeBootstrap.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} ... diff --git a/helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.gotmpl b/helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.gotmpl index 05423493..85529ab4 100644 --- a/helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.gotmpl +++ b/helmfile/apps/open-xchange/values-openxchange-enterprise-contact-picker.gotmpl @@ -10,7 +10,7 @@ appsuite: contactsLdapClient: pool: host: - address: "{{ .Values.global.ldap.host }}" + address: {{ .Values.global.ldap.host | quote }} port: 389 auth: adminDN: diff --git a/helmfile/apps/open-xchange/values-openxchange.gotmpl b/helmfile/apps/open-xchange/values-openxchange.gotmpl index 7ec12eee..3022f1bc 100644 --- a/helmfile/apps/open-xchange/values-openxchange.gotmpl +++ b/helmfile/apps/open-xchange/values-openxchange.gotmpl @@ -4,13 +4,13 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "{{ .Values.global.imageRegistry }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} hostname: "{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}" mysql: - host: "{{ .Values.databases.oxAppsuite.host }}" - database: "{{ .Values.databases.oxAppsuite.name }}" + host: {{ .Values.databases.oxAppsuite.host | quote }} + database: {{ .Values.databases.oxAppsuite.name | quote }} auth: - user: "{{ .Values.databases.oxAppsuite.username }}" + user: {{ .Values.databases.oxAppsuite.username | quote }} password: {{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword | quote }} rootPassword: {{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword | quote }} @@ -19,22 +19,22 @@ istio: nextcloud-integration-ui: image: - repository: {{ .Values.images.openxchangeNextcloudIntegrationUI.repository }} - tag: {{ .Values.images.openxchangeNextcloudIntegrationUI.tag }} + repository: {{ .Values.images.openxchangeNextcloudIntegrationUI.repository | quote }} + tag: {{ .Values.images.openxchangeNextcloudIntegrationUI.tag | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} public-sector-ui: image: - repository: {{ .Values.images.openxchangePublicSectorUI.repository }} - tag: {{ .Values.images.openxchangePublicSectorUI.tag }} + repository: {{ .Values.images.openxchangePublicSectorUI.repository | quote }} + tag: {{ .Values.images.openxchangePublicSectorUI.tag | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} appsuite: istio: @@ -56,12 +56,12 @@ appsuite: gotenberg: imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} image: - repository: {{ .Values.global.imageRegistry }}/{{ .Values.images.openxchangeGotenberg.repository }} - tag: {{ .Values.images.openxchangeGotenberg.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.openxchangeGotenberg.repository }}" + tag: {{ .Values.images.openxchangeGotenberg.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} properties: "com.openexchange.oauth.provider.jwt.jwksUri": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/certs" "com.openexchange.oauth.provider.allowedIssuer": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap" @@ -88,15 +88,15 @@ appsuite: "io.ox.nextcloud//server": "https://{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}/fs/" "io.ox.public-sector//ics/url": "https://{{ .Values.global.hosts.intercomService }}.{{ .Values.global.domain }}/" # Dynamic theme - io.ox/dynamic-theme//mainColor: "{{ .Values.theme.colors.primary }}" + io.ox/dynamic-theme//mainColor: {{ .Values.theme.colors.primary | quote }} io.ox/dynamic-theme//logoURL: "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}/univention/portal/icons/logos/domain.svg" - io.ox/dynamic-theme//topbarBackground: "{{ .Values.theme.colors.white }}" - io.ox/dynamic-theme//topbarColor: "{{ .Values.theme.colors.black }}" - io.ox/dynamic-theme//listSelected: "{{ .Values.theme.colors.primary15 }}" - io.ox/dynamic-theme//listHover: "{{ .Values.theme.colors.secondaryGreyLight }}" - io.ox/dynamic-theme//folderBackground: "{{ .Values.theme.colors.white }}" - io.ox/dynamic-theme//folderSelected: "{{ .Values.theme.colors.primary15 }}" - io.ox/dynamic-theme//folderHover: "{{ .Values.theme.colors.secondaryGreyLight }}" + io.ox/dynamic-theme//topbarBackground: {{ .Values.theme.colors.white | quote }} + io.ox/dynamic-theme//topbarColor: {{ .Values.theme.colors.black | quote }} + io.ox/dynamic-theme//listSelected: {{ .Values.theme.colors.primary15 | quote }} + io.ox/dynamic-theme//listHover: {{ .Values.theme.colors.secondaryGreyLight | quote }} + io.ox/dynamic-theme//folderBackground: {{ .Values.theme.colors.white | quote }} + io.ox/dynamic-theme//folderSelected: {{ .Values.theme.colors.primary15 | quote }} + io.ox/dynamic-theme//folderHover: {{ .Values.theme.colors.secondaryGreyLight | quote }} secretETCFiles: # Format of the OX Guard master key: # MC+base64(20 random bytes) @@ -108,27 +108,27 @@ appsuite: auth: password: {{ .Values.secrets.redis.password | quote }} image: - repository: {{ .Values.images.openxchangeCoreMW.repository }} - tag: {{ .Values.images.openxchangeCoreMW.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.openxchangeCoreMW.repository | quote }} + tag: {{ .Values.images.openxchangeCoreMW.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} update: image: - repository: {{ .Values.images.openxchangeCoreMW.repository }} - tag: {{ .Values.images.openxchangeCoreMW.tag }} + repository: {{ .Values.images.openxchangeCoreMW.repository | quote }} + tag: {{ .Values.images.openxchangeCoreMW.tag | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} core-ui: imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} image: - repository: {{ .Values.images.openxchangeCoreUI.repository }} - tag: {{ .Values.images.openxchangeCoreUI.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.openxchangeCoreUI.repository | quote }} + tag: {{ .Values.images.openxchangeCoreUI.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} core-ui-middleware: ingress: @@ -137,55 +137,55 @@ appsuite: enabled: false imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} image: - repository: {{ .Values.images.openxchangeCoreUIMiddleware.repository }} - tag: {{ .Values.images.openxchangeCoreUIMiddleware.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.openxchangeCoreUIMiddleware.repository | quote }} + tag: {{ .Values.images.openxchangeCoreUIMiddleware.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} redis: auth: password: {{ .Values.secrets.redis.password | quote }} core-documentconverter: image: - repository: {{ .Values.images.openxchangeDocumentConverter.repository }} - tag: {{ .Values.images.openxchangeDocumentConverter.tag }} + repository: {{ .Values.images.openxchangeDocumentConverter.repository | quote }} + tag: {{ .Values.images.openxchangeDocumentConverter.tag | quote }} resources: {{- .Values.resources.oxDocumentConverter | toYaml | nindent 6 }} core-guidedtours: imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} image: - repository: {{ .Values.images.openxchangeCoreGuidedtours.repository }} - tag: {{ .Values.images.openxchangeCoreGuidedtours.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.openxchangeCoreGuidedtours.repository | quote }} + tag: {{ .Values.images.openxchangeCoreGuidedtours.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} core-imageconverter: image: - repository: {{ .Values.images.openxchangeImageConverter.repository }} - tag: {{ .Values.images.openxchangeImageConverter.tag }} + repository: {{ .Values.images.openxchangeImageConverter.repository | quote }} + tag: {{ .Values.images.openxchangeImageConverter.tag | quote }} guard-ui: imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} image: - repository: {{ .Values.global.imageRegistry }}/{{ .Values.images.openxchangeGuardUI.repository }} - tag: {{ .Values.images.openxchangeGuardUI.