mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-06 07:21:36 +01:00
fix(xwiki): Update default XWiki configuration
* Set default language to a locale with country indicator, which allows the workplace services to work properly * Set default page title (visible in the browser tab title)
This commit is contained in:
Clément Aubin
committed by
Thorsten Roßner
Thorsten Roßner
parent
3b557a892c
commit
f13f39a0a0
@@ -19,8 +19,7 @@ releases:
|
||||
version: "{{ .Values.charts.xwiki.version }}"
|
||||
wait: true
|
||||
values:
|
||||
- "values.yaml"
|
||||
- "values.gotmpl"
|
||||
- "values.yaml.gotmpl"
|
||||
installed: {{ .Values.xwiki.enabled }}
|
||||
timeout: 900
|
||||
|
||||
|
||||
@@ -1,74 +0,0 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
image:
|
||||
name: "{{ .Values.global.imageRegistry }}/{{ .Values.images.xwiki.repository }}"
|
||||
tag: {{ .Values.images.xwiki.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
externalDB:
|
||||
password: {{ .Values.databases.xwiki.password | default .Values.secrets.mariadb.rootPassword | quote }}
|
||||
database: {{ .Values.databases.xwiki.name | quote }}
|
||||
user: {{ .Values.databases.xwiki.username | quote }}
|
||||
host: {{ .Values.databases.xwiki.host | quote }}
|
||||
|
||||
customConfigs:
|
||||
"xwiki.cfg":
|
||||
xwiki.superadminpassword: {{ .Values.secrets.xwiki.superadminpassword | quote }}
|
||||
## LDAP Server configuration
|
||||
xwiki.authentication.ldap.server: {{ .Values.ldap.host | quote }}
|
||||
xwiki.authentication.ldap.port: 389
|
||||
## Authentication to the LDAP server
|
||||
xwiki.authentication.ldap.bind_DN: "uid=ldapsearch_xwiki,cn=users,dc=swp-ldap,dc=internal"
|
||||
xwiki.authentication.ldap.bind_pass: {{ .Values.secrets.univentionManagementStack.ldapSearch.xwiki | quote }}
|
||||
## Base DN used for searching for users
|
||||
xwiki.authentication.ldap.base_DN: "dc=swp-ldap,dc=internal"
|
||||
## Allow short update cycles of the LDAP group cache
|
||||
xwiki.authentication.ldap.groupcache_expiration: 300
|
||||
|
||||
"xwiki.properties":
|
||||
"oidc.endpoint.authorization": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/auth"
|
||||
"oidc.endpoint.token": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/token"
|
||||
"oidc.endpoint.userinfo": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/userinfo"
|
||||
"oidc.endpoint.logout": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/logout"
|
||||
"oidc.secret": {{ .Values.secrets.keycloak.clientSecret.xwiki | quote }}
|
||||
"url.trustedDomains": "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}"
|
||||
"workplaceServices.navigationEndpoint": "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}/univention/portal/navigation.json"
|
||||
"workplaceServices.base": "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}"
|
||||
"workplaceServices.portalSecret": {{ .Values.secrets.centralnavigation.apiKey | quote }}
|
||||
|
||||
properties:
|
||||
"attachment:xwiki:FlamingoThemes.Iceberg@logo.svg": "data:image/svg+xml;base64,{{ .Values.theme.imagery.logoHeaderSvg | b64enc }}"
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.brand-primary": {{ .Values.theme.colors.primary | quote }}
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-bg": {{ .Values.theme.colors.white | quote }}
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-link-hover-bg": {{ .Values.theme.colors.secondaryGreyLight | quote }}
|
||||
## Link LDAP users and users authenticated through OIDC
|
||||
"property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.addOIDCObject": 1
|
||||
"property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.OIDCIssuer": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}"
|
||||
|
||||
ingress:
|
||||
enabled: {{ .Values.ingress.enabled }}
|
||||
className: {{ .Values.ingress.ingressClassName | quote }}
|
||||
annotations:
|
||||
haproxy-ingress.github.io/headers: "X-Forwarded-Host {{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||
hosts:
|
||||
- host: "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: "ImplementationSpecific"
|
||||
tls:
|
||||
- secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
hosts:
|
||||
- "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||
|
||||
persistence:
|
||||
size: {{ .Values.persistence.size.xwiki | quote }}
|
||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||
|
||||
replicaCount: {{ .Values.replicas.xwiki }}
|
||||
|
||||
resources:
|
||||
{{ .Values.resources.xwiki | toYaml | nindent 2 }}
|
||||
...
