diff --git a/helmfile/apps/provisioning/values-oxconnector.gotmpl b/helmfile/apps/provisioning/values-oxconnector.gotmpl index 542cdaa0..c74f4976 100644 --- a/helmfile/apps/provisioning/values-oxconnector.gotmpl +++ b/helmfile/apps/provisioning/values-oxconnector.gotmpl @@ -26,6 +26,7 @@ oxConnector: oxMasterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }} oxSoapServer: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}" oxDefaultContext: "1" + ldapPassword: {{ if eq .Values.ldap.host "univention-corporate-container" }} "ucctempldapstring" {{ else }} {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} {{ end }} resources: {{ .Values.resources.oxConnector | toYaml | nindent 2 }} diff --git a/helmfile/apps/provisioning/values-oxconnector.yaml b/helmfile/apps/provisioning/values-oxconnector.yaml index 0e472e6e..5e9b192e 100644 --- a/helmfile/apps/provisioning/values-oxconnector.yaml +++ b/helmfile/apps/provisioning/values-oxconnector.yaml @@ -5,12 +5,9 @@ ingress: enabled: false oxConnector: - # ldapHostIp: "" ldapBaseDn: "dc=swp-ldap,dc=internal" ldapHostDn: "cn=admin,dc=swp-ldap,dc=internal" tlsMode: "off" - # current static password for UCC - ldapPassword: "ucctempldapstring" caCert: "ucctempldapstring" debugLevel: "5" logLevel: "DEBUG" diff --git a/helmfile/apps/univention-management-stack/helmfile.yaml b/helmfile/apps/univention-management-stack/helmfile.yaml index 44b4f8db..926c6350 100644 --- a/helmfile/apps/univention-management-stack/helmfile.yaml +++ b/helmfile/apps/univention-management-stack/helmfile.yaml @@ -41,7 +41,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-ldap-server" chart: "ums-repo/ldap-server" - version: "0.4.1" + version: "0.5.2" values: - "values-common.gotmpl" - "values-common.yaml" @@ -49,7 +49,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-ldap-notifier" chart: "ums-repo/ldap-notifier" - version: "0.4.1" + version: "0.5.2" values: - "values-common.gotmpl" - "values-common.yaml" @@ -58,7 +58,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-udm-rest-api" chart: "ums-repo/udm-rest-api" - version: "0.3.2" + version: "0.3.3" values: - "values-common.gotmpl" - "values-common.yaml" @@ -66,7 +66,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-stack-data-ums" chart: "ums-repo/stack-data-ums" - version: "0.15.2" + version: "0.25.1" values: - "values-common.gotmpl" - "values-common.yaml" @@ -74,7 +74,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-stack-data-swp" chart: "ums-repo/stack-data-swp" - version: "0.15.2" + version: "0.25.1" values: - "values-common.gotmpl" - "values-common.yaml" @@ -82,7 +82,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-portal-server" chart: "ums-repo/portal-server" - version: "0.3.4" + version: "0.4.3" values: - "values-common.gotmpl" - "values-common.yaml" @@ -90,7 +90,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-notifications-api" chart: "ums-repo/notifications-api" - version: "0.3.4" + version: "0.4.3" values: - "values-common.gotmpl" - "values-common.yaml" @@ -99,7 +99,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-portal-listener" chart: "ums-repo/portal-listener" - version: "0.3.4" + version: "0.4.3" values: - "values-common.gotmpl" - "values-common.yaml" @@ -108,7 +108,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-portal-frontend" chart: "ums-repo/portal-frontend" - version: "0.3.4" + version: "0.4.3" values: - "values-common.gotmpl" - "values-common.yaml" @@ -124,7 +124,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-umc-gateway" chart: "ums-repo/umc-gateway" - version: "0.3.2" + version: "0.3.5" values: - "values-common.gotmpl" - "values-common.yaml" @@ -132,7 +132,7 @@ releases: installed: {{ .Values.univentionManagementStack.enabled }} - name: "ums-umc-server" chart: "ums-repo/umc-server" - version: "0.3.2" + version: "0.3.5" values: - "values-common.gotmpl" - "values-common.yaml" diff --git a/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl b/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl index f55b8ea0..d3f5b95a 100644 --- a/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl +++ b/helmfile/apps/univention-management-stack/values-ldap-server.gotmpl @@ -7,16 +7,13 @@ ldapServer: ldapSecret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} ldapBaseDn: "dc=swp-ldap,dc=internal" + waitForSamlMetadata: true + # TODO: Certificates handling # caCert: "" # certPem: "" # privateKey: "" # dhParam: "" - tlsMode: "off" - - samlMetadataUrl: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/saml/descriptor" - samlMetadataUrlInternal: null - serviceProviders: "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}/univention/saml/metadata" image: registry: {{ .Values.global.imageRegistry | quote }} diff --git a/helmfile/apps/univention-management-stack/values-portal-server.gotmpl b/helmfile/apps/univention-management-stack/values-portal-server.gotmpl index 