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.openxchangeGuardUI.repository }}" + tag: {{ .Values.images.openxchangeGuardUI.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} core-user-guide: image: - repository: {{ .Values.images.openxchangeCoreUserGuide.repository }} - tag: {{ .Values.images.openxchangeCoreUserGuide.tag }} - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.openxchangeCoreUserGuide.repository | quote }} + tag: {{ .Values.images.openxchangeCoreUserGuide.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} ... diff --git a/helmfile/apps/openproject/values.gotmpl b/helmfile/apps/openproject/values.gotmpl index 390115ac..54412060 100644 --- a/helmfile/apps/openproject/values.gotmpl +++ b/helmfile/apps/openproject/values.gotmpl @@ -8,10 +8,10 @@ global: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.openproject.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.openproject.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.openproject.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.openproject.tag | quote }} initdb: image: @@ -22,21 +22,21 @@ initdb: memcached: connection: - host: "{{ .Values.cache.openproject.host }}" + host: {{ .Values.cache.openproject.host | quote }} port: {{ .Values.cache.openproject.port }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.memcached.repository }}" - tag: "{{ .Values.images.memcached.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.memcached.repository | quote }} + tag: {{ .Values.images.memcached.tag | quote }} postgresql: auth: password: {{ .Values.databases.openproject.password | default .Values.secrets.postgresql.openprojectUser | quote }} - username: "{{ .Values.databases.openproject.username }}" - database: "{{ .Values.databases.openproject.name }}" + username: {{ .Values.databases.openproject.username | quote }} + database: {{ .Values.databases.openproject.name | quote }} connection: - host: "{{ .Values.databases.openproject.host }}" - port: "{{ .Values.databases.openproject.port }}" + host: {{ .Values.databases.openproject.host | quote }} + port: {{ .Values.databases.openproject.port }} openproject: host: "{{ .Values.global.hosts.openproject }}.{{ .Values.global.domain }}" @@ -50,39 +50,38 @@ openproject: ingress: host: "{{ .Values.global.hosts.openproject }}.{{ .Values.global.domain }}" enabled: {{ .Values.ingress.enabled }} - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: enabled: {{ .Values.ingress.tls.enabled }} - secretName: "{{ .Values.ingress.tls.secretName }}" + secretName: {{ .Values.ingress.tls.secretName | quote }} environment: - OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SECRET: {{ .Values.secrets.keycloak.clientSecret.openproject }} + OPENPROJECT_OPENID__CONNECT_KEYCLOAK_SECRET: {{ .Values.secrets.keycloak.clientSecret.openproject | quote }} OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ISSUER: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap" OPENPROJECT_OPENID__CONNECT_KEYCLOAK_POST__LOGOUT__REDIRECT__URI: "https://{{ .Values.global.hosts.openproject }}.{{ .Values.global.domain }}/" OPENPROJECT_OPENID__CONNECT_KEYCLOAK_HOST: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}" OPENPROJECT_OPENID__CONNECT_KEYCLOAK_END__SESSION__ENDPOINT: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/logout" # Details: https://www.openproject-edge.com/docs/installation-and-operations/configuration/#seeding-ldap-connections - OPENPROJECT_SEED_LDAP_OPENDESK_HOST: "{{ .Values.global.ldap.host }}" + OPENPROJECT_SEED_LDAP_OPENDESK_HOST: {{ .Values.global.ldap.host | quote }} OPENPROJECT_SEED_LDAP_OPENDESK_PORT: "389" OPENPROJECT_SOUVAP__NAVIGATION__SECRET: {{ .Values.secrets.centralnavigation.apiKey | quote }} OPENPROJECT_SOUVAP__NAVIGATION__URL: "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}/univention/portal/navigation.json?base=https%3A//{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}" - OPENPROJECT_SMTP__DOMAIN: "{{ .Values.global.domain }}" - OPENPROJECT_SMTP__USER__NAME: "{{ .Values.smtp.username }}" - OPENPROJECT_SMTP__PASSWORD: "{{ .Values.smtp.password }}" - OPENPROJECT_SMTP__PORT: "{{ .Values.smtp.port }}" + OPENPROJECT_SMTP__DOMAIN: {{ .Values.global.domain | quote }} + OPENPROJECT_SMTP__USER__NAME: {{ .Values.smtp.username | quote }} + OPENPROJECT_SMTP__PASSWORD: {{ .Values.smtp.password | quote }} + OPENPROJECT_SMTP__PORT: {{ .Values.smtp.port | quote }} OPENPROJECT_SMTP__SSL: "false" # (default=false) - OPENPROJECT_SMTP__ADDRESS: "{{ .Values.smtp.host }}" + OPENPROJECT_SMTP__ADDRESS: {{ .Values.smtp.host | quote }} OPENPROJECT_MAIL__FROM: "do-not-reply@{{ .Values.global.domain }}" # Details: https://www.openproject-edge.com/docs/installation-and-operations/configuration/#seeding-ldap-connections - OPENPROJECT_SEED_LDAP_OPENDESK_BINDPASSWORD: "{{ .Values.secrets.univentionCorporateServer.ldapSearch.openproject }}" + OPENPROJECT_SEED_LDAP_OPENDESK_BINDPASSWORD: {{ .Values.secrets.univentionCorporateServer.ldapSearch.openproject | quote }} persistence: - size: "{{ .Values.persistence.size.openproject }}" - storageClassName: "{{ .Values.persistence.storageClassNames.RWX }}" + size: {{ .Values.persistence.size.openproject | quote }} + storageClassName: {{ .Values.persistence.storageClassNames.RWX | quote }} replicaCount: {{ .Values.replicas.openproject }} resources: {{ .Values.resources.openproject | toYaml | nindent 2 }} - ... diff --git a/helmfile/apps/provisioning/values-oxconnector.gotmpl b/helmfile/apps/provisioning/values-oxconnector.gotmpl index dd87a884..08bcdf7c 100644 --- a/helmfile/apps/provisioning/values-oxconnector.gotmpl +++ b/helmfile/apps/provisioning/values-oxconnector.gotmpl @@ -4,23 +4,23 @@ SPDX-License-Identifier: Apache-2.0 */}} --- image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.oxConnector.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.oxConnector.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.oxConnector.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.oxConnector.tag | quote }} imagePullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} persistence: - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} oxConnector: - domainName: "{{ .Values.global.domain }}" - ldapHost: "{{ .Values.global.ldap.host }}" - notifierServer: "{{ .Values.global.ldap.notifierHost }}" + domainName: {{ .Values.global.domain | quote }} + ldapHost: {{ .Values.global.ldap.host | quote }} + notifierServer: {{ .Values.global.ldap.notifierHost | quote }} #oxMasterAdmin: "(( .Values.appsuite.core-mw.masterAdmin ))" oxMasterAdmin: "admin" oxMasterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }} diff --git a/helmfile/apps/services/helmfile.yaml b/helmfile/apps/services/helmfile.yaml index 9fcb7ee2..2de61d8e 100644 --- a/helmfile/apps/services/helmfile.yaml +++ b/helmfile/apps/services/helmfile.yaml @@ -95,7 +95,7 @@ releases: installed: {{ .Values.memcached.enabled }} - name: "postgresql" chart: "postgresql-repo/postgresql" - version: "2.0.2" + version: "2.0.3" values: - "values-postgresql.yaml" - "values-postgresql.gotmpl" @@ -103,7 +103,7 @@ releases: timeout: 900 - name: "mariadb" chart: "mariadb-repo/mariadb" - version: "2.0.2" + version: "2.1.1" values: - "values-mariadb.yaml" - "values-mariadb.gotmpl" @@ -111,7 +111,7 @@ releases: timeout: 900 - name: "postfix" chart: "postfix-repo/postfix" - version: "2.0.3" + version: "2.0.4" values: - "values-postfix.yaml" - "values-postfix.gotmpl" diff --git a/helmfile/apps/services/values-certificates.gotmpl b/helmfile/apps/services/values-certificates.gotmpl index 5748bd31..f818d711 100644 --- a/helmfile/apps/services/values-certificates.gotmpl +++ b/helmfile/apps/services/values-certificates.gotmpl @@ -4,19 +4,19 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" + domain: {{ .Values.global.domain | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} issuerRef: - name: "{{ .Values.certificate.issuerRef.name }}" + name: {{ .Values.certificate.issuerRef.name | quote }} {{- if .Values.istio.enabled }} istio: enabled: {{ .Values.istio.enabled }} - domain: {{ .Values.istio.domain }} + domain: {{ .Values.istio.domain | quote }} issuerRef: - name: "{{ .Values.istio.issuerRef.name }}" + name: {{ .Values.istio.issuerRef.name | quote }} {{- end }} cleanup: diff --git a/helmfile/apps/services/values-clamav-distributed.gotmpl b/helmfile/apps/services/values-clamav-distributed.gotmpl index a6961bcf..f7010404 100644 --- a/helmfile/apps/services/values-clamav-distributed.gotmpl +++ b/helmfile/apps/services/values-clamav-distributed.gotmpl @@ -7,10 +7,10 @@ clamd: podSecurityContext: replicaCount: {{ .Values.replicas.clamd }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.clamd.repository }}" - tag: "{{ .Values.images.clamd.