mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-06 07:21:36 +01:00
fix(helmfile): Unify templating name for Open-Xchange to openxchange and for OX App Suite to oxAppSuite.
This commit is contained in:
Thorsten Roßner
@@ -27,28 +27,28 @@ openDesk consists of a variety of open-source projects. Here is a list with the
|
||||
Components of type `Eval` are used for development and evaluation purposes only,
|
||||
they need to be replaced in production deployments.
|
||||
|
||||
| Component | Description | Type |
|
||||
|-----------------------------|--------------------------------|------------|
|
||||
| Certificates | TLS certificates | Eval |
|
||||
| ClamAV (Distributed) | Antivirus engine | Eval |
|
||||
| ClamAV (Simple) | Antivirus engine | Eval |
|
||||
| Collabora | Weboffice | Functional |
|
||||
| CryptPad | Weboffice | Functional |
|
||||
| dkimpy-milter | DKIM milter for Postfix | Eval |
|
||||
| Element | Secure communications platform | Functional |
|
||||
| Jitsi | Videoconferencing | Functional |
|
||||
| MariaDB | Database | Eval |
|
||||
| Memcached | Cache Database | Eval |
|
||||
| MinIO | Object Storage | Eval |
|
||||
| Nextcloud | File share | Functional |
|
||||
| Nubus (UMS) | Identity Management & Portal | Functional |
|
||||
| OpenProject | Project management | Functional |
|
||||
| OX Appsuite | Groupware | Functional |
|
||||
| OX Dovecot | Mail backend (IMAP) | Functional |
|
||||
| Postfix | MTA | Eval |
|
||||
| PostgreSQL | Database | Eval |
|
||||
| Redis | Cache Database | Eval |
|
||||
| XWiki | Knowledge Management | Functional |
|
||||
| Component | Description | Type |
|
||||
| -------------------- | ------------------------------ | ---------- |
|
||||
| Certificates | TLS certificates | Eval |
|
||||
| ClamAV (Distributed) | Antivirus engine | Eval |
|
||||
| ClamAV (Simple) | Antivirus engine | Eval |
|
||||
| Collabora | Weboffice | Functional |
|
||||
| CryptPad | Weboffice | Functional |
|
||||
| dkimpy-milter | DKIM milter for Postfix | Eval |
|
||||
| Element | Secure communications platform | Functional |
|
||||
| Jitsi | Videoconferencing | Functional |
|
||||
| MariaDB | Database | Eval |
|
||||
| Memcached | Cache Database | Eval |
|
||||
| MinIO | Object Storage | Eval |
|
||||
| Nextcloud | File share | Functional |
|
||||
| Nubus (UMS) | Identity Management & Portal | Functional |
|
||||
| OpenProject | Project management | Functional |
|
||||
| OX App Suite | Groupware | Functional |
|
||||
| OX Dovecot | Mail backend (IMAP) | Functional |
|
||||
| Postfix | MTA | Eval |
|
||||
| PostgreSQL | Database | Eval |
|
||||
| Redis | Cache Database | Eval |
|
||||
| XWiki | Knowledge Management | Functional |
|
||||
|
||||
# Component integration
|
||||
|
||||
|
||||
@@ -6,7 +6,6 @@ SPDX-License-Identifier: Apache-2.0
|
||||
<h1>Migration from M365 with audriga migration service and master authentication</h1>
|
||||
|
||||
<!-- TOC -->
|
||||
* [Context](#context)
|
||||
* [Prerequisites](#prerequisites)
|
||||
* [Prepare M365 tenant for access](#prepare-m365-tenant-for-access)
|
||||
* [Provisioning user accounts in openDesk](#provisioning-user-accounts-in-opendesk)
|
||||
@@ -75,18 +74,18 @@ With openDesk 1.0 Enterprise, you can set openDesk's email components (OX AppSui
|
||||
|
||||
```
|
||||
secrets:
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
adminPassword: "your_temporary_master_password"
|
||||
functional:
|
||||
migration:
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
1. You must specify the master password referenced in the document's following sections.
|
||||
2. You need to enable the actual master authentication mode.
|
||||
|
||||
Updating your deployment with these settings will allow you to continue with the migration scenario. Once the migration is completed, you can remove `secrets.oxAppsuite.adminPassword` and need to turn off the migration mode by setting `functional.migration.oxAppsuite.enabled` to `false` or removing that setting, as `false` is the default before you update your deployment once again.
|
||||
Updating your deployment with these settings will allow you to continue with the migration scenario. Once the migration is completed, you can remove `secrets.oxAppSuite.adminPassword` and need to turn off the migration mode by setting `functional.migration.oxAppSuite.enabled` to `false` or removing that setting, as `false` is the default before you update your deployment once again.
|
||||
|
||||
> **Note**<br>
|
||||
> For the changes to take effect, it is sufficient to deploy the `open-xchange` component.
|
||||
|
||||
@@ -18,59 +18,59 @@ This document will cover the additional configuration for external services like
|
||||
When deploying this suite to production, you need to configure the applications to use your production-grade database
|
||||
service.
