From fa3cb8d15466a17474b363ab3b1b36befca5c1d6 Mon Sep 17 00:00:00 2001 From: Yannik Schmidt Date: Fri, 16 May 2025 03:28:51 +0200 Subject: [PATCH] wip: --- helmfile/apps/nubus/values-nubus.yaml.gotmpl | 12 ++++++++++++ helmfile/environments/default/global.yaml.gotmpl | 1 + helmfile/environments/default/images.yaml.gotmpl | 4 ++++ 3 files changed, 17 insertions(+) diff --git a/helmfile/apps/nubus/values-nubus.yaml.gotmpl b/helmfile/apps/nubus/values-nubus.yaml.gotmpl index 6469097f..94ce64da 100644 --- a/helmfile/apps/nubus/values-nubus.yaml.gotmpl +++ b/helmfile/apps/nubus/values-nubus.yaml.gotmpl @@ -46,6 +46,12 @@ global: repository: {{ .Values.images.nubusOpendeskExtensionA2gMapper.repository }} imagePullPolicy: {{ .Values.global.imagePullPolicy }} tag: {{ .Values.images.nubusOpendeskExtensionA2gMapper.tag }} + - name: "twofa-selfservice" + image: + registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusTwoFaSelfserviceProvisioning.registry | quote }} + repository: {{ .Values.images.nubusTwoFaSelfserviceProvisioning.repository }} + imagePullPolicy: Always #{{ .Values.global.imagePullPolicy }} + tag: {{ .Values.images.nubusTwoFaSelfserviceProvisioning.tag }} # -- Allows to configure the system extensions to load. This is intended for # internal usage, prefer to use `global.extensions` for user configured @@ -642,6 +648,8 @@ nubusPortalFrontend: resources: {{ .Values.resources.umsPortalFrontend | toYaml | nindent 4 }} + + nubusKeycloakExtensions: enabled: true keycloak: @@ -772,6 +780,9 @@ nubusPortalListener: nubusPortalConsumer: enabled: true portalConsumer: + editable: false + editable: false + editable: false image: registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalConsumer.registry | quote }} repository: {{ .Values.images.nubusPortalConsumer.repository }} @@ -1488,6 +1499,7 @@ nubusStackDataUms: portalLinkPrivacyStatement: {{ .Values.functional.portal.linkPrivacyStatement }} oxDefaultContext: "1" oxContextHidden: true + portalTwoFaLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.twofaSelfservice .Values.global.domain }} ldapSearchUsers: {{- range $username, $password := .Values.secrets.nubus.ldapSearch }} - username: {{ printf "ldapsearch_%s" $username | quote }} diff --git a/helmfile/environments/default/global.yaml.gotmpl b/helmfile/environments/default/global.yaml.gotmpl index 81724929..b44a0ed3 100644 --- a/helmfile/environments/default/global.yaml.gotmpl +++ b/helmfile/environments/default/global.yaml.gotmpl @@ -59,6 +59,7 @@ global: synapse: "matrix" synapseAdmin: "synapse-admin" synapseFederation: "matrix-federation" + twofaSelfservice: "twofa" whiteboard: "whiteboard" xwiki: "wiki" diff --git a/helmfile/environments/default/images.yaml.gotmpl b/helmfile/environments/default/images.yaml.gotmpl index 51dc1b2a..cf3c5a25 100644 --- a/helmfile/environments/default/images.yaml.gotmpl +++ b/helmfile/environments/default/images.yaml.gotmpl @@ -418,6 +418,10 @@ images: registry: "registry.opencode.de" repository: "bmi/opendesk/components/supplier/univention/images-mirror/guardian-init" tag: "0.17.0@sha256:56acfc53c3d3e0a20ff77fe427ae794adbf03ccc66972c95188e0da9e87c4a62" + nubusTwoFaSelfserviceProvisioning: + registry: "harbor-registry.atlantishq.de" + repository: "atlantishq/twofa-portal-extensions" + tag: "new7" nubusKeycloak: # providerCategory: "Supplier" # providerResponsible: "Univention"