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.clamd.repository | quote }} + tag: {{ .Values.images.clamd.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.clamd | toYaml | nindent 4 }} @@ -18,10 +18,10 @@ freshclam: podSecurityContext: replicaCount: {{ .Values.replicas.freshclam }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.freshclam.repository }}" - tag: "{{ .Values.images.freshclam.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.freshclam.repository | quote }} + tag: {{ .Values.images.freshclam.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.freshclam | toYaml | nindent 4 }} @@ -32,10 +32,10 @@ global: icap: replicaCount: {{ .Values.replicas.icap }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.icap.repository }}" - tag: "{{ .Values.images.icap.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.icap.repository | quote }} + tag: {{ .Values.images.icap.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.icap | toYaml | nindent 4 }} @@ -43,14 +43,14 @@ milter: podSecurityContext: replicaCount: {{ .Values.replicas.milter }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.milter.repository }}" - tag: "{{ .Values.images.milter.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.milter.repository | quote }} + tag: {{ .Values.images.milter.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.milter | toYaml | nindent 4 }} persistence: - storageClass: "{{ .Values.persistence.storageClassNames.RWX }}" - size: "{{ .Values.persistence.size.clamav }}" + storageClass: {{ .Values.persistence.storageClassNames.RWX | quote }} + size: {{ .Values.persistence.size.clamav | quote }} ... diff --git a/helmfile/apps/services/values-clamav-simple.gotmpl b/helmfile/apps/services/values-clamav-simple.gotmpl index c229963d..4c2bbaeb 100644 --- a/helmfile/apps/services/values-clamav-simple.gotmpl +++ b/helmfile/apps/services/values-clamav-simple.gotmpl @@ -7,15 +7,15 @@ replicaCount: {{ .Values.replicas.clamav }} image: clamav: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.clamd.repository }}" - tag: "{{ .Values.images.clamd.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.clamd.repository | quote }} + tag: {{ .Values.images.clamd.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} icap: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.icap.repository }}" - tag: "{{ .Values.images.icap.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.icap.repository | quote }} + tag: {{ .Values.images.icap.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.clamd | toYaml | nindent 4 }} @@ -25,6 +25,6 @@ global: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} persistence: - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.clamav }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.clamav | quote }} ... diff --git a/helmfile/apps/services/values-istio-gateway.gotmpl b/helmfile/apps/services/values-istio-gateway.gotmpl index 0358656f..e1826580 100644 --- a/helmfile/apps/services/values-istio-gateway.gotmpl +++ b/helmfile/apps/services/values-istio-gateway.gotmpl @@ -4,9 +4,9 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.istio.domain }}" + domain: {{ .Values.istio.domain | quote }} hosts: - openxchange: "{{ .Values.global.hosts.openxchange }}" + openxchange: {{ .Values.global.hosts.openxchange | quote }} tls: secretName: "{{ .Values.istio.domain }}-tls" diff --git a/helmfile/apps/services/values-mariadb.gotmpl b/helmfile/apps/services/values-mariadb.gotmpl index 28188641..d9cd3f33 100644 --- a/helmfile/apps/services/values-mariadb.gotmpl +++ b/helmfile/apps/services/values-mariadb.gotmpl @@ -4,14 +4,14 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - registry: "{{ .Values.global.imageRegistry }}" + registry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - repository: "{{ .Values.images.mariadb.repository }}" - tag: "{{ .Values.images.mariadb.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.mariadb.repository | quote }} + tag: {{ .Values.images.mariadb.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} # Open-Xchange and XWiki require the permission to create database schemas, so they use the `root` account anyway. # Please refer to `databases.yaml` for details. @@ -35,8 +35,8 @@ mariadb: rootPassword: {{ .Values.secrets.mariadb.rootPassword | quote }} persistence: - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.mariadb }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.mariadb | quote }} resources: {{ .Values.resources.mariadb | toYaml | nindent 2 }} diff --git a/helmfile/apps/services/values-memcached.gotmpl b/helmfile/apps/services/values-memcached.gotmpl index 69668778..8ea26af3 100644 --- a/helmfile/apps/services/values-memcached.gotmpl +++ b/helmfile/apps/services/values-memcached.gotmpl @@ -4,15 +4,15 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - imageRegistry: "{{ .Values.global.imageRegistry }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.memcached.repository }}" - tag: "{{ .Values.images.memcached.tag }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.memcached.repository | quote }} + tag: {{ .Values.images.memcached.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} resources: {{ .Values.resources.memcached | toYaml | nindent 2 }} diff --git a/helmfile/apps/services/values-postfix.gotmpl b/helmfile/apps/services/values-postfix.gotmpl index 4757f12e..ff2b1391 100644 --- a/helmfile/apps/services/values-postfix.gotmpl +++ b/helmfile/apps/services/values-postfix.gotmpl @@ -4,28 +4,28 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - registry: {{ .Values.global.imageRegistry }} + registry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - registry: {{ .Values.global.imageRegistry }} - repository: "{{ .Values.images.postfix.repository }}" - tag: "{{ .Values.images.postfix.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.postfix.repository | quote }} + tag: {{ .Values.images.postfix.