|
||||
|
||||
| Component | Name | Type | Parameter | Key | Default |
|
||||
|-------------|--------------------|------------|-----------|------------------------------------------|----------------------------|
|
||||
| Element | Synapse | PostgreSQL | | | |
|
||||
| | | | Name | `databases.synapse.name` | `matrix` |
|
||||
| | | | Host | `databases.synapse.host` | `postgresql` |
|
||||
| | | | Port | `databases.synapse.port` | `5432` |
|
||||
| | | | Username | `databases.synapse.username` | `matrix_user` |
|
||||
| | | | Password | `databases.synapse.password` | |
|
||||
| Keycloak | Keycloak | PostgreSQL | | | |
|
||||
| | | | Name | `databases.keycloak.name` | `keycloak` |
|
||||
| | | | Host | `databases.keycloak.host` | `postgresql` |
|
||||
| | | | Port | `databases.keycloak.port` | `5432` |
|
||||
| | | | Username | `databases.keycloak.username` | `keycloak_user` |
|
||||
| | | | Password | `databases.keycloak.password` | |
|
||||
| | Keycloak Extension | PostgreSQL | | | |
|
||||
| | | | Name | `databases.keycloakExtension.name` | `keycloak_extensions` |
|
||||
| | | | Host | `databases.keycloakExtension.host` | `postgresql` |
|
||||
| | | | Port | `databases.keycloakExtension.port` | `5432` |
|
||||
| | | | Username | `databases.keycloakExtension.username` | `keycloak_extensions_user` |
|
||||
| | | | Password | `databases.keycloakExtension.password` | |
|
||||
| UMS | Notifications API | PostgreSQL | | | |
|
||||
| | | | Name | `databases.umsNotificationsApi.name` | `notificationsapi` |
|
||||
| | | | Host | `databases.umsNotificationsApi.host` | `postgresql` |
|
||||
| | | | Port | `databases.umsNotificationsApi.port` | `5432` |
|
||||
| | | | Username | `databases.umsNotificationsApi.username` | `notificationsapi_user` |
|
||||
| | | | Password | `databases.umsNotificationsApi.password` | |
|
||||
| | Self Service | PostgreSQL | | | |
|
||||
| | | | Name | `databases.umsSelfservice.name` | `selfservice` |
|
||||
| | | | Host | `databases.umsSelfservice.host` | `postgresql` |
|
||||
| | | | Port | `databases.umsSelfservice.port` | `5432` |
|
||||
| | | | Username | `databases.umsSelfservice.username` | `selfservice_user` |
|
||||
| | | | Password | `databases.umsSelfservice.password` | |
|
||||
| Nextcloud | Nextcloud | MariaDB | | | |
|
||||
| | | | Name | `databases.nextcloud.name` | `nextcloud` |
|
||||
| | | | Host | `databases.nextcloud.host` | `mariadb` |
|
||||
| | | | Username | `databases.nextcloud.username` | `nextcloud_user` |
|
||||
| | | | Password | `databases.nextcloud.password` | |
|
||||
| OpenProject | OpenProject | PostgreSQL | | | |
|
||||
| | | | Name | `databases.openproject.name` | `openproject` |
|
||||
| | | | Host | `databases.openproject.host` | `postgresql` |
|
||||
| | | | Port | `databases.openproject.port` | `5432` |
|
||||
| | | | Username | `databases.openproject.username` | `openproject_user` |
|
||||
| | | | Password | `databases.openproject.password` | |
|
||||
| OX Appsuite | OX Appsuite | MariaDB | | | |
|
||||
| | | | Name | `databases.oxAppsuite.name` | `CONFIGDB` |
|
||||
| | | | Host | `databases.oxAppsuite.host` | `mariadb` |
|
||||
| | | | Username | `databases.oxAppsuite.username` | `root` |
|
||||
| | | | Password | `databases.oxAppsuite.password` | |
|
||||
| XWiki | XWiki | MariaDB | | | |
|
||||
| | | | Name | `databases.xwiki.name` | `xwiki` |
|
||||
| | | | Host | `databases.xwiki.host` | `mariadb` |
|
||||
| | | | Username | `databases.xwiki.username` | `xwiki_user` |
|
||||
| | | | Password | `databases.xwiki.password` | |
|
||||
| Component | Name | Type | Parameter | Key | Default |
|
||||
| ------------ | ------------------ | ---------- | --------- | ---------------------------------------- | -------------------------- |
|
||||
| Element | Synapse | PostgreSQL | | | |
|
||||
| | | | Name | `databases.synapse.name` | `matrix` |
|
||||
| | | | Host | `databases.synapse.host` | `postgresql` |
|
||||
| | | | Port | `databases.synapse.port` | `5432` |
|
||||
| | | | Username | `databases.synapse.username` | `matrix_user` |
|
||||
| | | | Password | `databases.synapse.password` | |
|
||||
| Keycloak | Keycloak | PostgreSQL | | | |
|
||||
| | | | Name | `databases.keycloak.name` | `keycloak` |
|
||||
| | | | Host | `databases.keycloak.host` | `postgresql` |
|
||||
| | | | Port | `databases.keycloak.port` | `5432` |
|
||||
| | | | Username | `databases.keycloak.username` | `keycloak_user` |
|
||||
| | | | Password | `databases.keycloak.password` | |
|
||||
| | Keycloak Extension | PostgreSQL | | | |
|
||||
| | | | Name | `databases.keycloakExtension.name` | `keycloak_extensions` |
|
||||
| | | | Host | `databases.keycloakExtension.host` | `postgresql` |
|
||||
| | | | Port | `databases.keycloakExtension.port` | `5432` |
|
||||
| | | | Username | `databases.keycloakExtension.username` | `keycloak_extensions_user` |