|
||||
@@ -1,6 +1,19 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
image:
|
||||
name: "{{ .Values.global.imageRegistry }}/{{ .Values.images.xwiki.repository }}"
|
||||
tag: {{ .Values.images.xwiki.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
externalDB:
|
||||
password: {{ .Values.databases.xwiki.password | default .Values.secrets.mariadb.rootPassword | quote }}
|
||||
database: {{ .Values.databases.xwiki.name | quote }}
|
||||
user: {{ .Values.databases.xwiki.username | quote }}
|
||||
host: {{ .Values.databases.xwiki.host | quote }}
|
||||
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
enabled: true
|
||||
@@ -20,8 +33,25 @@ customConfigs:
|
||||
xwiki.authentication.ldap.photo_attribute: "jpegPhoto"
|
||||
## Enable the synchronization of the LDAP profile picture
|
||||
xwiki.authentication.ldap.update_photo: 1
|
||||
## Password of default user
|
||||
xwiki.superadminpassword: {{ .Values.secrets.xwiki.superadminpassword | quote }}
|
||||
## LDAP Server configuration
|
||||
xwiki.authentication.ldap.server: {{ .Values.ldap.host | quote }}
|
||||
xwiki.authentication.ldap.port: 389
|
||||
## Authentication to the LDAP server
|
||||
xwiki.authentication.ldap.bind_DN: "uid=ldapsearch_xwiki,cn=users,dc=swp-ldap,dc=internal"
|
||||
xwiki.authentication.ldap.bind_pass: {{ .Values.secrets.univentionManagementStack.ldapSearch.xwiki | quote }}
|
||||
## Base DN used for searching for users
|
||||
xwiki.authentication.ldap.base_DN: "dc=swp-ldap,dc=internal"
|
||||
## Allow short update cycles of the LDAP group cache
|
||||
xwiki.authentication.ldap.groupcache_expiration: 300
|
||||
|
||||
xwiki.properties:
|
||||
oidc.endpoint.authorization: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/auth"
|
||||
oidc.endpoint.token: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/token"
|
||||
oidc.endpoint.userinfo: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/userinfo"
|
||||
oidc.endpoint.logout: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}/protocol/openid-connect/logout"
|
||||
oidc.secret: {{ .Values.secrets.keycloak.clientSecret.xwiki | quote }}
|
||||
oidc.scope: "openid,profile,email,address,opendesk"
|
||||
oidc.endpoint.userinfo.method: "GET"
|
||||
oidc.user.nameFormater: "${oidc.user.opendesk_username._clean._lowerCase}"
|
||||
@@ -32,17 +62,29 @@ customConfigs:
|
||||
oidc.endpoint.token.auth_method: "client_secret_basic"
|
||||
oidc.skipped: false
|
||||
oidc.logoutMechanism: "rpInitiated"
|
||||
|
||||
image:
|
||||
pullPolicy: "IfNotPresent"
|
||||
url.trustedDomains: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}"
|
||||
workplaceServices.navigationEndpoint: "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}/univention/portal/navigation.json"
|
||||
workplaceServices.base: "https://{{ .Values.global.hosts.univentionManagementStack }}.{{ .Values.global.domain }}"
|
||||
workplaceServices.portalSecret: {{ .Values.secrets.centralnavigation.apiKey | quote }}
|
||||
|
||||
ingress:
|
||||
# enabled: true
|
||||
enabled: {{ .Values.ingress.enabled }}
|
||||
className: {{ .Values.ingress.ingressClassName | quote }}
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: null
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "250m"
|
||||
haproxy-ingress.github.io/headers: "X-Forwarded-Host {{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||
hosts:
|
||||
- host: "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: "ImplementationSpecific"
|
||||
tls:
|
||||
- secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
hosts:
|
||||
- "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||
|
||||
istio:
|
||||
enabled: false
|
||||
@@ -53,14 +95,22 @@ mariadb:
|
||||
mysql:
|
||||
enabled: false
|
||||
|
||||
persistence:
|
||||
size: {{ .Values.persistence.size.xwiki | quote }}
|
||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
properties:
|
||||
"attachment:xwiki:FlamingoThemes.Iceberg@logo.svg": "data:image/svg+xml;base64,{{ .Values.theme.imagery.logoHeaderSvg | b64enc }}"
|
||||
## Link LDAP users and users authenticated through OIDC
|
||||
"property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.addOIDCObject": 1
|
||||
"property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.OIDCIssuer": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.colorTheme": "FlamingoThemes.Iceberg"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.default_language": "de"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.default_language": "de_DE"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.timezone": "Europe/Berlin"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.languages": "de"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.languages": "de_DE"
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.link-color": "@brand-primary"
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.btn-primary-bg": "@brand-primary"
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-color": "@brand-primary"
|
||||
@@ -69,6 +119,9 @@ properties:
|
||||
"@brand-primary"
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-link-active-color":
|
||||
"@brand-primary"
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.brand-primary": {{ .Values.theme.colors.primary | quote }}
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-bg": {{ .Values.theme.colors.white | quote }}
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-link-hover-bg": {{ .Values.theme.colors.secondaryGreyLight | quote }}
|
||||
# yamllint disable-line rule:line-length
|
||||
"property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.lessCode": " li#tmWorkplaceServices { padding-left: 16px; padding-top: 5px; } .navbar-right { padding-top: 8px; } .navbar { border-bottom: 1px solid #ddd; height: 64px; } div#companylogo { width: 90px; height: auto; padding-top: 7px; padding-left: 9px; }"
|
||||
|
||||
@@ -91,6 +144,12 @@ properties:
|
||||
# "(&(objectClass=opendeskKnowledgemanagementGroup)(opendeskKnowledgemanagementEnabled=TRUE))"
|
||||
"property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.ldapGroupImportSearchFilter":
|
||||
"(objectClass=opendeskKnowledgemanagementGroup)"
|
||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.title": "{{ .Values.theme.texts.productName }} Wissen - $!tdoc.displayTitle"
|
||||
|
||||
replicaCount: {{ .Values.replicas.xwiki }}
|
||||
|
||||
resources:
|
||||
{{ .Values.resources.xwiki | toYaml | nindent 2 }}
|
||||
|
||||
securityContext:
|
||||
enabled: true
|
||||
@@ -104,4 +163,5 @@ service:
|
||||
|
||||
volumePermissions:
|
||||
enabled: true
|
||||
|
||||
...
|
||||
Reference in New Issue
Block a user