7b8ee2d9..e1f0abd1 100644 --- a/helmfile/apps/univention-management-stack/values-portal-server.gotmpl +++ b/helmfile/apps/univention-management-stack/values-portal-server.gotmpl @@ -12,6 +12,9 @@ portalServer: ucsInternalUrl: "http://portal-server:{{ .Values.secrets.univentionManagementStack.storeDavUsers.portalServer }}@ums-store-dav/portal-data" umcGetUrl: "http://ums-umc-server/get" umcSessionUrl: "http://ums-umc-server/get/session-info" + centralNavigation: + enabled: true + authenticatorSecret: {{ .Values.secrets.centralnavigation.apiKey | quote }} image: registry: {{ .Values.global.imageRegistry | quote }} diff --git a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl index 2437d368..7eccbcd9 100644 --- a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl +++ b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl @@ -19,11 +19,12 @@ stackDataContext: # ldapHostDn: cn=stub-value,cn=dc,cn=computers,dc=swp-ldap,dc=internal ldapHostDn: cn=admin,dc=swp-ldap,dc=internal - samlMetadataUrl: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/saml/descriptor" - samlMetadataUrlInternal: null - samlSpServer: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}" - samlSchemes: "https" - ssoFqdn: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}" + idpSamlMetadataUrl: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/saml/descriptor" + idpSamlMetadataUrlInternal: null + umcSamlSpFqdn: "{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}" + umcSamlSchemes: "https" + idpFqdn: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}" + ldapSamlSpUrls: "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}/univention/saml/metadata" initialPasswordAdministrator: "{{ .Values.secrets.univentionManagementStack.defaultAccounts.administratorPassword }}" diff --git a/helmfile/environments/default/images.yaml b/helmfile/environments/default/images.yaml index 1ca99829..1cf54c68 100644 --- a/helmfile/environments/default/images.yaml +++ b/helmfile/environments/default/images.yaml @@ -224,67 +224,67 @@ images: umsConfigHtpasswd: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/config-htpasswd" - tag: "0.5.2" + tag: "0.5.2@sha256:b713d22a9f2285aab7ff3b1db950002c9ae507ee0b8ba6c76c8a700299440b02" # @supplier: "Univention" umsDataLoader: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/data-loader" - tag: "0.15.2" + tag: "0.25.1@sha256:4b5d621e7ee2ca9efd8755ccb287a6daeb05284c3c010e4b6c487d01e539c606" # @supplier: "Univention" umsLdapNotifier: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/ldap-notifier" - tag: "0.4.1" + tag: "0.5.2@sha256:693c170507dd420d9afa19a2128c85ffd1f231b1c13b149a46bb12a501a1136f" # @supplier: "Univention" umsLdapServer: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/ldap-server" - tag: "0.4.1" + tag: "0.5.2@sha256:e4b229b1879185e150e371242a90c9a8e1ebb0bc19076871554137cc354855cb" # @supplier: "Univention" umsNotificationsApi: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/notifications-api" - tag: "0.3.4" + tag: "0.4.3@sha256:f0a95d96f4047b08db41b8878800f98e66a8fb2fc3c0f493130be314a3be0270" # @supplier: "Univention" umsPortalListener: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/portal-listener" - tag: "0.3.4" + tag: "0.4.3@sha256:a5454bfc113df95d1e71424765b6a0137e7468861cb3df3865136888d24ca7a0" # @supplier: "Univention" umsPortalFrontend: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/portal-frontend" - tag: "0.3.5" + tag: "0.4.3@sha256:bfae4930c830185b0f64d6cd9bb479bdde8ac383a58f8f5948731ece9288ff4d" # @supplier: "Univention" umsPortalServer: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/portal-server" - tag: "0.3.4" + tag: "0.4.3@sha256:3a906e38aaabf5e80457f1b572a4ee3676b90921ac9c0df9a64a177ee0d75cc9" # @supplier: "Univention" umsWaitForDependency: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/wait-for-dependency" - tag: "0.3.4" + tag: "0.4.3@sha256:ff4b7f762860baa1415cfe9a24131cb28c2660a14058ca8a1e7a697468f72d69" # @supplier: "Univention" umsStoreDav: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/store-dav" - tag: "0.5.2" + tag: "0.5.2@sha256:e6d42110be74f171b62c8ba4752afd0af8119f0354783bf428eb2030f97be84a" # @supplier: "Univention" umsUdmRestApi: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/udm-rest-api" - tag: "0.3.2" + tag: "0.3.3@sha256:3893d74b1e450e920a53788a8b86cafb4e811dbbae8734fd32d56718ccbb89c5" # @supplier: "Univention" umsUmcGateway: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/umc-gateway" - tag: "0.3.2" + tag: "0.3.5@sha256:2e5ec7a33f0f9094143090c786b3fda632fe85b669b7fe3bb467ec96b4a76eff" # @supplier: "Univention" umsUmcServer: # This is a preview and not part of the standard deployment. repository: "souvap/tooling/images/univention/umc-server" - tag: "0.3.2" + tag: "0.3.5@sha256:fa95ab3a547807322e6d66da943292119b37229eccbb35b31217fe0f484c4798" # @supplier: "Univention" wellKnown: repository: "library/nginx"