|
||||
| | | | Password | `databases.keycloakExtension.password` | |
|
||||
| UMS | Notifications API | PostgreSQL | | | |
|
||||
| | | | Name | `databases.umsNotificationsApi.name` | `notificationsapi` |
|
||||
| | | | Host | `databases.umsNotificationsApi.host` | `postgresql` |
|
||||
| | | | Port | `databases.umsNotificationsApi.port` | `5432` |
|
||||
| | | | Username | `databases.umsNotificationsApi.username` | `notificationsapi_user` |
|
||||
| | | | Password | `databases.umsNotificationsApi.password` | |
|
||||
| | Self Service | PostgreSQL | | | |
|
||||
| | | | Name | `databases.umsSelfservice.name` | `selfservice` |
|
||||
| | | | Host | `databases.umsSelfservice.host` | `postgresql` |
|
||||
| | | | Port | `databases.umsSelfservice.port` | `5432` |
|
||||
| | | | Username | `databases.umsSelfservice.username` | `selfservice_user` |
|
||||
| | | | Password | `databases.umsSelfservice.password` | |
|
||||
| Nextcloud | Nextcloud | MariaDB | | | |
|
||||
| | | | Name | `databases.nextcloud.name` | `nextcloud` |
|
||||
| | | | Host | `databases.nextcloud.host` | `mariadb` |
|
||||
| | | | Username | `databases.nextcloud.username` | `nextcloud_user` |
|
||||
| | | | Password | `databases.nextcloud.password` | |
|
||||
| OpenProject | OpenProject | PostgreSQL | | | |
|
||||
| | | | Name | `databases.openproject.name` | `openproject` |
|
||||
| | | | Host | `databases.openproject.host` | `postgresql` |
|
||||
| | | | Port | `databases.openproject.port` | `5432` |
|
||||
| | | | Username | `databases.openproject.username` | `openproject_user` |
|
||||
| | | | Password | `databases.openproject.password` | |
|
||||
| OX App Suite | OX App Suite | MariaDB | | | |
|
||||
| | | | Name | `databases.oxAppSuite.name` | `CONFIGDB` |
|
||||
| | | | Host | `databases.oxAppSuite.host` | `mariadb` |
|
||||
| | | | Username | `databases.oxAppSuite.username` | `root` |
|
||||
| | | | Password | `databases.oxAppSuite.password` | |
|
||||
| XWiki | XWiki | MariaDB | | | |
|
||||
| | | | Name | `databases.xwiki.name` | `xwiki` |
|
||||
| | | | Host | `databases.xwiki.host` | `mariadb` |
|
||||
| | | | Username | `databases.xwiki.username` | `xwiki_user` |
|
||||
| | | | Password | `databases.xwiki.password` | |
|
||||
|
||||
# Object storage
|
||||
|
||||
|
||||
@@ -100,7 +100,7 @@ export DOMAIN=domain.tld
|
||||
All available apps and their default value are in `helmfile/environments/default/opendesk_main.gotmpl`.
|
||||
|
||||
| Component | Name | Default | Description |
|
||||
|----------------------|-----------------------------|---------|--------------------------------|
|
||||
| -------------------- | --------------------------- | ------- | ------------------------------ |
|
||||
| Certificates | `certificates.enabled` | `true` | TLS certificates |
|
||||
| ClamAV (Distributed) | `clamavDistributed.enabled` | `false` | Antivirus engine |
|
||||
| ClamAV (Simple) | `clamavSimple.enabled` | `true` | Antivirus engine |
|
||||
@@ -117,7 +117,7 @@ All available apps and their default value are in `helmfile/environments/default
|
||||
| Nextcloud | `nextcloud.enabled` | `true` | File share |
|
||||
| Nubus | `nubus.enabled` | `true` | Identity Management & Portal |
|
||||
| OpenProject | `openproject.enabled` | `true` | Project management |
|
||||
| OX Appsuite | `oxAppsuite.enabled` | `true` | Groupware |
|
||||
| OX App Suite | `oxAppSuite.enabled` | `true` | Groupware |
|
||||
| Postfix | `postfix.enabled` | `true` | MTA |
|
||||
| PostgreSQL | `postgresql.enabled` | `true` | Database |
|
||||
| Redis | `redis.enabled` | `true` | Cache Database |
|
||||
|
||||
@@ -10,11 +10,12 @@ SPDX-License-Identifier: Apache-2.0
|
||||
* [openDesk supported upgrade path](#opendesk-supported-upgrade-path)
|
||||
* [Releases upgrade details](#releases-upgrade-details)
|
||||
* [From v1.0.0](#from-v100)
|
||||
* [Pre-upgrade: Manual steps](#pre-upgrade-manual-steps)
|
||||
* [Pre-upgrade: Manual checks/steps](#pre-upgrade-manual-checkssteps)
|
||||
* [Streamlining `openxchange` and `oxAppSuite` attribute names.](#streamlining-openxchange-and-oxappsuite-attribute-names)
|
||||
* [`customization.release`](#customizationrelease)
|
||||
* [Redis 7.4](#redis-74)
|
||||
* [From v0.9.0](#from-v090)
|
||||
* [Pre-upgrade: Manual steps](#pre-upgrade-manual-steps-1)
|
||||
* [Pre-upgrade: Manual steps](#pre-upgrade-manual-steps)
|
||||
* [Configuration Cleanup: Removal of unnecessary OX-Profiles in Nubus](#configuration-cleanup-removal-of-unnecessary-ox-profiles-in-nubus)
|
||||
* [Configuration Cleanup: Updated `global.imagePullSecrets`](#configuration-cleanup-updated-globalimagepullsecrets)
|
||||
* [Changed openDesk defaults: Matrix ID](#changed-opendesk-defaults-matrix-id)
|
||||
@@ -65,7 +66,70 @@ Explanation of the table's columns:
|
||||
|
||||
## From v1.0.0
|
||||
|
||||
### Pre-upgrade: Manual steps
|
||||
### Pre-upgrade: Manual checks/steps
|
||||
|
||||
#### Streamlining `openxchange` and `oxAppSuite` attribute names.
|
||||
|
||||
We have updated some attribute names around Open-Xchange / OX App Suite to be consistent within our Helmfile
|
||||
deployment and to aligning with the actual brand names as well as with our rule of thumb for brand based
|
||||
attribute names[^1].
|
||||
|
||||
In case you are using any of the customizations below (`WAS`), please update as shown (`NOW`):
|
||||
|
||||
```
|
||||
WAS: oxAppsuite: ...
|
||||
NOW: oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: cache.oxAppsuite: ...
|
||||
NOW: cache.oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: charts.openXchangeAppSuite: ...
|
||||
NOW: charts.oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: charts.openXchangeAppSuiteBootstrap: ...
|
||||
NOW: charts.oxAppSuiteBootstrap: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: customization.release.openXchange: ...
|
||||
NOW: customization.release.openxchange: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: customization.release.opendeskOpenXchangeBootstrap: ...
|
||||
NOW: customization.release.opendeskOpenxchangeBootstrap: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: databases.oxAppsuite: ...
|
||||
NOW: databases.oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: ingress.parameters.openXchangeAppSuite: ...
|
||||
NOW: ingress.parameters.oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: ingress.bodyTimeout.openXchangeAppSuite: ...
|
||||
NOW: ingress.bodyTimeout.oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: migration.oxAppsuite: ...
|
||||
NOW: migration.oxAppSuite: ...
|
||||
```
|
||||
|
||||
```
|
||||
WAS: secrets.oxAppsuite: ...
|
||||
NOW: secrets.oxAppSuite: ...
|
||||
```
|
||||
|
||||
#### `customization.release`
|
||||
|
||||
@@ -346,3 +410,6 @@ When a new upgrade migration is required, ensure to address the following list:
|
||||
- You most likely have to update the [`opendesk-migrations` Helm chart](https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-migrations) within the `rules` section of the [`role.yaml`](https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-migrations/-/blob/main/charts/opendesk-migrations/templates/role.yaml) to provide the permissions required for the execution of your migration's logic.
|
||||
- You must set the runner's ID you want to execute in the [migrations.yaml.gotmpl](../helmfile/shared/migrations.yaml.gotmpl). See also the `migrations.*` section of [the Helm chart's README.md](https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-migrations/-/blob/main/charts/opendesk-migrations/README.md).
|
||||
- Update the [`charts.yaml`](../helmfile/environments/default/charts.yaml) and [`images.yaml`](../helmfile/environments/default/images.yaml) to reflect the newer releases of the `opendesk-migrations` Helm chart and container image.
|
||||
|
||||
[^1]: We do not follow a brand name's specific spelling when it comes to upper and lower case and only use new word
|
||||
uppercase when names consist of multiple, space divided words.