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} certificate: - secretName: "{{ .Values.ingress.tls.secretName }}" + secretName: {{ .Values.ingress.tls.secretName | quote }} postfix: - domain: "{{ .Values.global.domain }}" - virtualMailboxDomains: "{{ .Values.global.domain }}" + domain: {{ .Values.global.domain | quote }} + virtualMailboxDomains: {{ .Values.global.domain | quote }} overrides: - fileName: "sasl_passwd.map" content: - - "{{ .Values.smtp.host }} {{ .Values.smtp.username }}:{{ .Values.smtp.password }}" - relayHost: "[{{ .Values.smtp.host }}]:587" - relayNets: {{ .Values.cluster.networking.cidr }} + - {{ printf "%s %s:%s" .Values.smtp.host .Values.smtp.username .Values.smtp.password | quote }} + relayHost: {{ printf "[%s]:587" .Values.smtp.host | quote }} + relayNets: {{ .Values.cluster.networking.cidr | quote}} virtualTransport: "lmtps:dovecot:24" smtpdSASLPath: "inet:dovecot:3659" {{- if .Values.clamavDistributed.enabled }} @@ -35,8 +35,8 @@ postfix: {{- end }} persistence: - size: "{{ .Values.persistence.size.postfix }}" - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" + size: {{ .Values.persistence.size.postfix | quote }} + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote}} replicaCount: {{ .Values.replicas.postfix }} diff --git a/helmfile/apps/services/values-postgresql.gotmpl b/helmfile/apps/services/values-postgresql.gotmpl index 9a95c2b2..bee72cae 100644 --- a/helmfile/apps/services/values-postgresql.gotmpl +++ b/helmfile/apps/services/values-postgresql.gotmpl @@ -4,14 +4,14 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - registry: {{ .Values.global.imageRegistry }} + registry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - repository: "{{ .Values.images.postgresql.repository }}" - tag: "{{ .Values.images.postgresql.tag }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: {{ .Values.images.postgresql.repository | quote }} + tag: {{ .Values.images.postgresql.tag | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} job: users: @@ -39,8 +39,8 @@ job: user: "notificationsapi_user" persistence: - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.postgresql }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.postgresql | quote }} postgres: password: {{ .Values.secrets.postgresql.postgresUser | quote }} diff --git a/helmfile/apps/services/values-redis.gotmpl b/helmfile/apps/services/values-redis.gotmpl index f941795e..d7104197 100644 --- a/helmfile/apps/services/values-redis.gotmpl +++ b/helmfile/apps/services/values-redis.gotmpl @@ -7,20 +7,20 @@ auth: password: {{ .Values.secrets.redis.password | quote }} global: - imageRegistry: "{{ .Values.global.imageRegistry }}" + imageRegistry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.redis.repository }}" - tag: "{{ .Values.images.redis.tag }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.redis.repository | quote }} + tag: {{ .Values.images.redis.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} master: persistence: - size: "{{ .Values.persistence.size.redis }}" + size: {{ .Values.persistence.size.redis | quote }} resources: {{ .Values.resources.redis | toYaml | nindent 4 }} diff --git a/helmfile/apps/univention-corporate-container/values.gotmpl b/helmfile/apps/univention-corporate-container/values.gotmpl index 9eb5ba1d..8f9b1fdb 100644 --- a/helmfile/apps/univention-corporate-container/values.gotmpl +++ b/helmfile/apps/univention-corporate-container/values.gotmpl @@ -4,36 +4,36 @@ SPDX-License-Identifier: Apache-2.0 */}} --- global: - domain: "{{ .Values.global.domain }}" + domain: {{ .Values.global.domain | quote }} hosts: {{ .Values.global.hosts | toYaml | nindent 4 }} - registry: "{{ .Values.global.imageRegistry }}" + registry: {{ .Values.global.imageRegistry | quote }} imagePullSecrets: {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} image: - registry: "{{ .Values.global.imageRegistry }}" - imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" - repository: "{{ .Values.images.univentionCorporateServer.repository }}" - tag: "{{ .Values.images.univentionCorporateServer.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }} + repository: {{ .Values.images.univentionCorporateServer.repository | quote }} + tag: {{ .Values.images.univentionCorporateServer.tag | quote }} ingress: host: "{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}" enabled: {{ .Values.ingress.enabled }} - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: enabled: {{ .Values.ingress.tls.enabled }} - secretName: "{{ .Values.ingress.tls.secretName }}" + secretName: {{ .Values.ingress.tls.secretName | quote }} persistence: - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.univentionCorporateServer }}" + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.univentionCorporateServer | quote }} extraEnvVars: - name: ISTIO_DOMAIN - value: {{ .Values.istio.domain }} + value: {{ .Values.istio.domain | quote }} - name: CENTRALNAVIGATION_API_SECRET - value: {{ .Values.secrets.centralnavigation.apiKey }} + value: {{ .Values.secrets.centralnavigation.apiKey | quote }} - name: LDAPSEARCH_OX_USERNAME value: "ldapsearch_ox" - name: LDAPSEARCH_OX_PASSWORD diff --git a/helmfile/apps/univention-management-stack/values-common.gotmpl b/helmfile/apps/univention-management-stack/values-common.gotmpl index 27957046..3fba9b30 100644 --- a/helmfile/apps/univention-management-stack/values-common.gotmpl +++ b/helmfile/apps/univention-management-stack/values-common.gotmpl @@ -3,12 +3,12 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze SPDX-License-Identifier: Apache-2.0 */}} --- - ingress: enabled: {{ if eq .Values.ingress.ingressClassName "dedicated-haproxy-external" }}false{{ else }}{{ .Values.ingress.enabled }}{{ end }} host: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}" - ingressClassName: "{{ .Values.ingress.ingressClassName }}" + ingressClassName: {{ .Values.ingress.ingressClassName | quote }} tls: # The TLS configuration is on the "master" Ingress, see "portal-frontend" enabled: false secretName: "" +... diff --git a/helmfile/apps/univention-management-stack/values-ldap-notifier.gotmpl b/helmfile/apps/univention-management-stack/values-ldap-notifier.gotmpl index 5c1de60d..63c75f26 100644 --- a/helmfile/apps/univention-management-stack/values-ldap-notifier.gotmpl +++ b/helmfile/apps/univention-management-stack/values-ldap-notifier.gotmpl @@ -3,18 +3,16 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze SPDX-License-Identifier: Apache-2.0 */}} --- - image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsLdapNotifier.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsLdapNotifier.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsLdapNotifier.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsLdapNotifier.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: {{ .Values.resources.umsLdapNotifier | toYaml | nindent 2 }} - ... diff --git a/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl b/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl index a3976597..f55b8ea0 100644 --- a/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl +++ b/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl @@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0 */}} --- ldapServer: - ldapSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret }}" + ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} ldapBaseDn: "dc=swp-ldap,dc=internal" # TODO: Certificates handling @@ -19,13 +19,13 @@ ldapServer: serviceProviders: "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}/univention/saml/metadata" image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsLdapServer.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsLdapServer.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsLdapServer.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsLdapServer.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} waitForDependency: @@ -37,12 +37,11 @@ image: # TODO: Pending upstream support, #199 persistence: data: - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.univentionManagementStack.ldapServerData }}" + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.univentionManagementStack.ldapServerData | quote }} shared: - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.univentionManagementStack.ldapServerShared }}" - + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.univentionManagementStack.ldapServerShared | quote }} resources: {{ .Values.resources.umsLdapServer | toYaml | nindent 2 }} diff --git a/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl b/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl index 1c42571a..ede53cd3 100644 --- a/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl +++ b/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl @@ -14,13 +14,13 @@ postgresql: password: {{ .Values.secrets.postgresql.notificationsapiUser | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsNotificationsApi.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsNotificationsApi.tag }}" + registry: {{ .Values.global.imageRegistry }} + repository: {{ .Values.images.umsNotificationsApi.repository }} + pullPolicy: {{ .Values.global.imagePullPolicy }} + tag: {{ .Values.images.umsNotificationsApi.tag }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: diff --git a/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl b/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl index 5e1ce1f6..949dec03 100644 --- a/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl +++ b/helmfile/apps/univention-management-stack/values-portal-frontend.gotmpl @@ -3,15 +3,14 @@ SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG Ze SPDX-License-Identifier: Apache-2.0 */}} --- - image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsPortalFrontend.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsPortalFrontend.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsPortalFrontend.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsPortalFrontend.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} extraIngresses: @@ -24,9 +23,8 @@ extraIngresses: enabled: {{ if eq .Values.ingress.ingressClassName "dedicated-haproxy-external" }}false{{ else }}{{ .Values.ingress.enabled }}{{ end }} tls: enabled: {{ .Values.ingress.tls.enabled }} - secretName: "{{ .Values.ingress.tls.secretName }}" + secretName: {{ .Values.ingress.tls.secretName | quote }} resources: {{ .Values.resources.umsPortalFrontend | toYaml | nindent 2 }} - ... diff --git a/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl b/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl index 8222d148..693dac6c 100644 --- a/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl +++ b/helmfile/apps/univention-management-stack/values-portal-listener.gotmpl @@ -15,8 +15,8 @@ portalListener: ldapBaseDn: "dc=swp-ldap,dc=internal" ldapHost: "{{ .Values.global.ldap.host }}" ldapHostDn: "cn=admin,dc=swp-ldap,dc=internal" - ldapSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret }}" - machineSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret }}" + ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} + machineSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} notifierServer: "ums-ldap-notifier" portalDefaultDn: "cn=domain,cn=portal,cn=portals,cn=univention,dc=swp-ldap,dc=internal" udmApiUrl: "http://ums-udm-rest-api/udm/" @@ -25,30 +25,29 @@ portalListener: tlsMode: "off" image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsPortalListener.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsPortalListener.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsPortalListener.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsPortalListener.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} waitForDependency: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsWaitForDependency.repository }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsWaitForDependency.repository | quote }} imagePullPolicy: "Always" - tag: "{{ .Values.images.umsWaitForDependency.tag }}" + tag: {{ .Values.images.umsWaitForDependency.tag | quote }} # TODO: Pending upstream support, #200 persistence: - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.univentionManagementStack.portalListener }}" + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.univentionManagementStack.portalListener | quote }} resources: {{ .Values.resources.umsPortalListener | toYaml | nindent 2 }} resourcesDependencyWaiter: {{ .Values.resources.umsPortalListenerDependencies | toYaml | nindent 2 }} - ... diff --git a/helmfile/apps/univention-management-stack/values-portal-server.gotmpl b/helmfile/apps/univention-management-stack/values-portal-server.gotmpl index b5e39036..7b8ee2d9 100644 --- a/helmfile/apps/univention-management-stack/values-portal-server.gotmpl +++ b/helmfile/apps/univention-management-stack/values-portal-server.gotmpl @@ -14,13 +14,13 @@ portalServer: umcSessionUrl: "http://ums-umc-server/get/session-info" image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsPortalServer.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsPortalServer.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsPortalServer.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsPortalServer.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: diff --git a/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl b/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl index 6c05c6c5..ea89e518 100644 --- a/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl +++ b/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl @@ -31,13 +31,13 @@ stackDataContext: oxDefaultContext: "10" image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsDataLoader.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsDataLoader.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsDataLoader.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsDataLoader.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: diff --git a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl index 42b59547..c02e327f 100644 --- a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl +++ b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl @@ -31,13 +31,13 @@ stackDataContext: installUmcPolicies: false image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsDataLoader.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsDataLoader.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsDataLoader.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsDataLoader.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: diff --git a/helmfile/apps/univention-management-stack/values-store-dav.gotmpl b/helmfile/apps/univention-management-stack/values-store-dav.gotmpl index 91d7c240..cbb649a8 100644 --- a/helmfile/apps/univention-management-stack/values-store-dav.gotmpl +++ b/helmfile/apps/univention-management-stack/values-store-dav.gotmpl @@ -6,33 +6,33 @@ SPDX-License-Identifier: Apache-2.0 storeDav: auth: basicAuth: - portal-listener: "{{ .Values.secrets.univentionManagementStack.storeDavUsers.portalListener }}" - portal-server: "{{ .Values.secrets.univentionManagementStack.storeDavUsers.portalServer }}" + portal-listener: {{ .Values.secrets.univentionManagementStack.storeDavUsers.portalListener | quote }} + portal-server: {{ .Values.secrets.univentionManagementStack.storeDavUsers.portalServer | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsStoreDav.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsStoreDav.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsStoreDav.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsStoreDav.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} configHtpasswd: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsConfigHtpasswd.repository }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsConfigHtpasswd.repository | quote }} pullPolicy: "Always" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsConfigHtpasswd.tag }}" + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsConfigHtpasswd.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} # TODO: Pending upstream support, #201 persistence: - storageClassName: "{{ .Values.persistence.storageClassNames.RWO }}" - size: "{{ .Values.persistence.size.univentionManagementStack.storeDav }}" + storageClassName: {{ .Values.persistence.storageClassNames.RWO | quote }} + size: {{ .Values.persistence.size.univentionManagementStack.storeDav | quote }} resources: {{ .Values.resources.umsStoreDav | toYaml | nindent 2 }} diff --git a/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl b/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl index eaa6d98b..523559d4 100644 --- a/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl +++ b/helmfile/apps/univention-management-stack/values-udm-rest-api.gotmpl @@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0 --- udmRestApi: # TODO: Secret should be entered without b64enc - ldapSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc }}" + ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc | quote }} # TODO: Secret should be entered without b64enc machineSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc }}" # TODO: Stub value currently @@ -15,16 +15,15 @@ udmRestApi: enabled: true image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsUdmRestApi.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsUdmRestApi.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsUdmRestApi.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsUdmRestApi.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: {{ .Values.resources.umsUdmRestApi | toYaml | nindent 2 }} - ... diff --git a/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl b/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl index 22a44cec..4cd2fb82 100644 --- a/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl +++ b/helmfile/apps/univention-management-stack/values-umc-gateway.gotmpl @@ -17,13 +17,13 @@ extraVolumeMounts: subPath: "90-swp.sh" image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsUmcGateway.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsUmcGateway.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsUmcGateway.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsUmcGateway.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: diff --git a/helmfile/apps/univention-management-stack/values-umc-server.gotmpl b/helmfile/apps/univention-management-stack/values-umc-server.gotmpl index b002c6ab..e12fedca 100644 --- a/helmfile/apps/univention-management-stack/values-umc-server.gotmpl +++ b/helmfile/apps/univention-management-stack/values-umc-server.gotmpl @@ -5,18 +5,18 @@ SPDX-License-Identifier: Apache-2.0 --- umcServer: # TODO: Secret should be entered without b64enc - ldapSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc }}" + ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc | quote }} # TODO: Secret should be entered without b64enc - machineSecret: "{{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc }}" + machineSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | b64enc | quote }} image: - registry: "{{ .Values.global.imageRegistry }}" - repository: "{{ .Values.images.umsUmcServer.repository }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" - tag: "{{ .Values.images.umsUmcServer.tag }}" + registry: {{ .Values.global.imageRegistry | quote }} + repository: {{ .Values.images.umsUmcServer.repository | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} + tag: {{ .Values.images.umsUmcServer.tag | quote }} pullSecrets: {{- range .Values.global.imagePullSecrets }} - - name: {{ . }} + - name: {{ . | quote }} {{- end }} resources: diff --git a/helmfile/apps/xwiki/values.gotmpl b/helmfile/apps/xwiki/values.gotmpl index bbf4c53d..b893fa82 100644 --- a/helmfile/apps/xwiki/values.gotmpl +++ b/helmfile/apps/xwiki/values.gotmpl @@ -5,24 +5,24 @@ SPDX-License-Identifier: Apache-2.0 --- image: name: "{{ .Values.global.imageRegistry }}/{{ .Values.images.xwiki.repository }}" - tag: "{{ .Values.images.xwiki.tag }}" - pullPolicy: "{{ .Values.global.imagePullPolicy }}" + tag: {{ .Values.images.xwiki.tag | quote }} + pullPolicy: {{ .Values.global.imagePullPolicy | quote }} externalDB: password: {{ .Values.databases.xwiki.password | default .Values.secrets.mariadb.rootPassword | quote }} - database: "{{ .Values.databases.xwiki.name }}" - user: "{{ .Values.databases.xwiki.username }}" - host: "{{ .Values.databases.xwiki.host }}" + database: {{ .Values.databases.xwiki.name | quote }} + user: {{ .Values.databases.xwiki.username | quote }} + host: {{ .Values.databases.xwiki.host | quote }} customConfigs: "xwiki.cfg": - "xwiki.superadminpassword": "{{ .Values.secrets.xwiki.superadminpassword }}" + "xwiki.superadminpassword": {{ .Values.secrets.xwiki.superadminpassword | quote }} ## LDAP Server configuration - xwiki.authentication.ldap.server: "{{ .Values.global.ldap.host }}" + xwiki.authentication.ldap.server: {{ .Values.global.ldap.host | quote }} xwiki.authentication.ldap.port: 389 ## Authentication to the LDAP server xwiki.authentication.ldap.bind_DN: "uid=ldapsearch_xwiki,cn=users,dc=swp-ldap,dc=internal" - xwiki.authentication.ldap.bind_pass: "{{ .Values.secrets.univentionCorporateServer.ldapSearch.xwiki }}" + xwiki.authentication.ldap.bind_pass: {{ .Values.secrets.univentionCorporateServer.ldapSearch.xwiki | quote }} ## Base DN used for searching for users xwiki.authentication.ldap.base_DN: "dc=swp-ldap,dc=internal" @@ -31,24 +31,24 @@ customConfigs: "oidc.endpoint.token": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/token" "oidc.endpoint.userinfo": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/userinfo" "oidc.endpoint.logout": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/logout" - "oidc.secret": {{ .Values.secrets.keycloak.clientSecret.xwiki }} + "oidc.secret": {{ .Values.secrets.keycloak.clientSecret.xwiki | quote }} "url.trustedDomains": "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}" "workplaceServices.navigationEndpoint": "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}/univention/portal/navigation.json" "workplaceServices.base": "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}" - "workplaceServices.portalSecret": "{{ .Values.secrets.centralnavigation.apiKey }}" + "workplaceServices.portalSecret": {{ .Values.secrets.centralnavigation.apiKey | quote }} properties: "attachment:xwiki:FlamingoThemes.Iceberg@logo.svg": "data:image/svg+xml;base64,{{ .Values.theme.imagery.logoHeaderSvg | b64enc }}" - "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.brand-primary": "{{ .Values.theme.colors.primary }}" - "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-bg": "{{ .Values.theme.colors.white }}" - "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-link-hover-bg": "{{ .Values.theme.colors.secondaryGreyLight }}" + "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.brand-primary": {{ .Values.theme.colors.primary | quote }} + "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-bg": {{ .Values.theme.colors.white | quote }} + "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-link-hover-bg": {{ .Values.theme.colors.secondaryGreyLight | quote }} ## Link LDAP users and users authenticated through OIDC "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.addOIDCObject": 1 "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.OIDCIssuer": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap" ingress: enabled: {{ .Values.ingress.enabled }} - className: "{{ .Values.ingress.ingressClassName }}" + className: {{ .Values.ingress.ingressClassName | quote }} annotations: haproxy-ingress.github.io/headers: "X-Forwarded-Host {{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}" hosts: @@ -57,13 +57,13 @@ ingress: - path: / pathType: "ImplementationSpecific" tls: - - secretName: "{{ .Values.ingress.tls.secretName }}" + - secretName: {{ .Values.ingress.tls.secretName | quote }} hosts: - "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}" persistence: - size: "{{ .Values.persistence.size.xwiki }}" - storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" + size: {{ .Values.persistence.size.xwiki | quote }} + storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }} replicaCount: {{ .Values.replicas.xwiki }} diff --git a/helmfile/environments/default/global.gotmpl b/helmfile/environments/default/global.gotmpl index a13f3397..cc1ce4b6 100644 --- a/helmfile/environments/default/global.gotmpl +++ b/helmfile/environments/default/global.gotmpl @@ -9,7 +9,7 @@ global: ## Define host # - domain: {{ env "DOMAIN" | default "souvap.cloud" }} + domain: {{ env "DOMAIN" | default "souvap.cloud" | quote }} ## Define LDAP service (supports "ums_eval" from the CI pipeline) @@ -19,6 +19,5 @@ global: ## Define docker registry address. # - imageRegistry: {{ env "PRIVATE_IMAGE_REGISTRY_URL" | default "external-registry.souvap-univention.de/sovereign-workplace" }} - + imageRegistry: {{ env "PRIVATE_IMAGE_REGISTRY_URL" | default "external-registry.souvap-univention.de/sovereign-workplace" | quote }} ... diff --git a/helmfile/environments/default/images.yaml b/helmfile/environments/default/images.yaml index 191da30a..fd522c19 100644 --- a/helmfile/environments/default/images.yaml +++ b/helmfile/environments/default/images.yaml @@ -26,6 +26,14 @@ images: repository: "clamav/clamav" tag: "1.1.1-10_base@sha256:aed8d5a3ef58352c862028fae44241215a50eae0b9acb7ba8892b1edc0a6598f" # @supplier: "openDesk DevSecOps" + icap: + repository: "souvap/tooling/images/c-icap" + tag: "0.5.10@sha256:cd665e77a42460bb1e6df4282bc1d8737be241fc9f4143d43509e31de3a7993d" + # @supplier: "openDesk DevSecOps" + intercom: + repository: "univention/intercom-service" + tag: "1.4-kubernetes@sha256:e4fa2e0df49595bf9ba5bf73e36a50e8f1b44334a1a326a43488b8f9c8bbcb9c" + # @supplier: "Univention" jibri: repository: "jitsi/jibri" tag: "stable-8922@sha256:87aa176b44b745b13769f13b8e2d22ddd6f6ba624244d5354c8dd3664787e936" @@ -50,14 +58,6 @@ images: repository: "jitsi/jvb" tag: "stable-8922@sha256:75dd613807e19cbbd440d071b60609fa9e4ee50a1396b14deb0ed779d882a554" # @supplier: "Nordeck" - icap: - repository: "souvap/tooling/images/c-icap" - tag: "0.5.10@sha256:cd665e77a42460bb1e6df4282bc1d8737be241fc9f4143d43509e31de3a7993d" - # @supplier: "openDesk DevSecOps" - intercom: - repository: "univention/intercom-service" - tag: "1.4-kubernetes@sha256:e4fa2e0df49595bf9ba5bf73e36a50e8f1b44334a1a326a43488b8f9c8bbcb9c" - # @supplier: "Univention" keycloak: repository: "bitnami/keycloak" tag: "19.0.3-debian-11-r22@sha256:4ac04104d20d4861ecca24ff2d07d71b34a98ee1148c6e6b6e7969a6b2ad085e" diff --git a/helmfile/environments/default/istio.gotmpl b/helmfile/environments/default/istio.gotmpl index 2ddbbe6a..2232fdcf 100644 --- a/helmfile/environments/default/istio.gotmpl +++ b/helmfile/environments/default/istio.gotmpl @@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0 --- istio: enabled: true - domain: {{ env "ISTIO_DOMAIN" | default "souvap.cloud" }} + domain: {{ env "ISTIO_DOMAIN" | default "souvap.cloud" | quote }} virtualService: enabled: false gateway: diff --git a/helmfile/environments/default/secrets.gotmpl b/helmfile/environments/default/secrets.gotmpl index 8262b1c1..2475936a 100644 --- a/helmfile/environments/default/secrets.gotmpl +++ b/helmfile/environments/default/secrets.gotmpl @@ -5,84 +5,84 @@ SPDX-License-Identifier: Apache-2.0 --- secrets: oxAppsuite: - adminPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "admin_password" | sha1sum) }} - cookieHashSalt: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "cookie_hash_salt" | sha1sum) }} - sessiondEncryptionKey: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "sessiond_encryptionkey" | sha1sum) }} - shareCryptKey: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "share_cryptkey" | sha1sum) }} + adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "admin_password" | sha1sum | quote }} + cookieHashSalt: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "cookie_hash_salt" | sha1sum | quote }} + sessiondEncryptionKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "sessiond_encryptionkey" | sha1sum | quote }} + shareCryptKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "share_cryptkey" | sha1sum | quote }} oxguardMC: {{ printf "MC%s" (randAlphaNum 20 | b64enc) | quote }} oxguardRC: {{ printf "RC%s" (randAlphaNum 20 | b64enc) | quote }} univentionCorporateServer: - authSecret: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "auth_secret" | sha1sum) }} + authSecret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "auth_secret" | sha1sum | quote }} defaultAccounts: - userPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "default_accounts_user_password" | sha1sum) }} - adminPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "default_accounts_user_admin" | sha1sum) }} + userPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "default_accounts_user_password" | sha1sum | quote }} + adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "default_accounts_user_admin" | sha1sum | quote }} ldapSearch: - keycloak: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_keycloak" | sha1sum) }} - nextcloud: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_nextcloud" | sha1sum) }} - dovecot: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_dovecot" | sha1sum) }} - ox: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_ox" | sha1sum) }} - openproject: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_openproject" | sha1sum) }} - xwiki: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_xwiki" | sha1sum) }} + keycloak: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_keycloak" | sha1sum | quote }} + nextcloud: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_nextcloud" | sha1sum | quote }} + dovecot: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_dovecot" | sha1sum | quote }} + ox: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_ox" | sha1sum | quote }} + openproject: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_openproject" | sha1sum | quote }} + xwiki: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ucs" "ldapsearch_xwiki" | sha1sum | quote }} univentionManagementStack: - ldapSecret: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "ldap" | sha1sum) }} + ldapSecret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "ldap" | sha1sum | quote }} defaultAccounts: - administratorPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "Administrator" "ums" | sha1sum) }} + administratorPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "Administrator" "ums" | sha1sum | quote }} storeDavUsers: - portalServer: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum) }} - portalListener: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum) }} + portalServer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum | quote }} + portalListener: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum | quote }} postgresql: - postgresUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "postgres_user" | sha1sum) }} - keycloakUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_user" | sha1sum) }} - keycloakExtensionUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_extensions_user" | sha1sum) }} - matrixUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "matrix_user" | sha1sum) }} - openprojectUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "openproject_user" | sha1sum) }} - notificationsapiUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "notificationsapi_user" | sha1sum) }} + postgresUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "postgres_user" | sha1sum | quote }} + keycloakUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_user" | sha1sum | quote }} + keycloakExtensionUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_extensions_user" | sha1sum | quote }} + matrixUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "matrix_user" | sha1sum | quote }} + openprojectUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "openproject_user" | sha1sum | quote }} + notificationsapiUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "notificationsapi_user" | sha1sum | quote }} mariadb: - rootPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "root_password" | sha1sum) }} - xwikiUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "xwiki_user" | sha1sum) }} - openxchangeUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "openxchange_user" | sha1sum) }} - nextcloudUser: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "nextcloud_user" | sha1sum) }} + rootPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "root_password" | sha1sum | quote }} + xwikiUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "xwiki_user" | sha1sum | quote }} + openxchangeUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "openxchange_user" | sha1sum | quote }} + nextcloudUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "nextcloud_user" | sha1sum | quote }} keycloak: - adminPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "adminPassword" | sha1sum) }} + adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "adminPassword" | sha1sum | quote }} clientSecret: - intercom: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "intercom_client_secret" | sha1sum) }} - matrix: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "matrix_client_secret" | sha1sum) }} - jitsi: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "jitsi_plain_client_secret" | sha1sum) }} - ncoidc: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "ncoidc_client_secret" | sha1sum) }} - openproject: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "openproject_client_secret" | sha1sum) }} - xwiki: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "xwiki_client_secret" | sha1sum) }} - as8oidc: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "as8oidc_client_secret" | sha1sum) }} + intercom: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "intercom_client_secret" | sha1sum | quote }} + matrix: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "matrix_client_secret" | sha1sum | quote }} + jitsi: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "jitsi_plain_client_secret" | sha1sum | quote }} + ncoidc: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "ncoidc_client_secret" | sha1sum | quote }} + openproject: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "openproject_client_secret" | sha1sum | quote }} + xwiki: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "xwiki_client_secret" | sha1sum | quote }} + as8oidc: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "keycloak" "as8oidc_client_secret" | sha1sum | quote }} nextcloud: - adminPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nextcloud" "nextcloud_admin_user" | sha1sum) }} - metricsToken: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nextcloud" "metricsToken" | sha1sum) }} + adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nextcloud" "nextcloud_admin_user" | sha1sum | quote }} + metricsToken: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nextcloud" "metricsToken" | sha1sum | quote }} openproject: - adminPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "openproject" "openproject_admin_user" | sha1sum) }} + adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "openproject" "openproject_admin_user" | sha1sum | quote }} collabora: - adminPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "collabora" "collabora_admin_user" | sha1sum) }} + adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "collabora" "collabora_admin_user" | sha1sum | quote }} jitsi: - jwtAppSecret: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jwtAppSecret" | sha1sum) }} - jibriRecorderPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jibriRecorderPassword" | sha1sum) }} - jibriXmppPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jibriXmppPassword" | sha1sum) }} - jicofoAuthPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jicofoAuthPassword" | sha1sum) }} - jicofoComponentPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jicofoComponentPassword" | sha1sum) }} - jvbAuthPassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jvbAuthPassword" | sha1sum) }} + jwtAppSecret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jwtAppSecret" | sha1sum | quote }} + jibriRecorderPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jibriRecorderPassword" | sha1sum | quote }} + jibriXmppPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jibriXmppPassword" | sha1sum | quote }} + jicofoAuthPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jicofoAuthPassword" | sha1sum | quote }} + jicofoComponentPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jicofoComponentPassword" | sha1sum | quote }} + jvbAuthPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "jistiStandalone" "jvbAuthPassword" | sha1sum | quote }} etherpad: - apiKey: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "etherpad" "apiKey" | sha1sum) }} + apiKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "etherpad" "apiKey" | sha1sum | quote }} whiteboard: - apiKey: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "etherpad" "apiKey" | sha1sum) }} + apiKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "etherpad" "apiKey" | sha1sum | quote }} centralnavigation: - apiKey: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "centralnavigation" "api_key" | sha1sum) }} + apiKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "centralnavigation" "api_key" | sha1sum | quote }} redis: - password: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "redis" "password" | sha1sum) }} + password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "redis" "password" | sha1sum | quote }} dovecot: - doveadm: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "dovecot" "doveadm" | sha1sum) }} + doveadm: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "dovecot" "doveadm" | sha1sum | quote }} xwiki: - superadminpassword: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "xwiki" "superadminpassword" | sha1sum) }} + superadminpassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "xwiki" "superadminpassword" | sha1sum | quote }} intercom: - secret: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "intercom" "secret" | sha1sum) }} - synapseAsToken: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "intercom" "as_token" | sha1sum) }} + secret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "intercom" "secret" | sha1sum | quote }} + synapseAsToken: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "intercom" "as_token" | sha1sum | quote }} matrixNeoDateFixBot: - password: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "matrix-neodatefix-bot" "password" | sha1sum) }} + password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "matrix-neodatefix-bot" "password" | sha1sum | quote }} matrixUserVerificationService: - password: {{ (derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "matrix-user-verification-service" "password" | sha1sum) }} + password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "matrix-user-verification-service" "password" | sha1sum | quote }} ... diff --git a/helmfile/environments/default/smtp.gotmpl b/helmfile/environments/default/smtp.gotmpl index c0b195e2..0484d51c 100644 --- a/helmfile/environments/default/smtp.gotmpl +++ b/helmfile/environments/default/smtp.gotmpl @@ -7,5 +7,5 @@ smtp: host: "" port: 587 username: "" - password: "{{ env "SMTP_PASSWORD" }}" + password: {{ env "SMTP_PASSWORD" | quote }} ... diff --git a/helmfile/environments/default/turn.gotmpl b/helmfile/environments/default/turn.gotmpl index bf514d6f..10feb551 100644 --- a/helmfile/environments/default/turn.gotmpl +++ b/helmfile/environments/default/turn.gotmpl @@ -5,12 +5,11 @@ SPDX-License-Identifier: Apache-2.0 --- turn: transport: "udp" - credentials: "{{ env "TURN_CREDENTIALS" }}" + credentials: {{ env "TURN_CREDENTIALS" | quote }} server: host: "" port: "3478" tls: host: "" port: "5349" - ...