|
||||
|
||||
@@ -60,8 +60,8 @@ configuration:
|
||||
regex: "@.*"
|
||||
url: null
|
||||
sender_localpart: intercom-service
|
||||
- as_token: {{ .Values.secrets.oxAppsuite.synapseAsToken | quote }}
|
||||
hs_token: {{ .Values.secrets.oxAppsuite.synapseAsToken | quote }}
|
||||
- as_token: {{ .Values.secrets.oxAppSuite.synapseAsToken | quote }}
|
||||
hs_token: {{ .Values.secrets.oxAppSuite.synapseAsToken | quote }}
|
||||
id: ox-appsuite
|
||||
namespaces:
|
||||
users:
|
||||
|
||||
@@ -15,22 +15,22 @@ repositories:
|
||||
# Open-Xchange
|
||||
- name: "open-xchange-repo"
|
||||
keyring: "../../files/gpg-pubkeys/open-xchange-com.gpg"
|
||||
verify: {{ .Values.charts.openXchangeAppSuite.verify }}
|
||||
verify: {{ .Values.charts.oxAppSuite.verify }}
|
||||
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
||||
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
||||
oci: true
|
||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.openXchangeAppSuite.registry }}/{{ .Values.charts.openXchangeAppSuite.repository }}"
|
||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.oxAppSuite.registry }}/{{ .Values.charts.oxAppSuite.repository }}"
|
||||
|
||||
# openDesk Open-Xchange Bootstrap
|
||||
# Source:
|
||||
# https://gitlab.opencode.de/bmi/opendesk/components/platform-development/charts/opendesk-open-xchange-bootstrap
|
||||
- name: "open-xchange-bootstrap-repo"
|
||||
keyring: "../../files/gpg-pubkeys/opencode.gpg"
|
||||
verify: {{ .Values.charts.openXchangeAppSuiteBootstrap.verify }}
|
||||
verify: {{ .Values.charts.oxAppSuiteBootstrap.verify }}
|
||||
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
||||
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
||||
oci: true
|
||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.openXchangeAppSuiteBootstrap.registry }}/{{ .Values.charts.openXchangeAppSuiteBootstrap.repository }}"
|
||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.oxAppSuiteBootstrap.registry }}/{{ .Values.charts.oxAppSuiteBootstrap.repository }}"
|
||||
|
||||
# OX Connector
|
||||
- name: "ox-connector-repo"
|
||||
@@ -52,26 +52,26 @@ releases:
|
||||
timeout: 900
|
||||
|
||||
- name: "open-xchange"
|
||||
chart: "open-xchange-repo/{{ .Values.charts.openXchangeAppSuite.name }}"
|
||||
version: "{{ .Values.charts.openXchangeAppSuite.version }}"
|
||||
chart: "open-xchange-repo/{{ .Values.charts.oxAppSuite.name }}"
|
||||
version: "{{ .Values.charts.oxAppSuite.version }}"
|
||||
values:
|
||||
- "values-openxchange.yaml.gotmpl"
|
||||
- "values-openxchange-enterprise-contact-picker.yaml.gotmpl"
|
||||
{{ range .Values.customization.release.openXchange }}
|
||||
{{ range .Values.customization.release.openxchange }}
|
||||
- {{ . }}
|
||||
{{ end }}
|
||||
installed: {{ .Values.oxAppsuite.enabled }}
|
||||
installed: {{ .Values.oxAppSuite.enabled }}
|
||||
timeout: 900
|
||||
|
||||
- name: "opendesk-open-xchange-bootstrap"
|
||||
chart: "open-xchange-bootstrap-repo/{{ .Values.charts.openXchangeAppSuiteBootstrap.name }}"
|
||||
version: "{{ .Values.charts.openXchangeAppSuiteBootstrap.version }}"
|
||||
chart: "open-xchange-bootstrap-repo/{{ .Values.charts.oxAppSuiteBootstrap.name }}"
|
||||
version: "{{ .Values.charts.oxAppSuiteBootstrap.version }}"
|
||||
values:
|
||||
- "values-openxchange-bootstrap.yaml.gotmpl"
|
||||
{{ range .Values.customization.release.opendeskOpenXchangeBootstrap }}
|
||||
{{ range .Values.customization.release.opendeskOpenxchangeBootstrap }}
|
||||
- {{ . }}
|
||||
{{ end }}
|
||||
installed: {{ .Values.oxAppsuite.enabled }}
|
||||
installed: {{ .Values.oxAppSuite.enabled }}
|
||||
timeout: 900
|
||||
|
||||
- name: "ox-connector"
|
||||
@@ -82,7 +82,7 @@ releases:
|
||||
{{ range .Values.customization.release.oxConnector }}
|
||||
- {{ . }}
|
||||
{{ end }}
|
||||
installed: {{ .Values.oxAppsuite.enabled }}
|
||||
installed: {{ .Values.oxAppSuite.enabled }}
|
||||
needs:
|
||||
- "open-xchange"
|
||||
|
||||
|
||||
@@ -17,8 +17,8 @@ dovecot:
|
||||
mailDomain: {{ .Values.global.mailDomain | default .Values.global.domain | quote }}
|
||||
password: {{ .Values.secrets.dovecot.doveadm | quote }}
|
||||
migration:
|
||||
enabled: {{ .Values.functional.migration.oxAppsuite.enabled }}
|
||||
masterPassword: {{ .Values.secrets.oxAppsuite.migrationsMasterPassword | quote }}
|
||||
enabled: {{ .Values.functional.migration.oxAppSuite.enabled }}
|
||||
masterPassword: {{ .Values.secrets.oxAppSuite.migrationsMasterPassword | quote }}
|
||||
ldap:
|
||||
enabled: true
|
||||
host: {{ .Values.ldap.host | quote }}
|
||||
|
||||
@@ -7,16 +7,16 @@ SPDX-License-Identifier: Apache-2.0
|
||||
global:
|
||||
hostname: "{{ .Values.global.hosts.openxchange }}.{{ .Values.global.domain }}"
|
||||
appsuite:
|
||||
cookieHashSalt: {{ .Values.secrets.oxAppsuite.cookieHashSalt }}
|
||||
shareCryptKey: {{ .Values.secrets.oxAppsuite.shareCryptKey }}
|
||||
sessiondEncryptionKey: {{ .Values.secrets.oxAppsuite.sessiondEncryptionKey }}
|
||||
cookieHashSalt: {{ .Values.secrets.oxAppSuite.cookieHashSalt }}
|
||||
shareCryptKey: {{ .Values.secrets.oxAppSuite.shareCryptKey }}
|
||||
sessiondEncryptionKey: {{ .Values.secrets.oxAppSuite.sessiondEncryptionKey }}
|
||||
mysql:
|
||||
host: {{ .Values.databases.oxAppsuite.host | quote }}
|
||||
database: {{ .Values.databases.oxAppsuite.name | quote }}
|
||||
host: {{ .Values.databases.oxAppSuite.host | quote }}
|
||||
database: {{ .Values.databases.oxAppSuite.name | quote }}
|
||||
auth:
|
||||
user: {{ .Values.databases.oxAppsuite.username | quote }}
|
||||
password: {{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword | quote }}
|
||||
rootPassword: {{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword | quote }}
|
||||
user: {{ .Values.databases.oxAppSuite.username | quote }}
|
||||
password: {{ .Values.databases.oxAppSuite.password | default .Values.secrets.mariadb.rootPassword | quote }}
|
||||
rootPassword: {{ .Values.databases.oxAppSuite.password | default .Values.secrets.mariadb.rootPassword | quote }}
|
||||
|
||||
nextcloud-integration-ui:
|
||||
image:
|
||||
@@ -105,9 +105,9 @@ appsuite:
|
||||
routes:
|
||||
http-api-routes-appsuite-api:
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "{{ .Values.ingress.parameters.bodySize.openXchangeAppSuite }}"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "{{ .Values.ingress.parameters.bodyTimeout.openXchangeAppSuite }}"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "{{ .Values.ingress.parameters.bodyTimeout.openXchangeAppSuite }}"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "{{ .Values.ingress.parameters.bodySize.oxAppSuite }}"
|
||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "{{ .Values.ingress.parameters.bodyTimeout.oxAppSuite }}"
|
||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "{{ .Values.ingress.parameters.bodyTimeout.oxAppSuite }}"
|
||||
trailslash:
|
||||
enabled: false
|
||||
core-mw:
|
||||
@@ -119,13 +119,13 @@ appsuite:
|
||||
oidcLogin: true
|
||||
oidcPath: "/oidc"
|
||||
masterAdmin: "admin"
|
||||
masterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }}
|
||||
masterPassword: {{ .Values.secrets.oxAppSuite.adminPassword | quote }}
|
||||
hzGroupName: "hzgroup"
|
||||
hzGroupPassword: {{ .Values.secrets.oxAppsuite.hzGroupPassword | quote }}
|
||||
hzGroupPassword: {{ .Values.secrets.oxAppSuite.hzGroupPassword | quote }}
|
||||
basicAuthLogin: "oxlogin"
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppsuite.basicAuthPassword | quote }}
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppSuite.basicAuthPassword | quote }}
|
||||
jolokiaLogin: "jolokia"
|
||||
jolokiaPassword: {{ .Values.secrets.oxAppsuite.jolokiaPassword | quote }}
|
||||
jolokiaPassword: {{ .Values.secrets.oxAppSuite.jolokiaPassword | quote }}
|
||||
hostname: "{{ .Values.global.hosts.openxchange }}.{{ .Values.global.domain }}"
|
||||
podAnnotations: {}
|
||||
serviceAccount:
|
||||
@@ -174,7 +174,7 @@ appsuite:
|
||||
chown open-xchange:open-xchange /opt/open-xchange/guard-files
|
||||
packages:
|
||||
status:
|
||||
{{- if .Values.functional.migration.oxAppsuite.enabled }}
|
||||
{{- if .Values.functional.migration.oxAppSuite.enabled }}
|
||||
open-xchange-authentication-masterpassword: "enabled"
|
||||
open-xchange-authentication-ldap: "disabled"
|
||||
open-xchange-authentication-oauth: "disabled"
|
||||
@@ -316,13 +316,13 @@ appsuite:
|
||||
mountPath: "/etc/ssl/certs/"
|
||||
{{- end }}
|
||||
secretProperties:
|
||||
com.openexchange.cookie.hash.salt: {{ .Values.secrets.oxAppsuite.cookieHashSalt | quote }}
|
||||
com.openexchange.sessiond.encryptionKey: {{ .Values.secrets.oxAppsuite.sessiondEncryptionKey | quote }}
|
||||
com.openexchange.share.cryptKey: {{ .Values.secrets.oxAppsuite.shareCryptKey | quote }}
|
||||
com.openexchange.conference.element.authToken: {{ .Values.secrets.oxAppsuite.synapseAsToken | quote }}
|
||||
com.openexchange.cookie.hash.salt: {{ .Values.secrets.oxAppSuite.cookieHashSalt | quote }}
|
||||
com.openexchange.sessiond.encryptionKey: {{ .Values.secrets.oxAppSuite.sessiondEncryptionKey | quote }}
|
||||
com.openexchange.share.cryptKey: {{ .Values.secrets.oxAppSuite.shareCryptKey | quote }}
|
||||
com.openexchange.conference.element.authToken: {{ .Values.secrets.oxAppSuite.synapseAsToken | quote }}
|
||||
propertiesFiles:
|
||||
/opt/open-xchange/etc/masterpassword-authentication.properties:
|
||||
com.openexchange.authentication.masterpassword.password: {{ .Values.secrets.oxAppsuite.migrationsMasterPassword | quote }}
|
||||
com.openexchange.authentication.masterpassword.password: {{ .Values.secrets.oxAppSuite.migrationsMasterPassword | quote }}
|
||||
/opt/open-xchange/etc/AdminDaemon.properties:
|
||||
MASTER_ACCOUNT_OVERRIDE: "true"
|
||||
/opt/open-xchange/etc/AdminUser.properties:
|
||||
@@ -392,17 +392,17 @@ appsuite:
|
||||
# MC+base64(20 random bytes)
|
||||
# RC+base64(20 random bytes)
|
||||
oxguardpass: |
|
||||
{{ .Values.secrets.oxAppsuite.oxguardMC }}
|
||||
{{ .Values.secrets.oxAppsuite.oxguardRC }}
|
||||
{{ .Values.secrets.oxAppSuite.oxguardMC }}
|
||||
{{ .Values.secrets.oxAppSuite.oxguardRC }}
|
||||
redis: &redisConfiguration
|
||||
enabled: true
|
||||
mode: "standalone"
|
||||
hosts:
|
||||
- {{ printf "%s:%v" .Values.cache.oxAppsuite.host .Values.cache.oxAppsuite.port | quote }}
|
||||
- {{ printf "%s:%v" .Values.cache.oxAppSuite.host .Values.cache.oxAppSuite.port | quote }}
|
||||
auth:
|
||||
enabled: true
|
||||
username: {{ .Values.cache.oxAppsuite.username | quote }}
|
||||
password: {{ .Values.cache.oxAppsuite.password | default .Values.secrets.redis.password | quote }}
|
||||
username: {{ .Values.cache.oxAppSuite.username | quote }}
|
||||
password: {{ .Values.cache.oxAppSuite.password | default .Values.secrets.redis.password | quote }}
|
||||
image:
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeCoreMW.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeCoreMW.repository | quote }}
|
||||
@@ -501,9 +501,9 @@ appsuite:
|
||||
|
||||
core-documentconverter:
|
||||
adminUser: "admin"
|
||||
adminPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }}
|
||||
adminPassword: {{ .Values.secrets.oxAppSuite.adminPassword | quote }}
|
||||
basicAuthLogin: "oxlogin"
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppsuite.basicAuthPassword | quote }}
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppSuite.basicAuthPassword | quote }}
|
||||
enabled: true
|
||||
documentConverter:
|
||||
cache:
|
||||
@@ -588,9 +588,9 @@ appsuite:
|
||||
core-imageconverter:
|
||||
enabled: true
|
||||
adminUser: "admin"
|
||||
adminPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }}
|
||||
adminPassword: {{ .Values.secrets.oxAppSuite.adminPassword | quote }}
|
||||
basicAuthLogin: "oxlogin"
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppsuite.basicAuthPassword | quote }}
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppSuite.basicAuthPassword | quote }}
|
||||
image:
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeImageConverter.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeImageConverter.repository | quote }}
|
||||
|
||||
@@ -50,7 +50,7 @@ oxConnector:
|
||||
oxLocalTimezone: "Europe/Berlin"
|
||||
oxLanguage: "de_DE"
|
||||
oxMasterAdmin: "admin"
|
||||
oxMasterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }}
|
||||
oxMasterPassword: {{ .Values.secrets.oxAppSuite.adminPassword | quote }}
|
||||
oxSmtpServer: "smtp://127.0.0.1:587"
|
||||
oxSoapServer: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.global.domain }}"
|
||||
|
||||
|
||||
@@ -39,7 +39,7 @@ global:
|
||||
{{- if .Values.openproject.enabled }}
|
||||
openproject: {{ .Values.global.hosts.openproject }}
|
||||
{{- end }}
|
||||
{{- if .Values.oxAppsuite.enabled }}
|
||||
{{- if .Values.oxAppSuite.enabled }}
|
||||
openxchange: {{ .Values.global.hosts.openxchange }}
|
||||
{{- end }}
|
||||
{{- if .Values.nubus.enabled }}
|
||||
|
||||
@@ -47,9 +47,9 @@ job:
|
||||
- username: "openxchange_user"
|
||||
# - username: {{ .Values.databases.xwiki.username | quote }}
|
||||
password: {{ .Values.secrets.mariadb.openxchangeUser | quote }}
|
||||
connectionLimit: {{ .Values.databases.oxAppsuite.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
||||
connectionLimit: {{ .Values.databases.oxAppSuite.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
||||
- username: "xwiki_user"
|
||||
# - username: {{ .Values.databases.oxAppsuite.username | quote }}
|
||||
# - username: {{ .Values.databases.oxAppSuite.username | quote }}
|
||||
password: {{ .Values.secrets.mariadb.xwikiUser | quote }}
|
||||
connectionLimit: {{ .Values.databases.xwiki.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
||||
databases:
|
||||
@@ -59,8 +59,8 @@ job:
|
||||
# users for the moment.
|
||||
- name: "openxchange"
|
||||
user: "openxchange_user"
|
||||
# - name: {{ .Values.databases.oxAppsuite.name | quote }}
|
||||
# user: {{ .Values.databases.oxAppsuite.username | quote }}
|
||||
# - name: {{ .Values.databases.oxAppSuite.name | quote }}
|
||||
# user: {{ .Values.databases.oxAppSuite.username | quote }}
|
||||
- name: "xwiki"
|
||||
user: "xwiki_user"
|
||||
# - name: {{ .Values.databases.xwiki.name | quote }}
|
||||
|
||||
@@ -29,7 +29,7 @@ apps:
|
||||
openproject:
|
||||
enabled: {{ .Values.openproject.enabled }}
|
||||
oxAppsuite:
|
||||
enabled: {{ .Values.oxAppsuite.enabled }}
|
||||
enabled: {{ .Values.oxAppSuite.enabled }}
|
||||
postfix:
|
||||
enabled: {{ .Values.postfix.enabled }}
|
||||
postgresql:
|
||||
|
||||
@@ -16,7 +16,7 @@ cache:
|
||||
openproject:
|
||||
host: "memcached"
|
||||
port: 11211
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
host: "redis-headless"
|
||||
port: 6379
|
||||
username: "default"
|
||||
|
||||
@@ -318,7 +318,17 @@ charts:
|
||||
name: "opendesk-openproject-bootstrap"
|
||||
version: "2.1.1"
|
||||
verify: true
|
||||
openXchangeAppSuite:
|
||||
otterize:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
# upstreamRegistry: "https://registry.opencode.de"
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/charts/opendesk-otterize/opendesk-otterize"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-otterize"
|
||||
name: "opendesk-otterize"
|
||||
version: "2.1.0"
|
||||
verify: true
|
||||
oxAppSuite:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Open-Xchange"
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
@@ -330,7 +340,7 @@ charts:
|
||||
name: "appsuite-public-sector"
|
||||
version: "2.12.85"
|
||||
verify: false
|
||||
openXchangeAppSuiteBootstrap:
|
||||
oxAppSuiteBootstrap:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
# upstreamRegistry: "https://registry.opencode.de"
|
||||
@@ -340,16 +350,6 @@ charts:
|
||||
name: "opendesk-open-xchange-bootstrap"
|
||||
version: "2.1.2"
|
||||
verify: true
|
||||
otterize:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
# upstreamRegistry: "https://registry.opencode.de"
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/charts/opendesk-otterize/opendesk-otterize"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-otterize"
|
||||
name: "opendesk-otterize"
|
||||
version: "2.1.0"
|
||||
verify: true
|
||||
oxConnector:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
|
||||
@@ -33,8 +33,8 @@ customization:
|
||||
nginxS3Gateway: {}
|
||||
# open-xchange
|
||||
dovecot: {}
|
||||
openXchange: {}
|
||||
opendeskOpenXchangeBootstrap: {}
|
||||
openxchange: {}
|
||||
opendeskOpenxchangeBootstrap: {}
|
||||
oxConnector: {}
|
||||
# openproject
|
||||
openproject: {}
|
||||
|
||||
@@ -32,7 +32,7 @@ databases:
|
||||
username: "openproject_user"
|
||||
password: ""
|
||||
connectionLimit: ~
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
name: "configdb"
|
||||
host: "mariadb"
|
||||
port: 3306
|
||||
|
||||
@@ -99,10 +99,10 @@ functional:
|
||||
useImmutableIdentifierForLocalpart: false
|
||||
|
||||
migration:
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
# Note: Only available in openDesk Enterprise.
|
||||
# Turn on temporary for migration purposes only. Will enable master password auth in OX AppSuite and Dovecot using
|
||||
# `secrets.oxAppsuite.migrationsMasterPassword`.
|
||||
# `secrets.oxAppSuite.migrationsMasterPassword`.
|
||||
enabled: false
|
||||
|
||||
...
|
||||
|
||||
@@ -13,13 +13,13 @@ ingress:
|
||||
element: "100M"
|
||||
nextcloud: "100M"
|
||||
openproject: "100M"
|
||||
openXchangeAppSuite: "100M"
|
||||
oxAppSuite: "100M"
|
||||
xwiki: "100M"
|
||||
bodyTimeout:
|
||||
collabora: 600
|
||||
element: 60
|
||||
nextcloud: 600
|
||||
openproject: 60
|
||||
openXchangeAppSuite: 60
|
||||
oxAppSuite: 60
|
||||
xwiki: 60
|
||||
...
|
||||
|
||||
@@ -55,7 +55,7 @@ nubus:
|
||||
openproject:
|
||||
enabled: true
|
||||
namespace: ~
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
enabled: true
|
||||
namespace: ~
|
||||
postfix:
|
||||
|
||||
@@ -164,7 +164,7 @@ replicas:
|
||||
# dedicated workers for specific queues are possible with OpenProject.
|
||||
openprojectWorker: 1
|
||||
|
||||
# -- component: Groupware (OX Appsuite)
|
||||
# -- component: Groupware (OX App Suite)
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreDocumentConverter: 1
|
||||
# -- scalable: tbd
|
||||
|
||||
@@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
secrets:
|
||||
oxAppsuite:
|
||||
oxAppSuite:
|
||||
adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "admin_password" | sha1sum | quote }}
|
||||
migrationsMasterPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "opendesk") "ox_appsuite" "migrations_master_password" | sha1sum | quote }}
|
||||
cookieHashSalt: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "cookie_hash_salt" | sha1sum | quote }}
|
||||
|
||||
Reference in New Issue
Block a user