diff --git a/helmfile/apps/collabora/values.gotmpl b/helmfile/apps/collabora/values.gotmpl index 12dfb5a4..621dc6b6 100644 --- a/helmfile/apps/collabora/values.gotmpl +++ b/helmfile/apps/collabora/values.gotmpl @@ -29,7 +29,7 @@ ingress: collabora: # Admin Console Credentials: https://CODE-domain/browser/dist/admin/admin.html username: "collabora-internal-admin" - password: {{ .Values.secrets.collabora.adminPassword }} + password: {{ .Values.secrets.collabora.adminPassword | quote }} aliasgroups: - host: "https://{{ .Values.global.hosts.nextcloud }}.{{ .Values.global.domain }}:443" diff --git a/helmfile/apps/element/values-synapse.gotmpl b/helmfile/apps/element/values-synapse.gotmpl index 155ae9ce..66123417 100644 --- a/helmfile/apps/element/values-synapse.gotmpl +++ b/helmfile/apps/element/values-synapse.gotmpl @@ -22,7 +22,7 @@ configuration: host: "{{ .Values.databases.synapse.host }}" name: "{{ .Values.databases.synapse.name }}" user: "{{ .Values.databases.synapse.username }}" - password: "{{ .Values.databases.synapse.password | default .Values.secrets.postgresql.matrixUser }}" + password: {{ .Values.databases.synapse.password | default .Values.secrets.postgresql.matrixUser | quote }} homeserver: oidc: @@ -41,7 +41,7 @@ configuration: port: {{ .Values.turn.server.port }} transport: {{ .Values.turn.transport }} {{- end }} - + guestModule: image: imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" diff --git a/helmfile/apps/intercom-service/values.gotmpl b/helmfile/apps/intercom-service/values.gotmpl index 323662f7..bee4721a 100644 --- a/helmfile/apps/intercom-service/values.gotmpl +++ b/helmfile/apps/intercom-service/values.gotmpl @@ -27,7 +27,7 @@ ics: redis: host: {{ .Values.cache.intercomService.host }} port: {{ .Values.cache.intercomService.port }} - password: {{ .Values.cache.intercomService.password | default .Values.secrets.redis.password }} + password: {{ .Values.cache.intercomService.password | default .Values.secrets.redis.password | quote }} openxchange: url: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}" diff --git a/helmfile/apps/jitsi/values-jitsi.gotmpl b/helmfile/apps/jitsi/values-jitsi.gotmpl index 75c931e5..457c0e8c 100644 --- a/helmfile/apps/jitsi/values-jitsi.gotmpl +++ b/helmfile/apps/jitsi/values-jitsi.gotmpl @@ -86,7 +86,7 @@ jitsi: repository: "{{ .Values.global.imageRegistry }}/{{ .Values.images.jicofo.repository }}" tag: "{{ .Values.images.jicofo.tag }}" xmpp: - password: "{{ .Values.secrets.jitsi.jicofoAuthPassword }}" + password: {{ .Values.secrets.jitsi.jicofoAuthPassword | quote }} componentSecret: "{{ .Values.secrets.jitsi.jicofoComponentPassword }}" resources: {{ .Values.resources.jicofo | toYaml | nindent 6 }} diff --git a/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl b/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl index f85ec5d1..fb3fdb61 100644 --- a/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl +++ b/helmfile/apps/keycloak-bootstrap/values-bootstrap.gotmpl @@ -17,7 +17,7 @@ cleanup: config: administrator: - password: "{{ .Values.secrets.keycloak.adminPassword }}" + password: {{ .Values.secrets.keycloak.adminPassword | quote }} image: registry: "{{ .Values.global.imageRegistry }}" diff --git a/helmfile/apps/keycloak/values-extensions.gotmpl b/helmfile/apps/keycloak/values-extensions.gotmpl index 57173f6d..50fae0a3 100644 --- a/helmfile/apps/keycloak/values-extensions.gotmpl +++ b/helmfile/apps/keycloak/values-extensions.gotmpl @@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0 --- global: keycloak: - adminPassword: {{ .Values.secrets.keycloak.adminPassword }} + adminPassword: {{ .Values.secrets.keycloak.adminPassword | quote }} postgresql: connection: host: "{{ .Values.databases.keycloakExtension.host }}" @@ -13,7 +13,7 @@ global: auth: database: "{{ .Values.databases.keycloakExtension.name }}" username: "{{ .Values.databases.keycloakExtension.username }}" - password: {{ .Values.databases.keycloakExtension.password | default .Values.secrets.postgresql.keycloakExtensionUser }} + password: {{ .Values.databases.keycloakExtension.password | default .Values.secrets.postgresql.keycloakExtensionUser | quote }} handler: image: registry: "{{ .Values.global.imageRegistry }}" @@ -21,7 +21,7 @@ handler: tag: "{{ .Values.images.keycloakExtensionHandler.tag }}" imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" appConfig: - smtpPassword: "{{ .Values.smtp.password }}" + smtpPassword: {{ .Values.smtp.password | quote }} smtpHost: "{{ .Values.smtp.host }}" smtpUsername: "{{ .Values.smtp.username }}" mailFrom: "noreply@{{ .Values.global.domain }}" diff --git a/helmfile/apps/keycloak/values-keycloak.gotmpl b/helmfile/apps/keycloak/values-keycloak.gotmpl index a3808515..983dfcf1 100644 --- a/helmfile/apps/keycloak/values-keycloak.gotmpl +++ b/helmfile/apps/keycloak/values-keycloak.gotmpl @@ -20,10 +20,10 @@ externalDatabase: port: {{ .Values.databases.keycloak.port }} user: "{{ .Values.databases.keycloak.username }}" database: "{{ .Values.databases.keycloak.name }}" - password: {{ .Values.databases.keycloak.password | default .Values.secrets.postgresql.keycloakUser }} + password: {{ .Values.databases.keycloak.password | default .Values.secrets.postgresql.keycloakUser | quote }} auth: - adminPassword: {{ .Values.secrets.keycloak.adminPassword }} + adminPassword: {{ .Values.secrets.keycloak.adminPassword | quote }} replicaCount: {{ .Values.replicas.keycloak }} diff --git a/helmfile/apps/nextcloud/values-bootstrap.gotmpl b/helmfile/apps/nextcloud/values-bootstrap.gotmpl index 1cb6bba8..4408a6b9 100644 --- a/helmfile/apps/nextcloud/values-bootstrap.gotmpl +++ b/helmfile/apps/nextcloud/values-bootstrap.gotmpl @@ -14,7 +14,7 @@ global: config: administrator: - password: {{ .Values.secrets.nextcloud.adminPassword }} + password: {{ .Values.secrets.nextcloud.adminPassword | quote }} antivirus: {{- if .Values.clamavDistributed.enabled }} @@ -25,15 +25,15 @@ config: apps: integrationSwp: - password: {{ .Values.secrets.centralnavigation.apiKey }} + password: {{ .Values.secrets.centralnavigation.apiKey | quote }} userOidc: - password: {{ .Values.secrets.keycloak.clientSecret.ncoidc }} + password: {{ .Values.secrets.keycloak.clientSecret.ncoidc | quote }} database: host: "{{ .Values.databases.nextcloud.host }}" name: "{{ .Values.databases.nextcloud.name }}" user: "{{ .Values.databases.nextcloud.username }}" - password: "{{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser }}" + password: {{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser | quote }} ldapSearch: password: "{{ .Values.secrets.univentionCorporateServer.ldapSearch.nextcloud }}" diff --git a/helmfile/apps/nextcloud/values-nextcloud.gotmpl b/helmfile/apps/nextcloud/values-nextcloud.gotmpl index 62b3c92d..e4a2defc 100644 --- a/helmfile/apps/nextcloud/values-nextcloud.gotmpl +++ b/helmfile/apps/nextcloud/values-nextcloud.gotmpl @@ -6,20 +6,20 @@ SPDX-License-Identifier: Apache-2.0 nextcloud: host: "{{ .Values.global.hosts.nextcloud }}.{{ .Values.global.domain }}" username: "nextcloud" - password: {{ .Values.secrets.nextcloud.adminPassword }} + password: {{ .Values.secrets.nextcloud.adminPassword | quote }} externalDatabase: database: "{{ .Values.databases.nextcloud.name }}" user: "{{ .Values.databases.nextcloud.username }}" host: "{{ .Values.databases.nextcloud.host }}" - password: "{{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser }}" + password: {{ .Values.databases.nextcloud.password | default .Values.secrets.mariadb.nextcloudUser | quote }} extraEnv: REDIS_HOST: {{ .Values.cache.nextcloud.host | quote }} REDIS_HOST_PORT: {{ .Values.cache.nextcloud.port | quote }} - REDIS_HOST_PASSWORD: {{ .Values.cache.nextcloud.password | default .Values.secrets.redis.password }} + REDIS_HOST_PASSWORD: {{ .Values.cache.nextcloud.password | default .Values.secrets.redis.password | quote }} redis: auth: enabled: true - password: {{ .Values.cache.nextcloud.password | default .Values.secrets.redis.password }} + password: {{ .Values.cache.nextcloud.password | default .Values.secrets.redis.password | quote }} ingress: enabled: {{ .Values.ingress.enabled }} className: {{ .Values.ingress.ingressClassName }} diff --git a/helmfile/apps/open-xchange/values-dovecot.gotmpl b/helmfile/apps/open-xchange/values-dovecot.gotmpl index abd5913b..034fdda4 100644 --- a/helmfile/apps/open-xchange/values-dovecot.gotmpl +++ b/helmfile/apps/open-xchange/values-dovecot.gotmpl @@ -16,10 +16,10 @@ imagePullSecrets: dovecot: mailDomain: "{{ .Values.global.domain }}" - password: {{ .Values.secrets.dovecot.doveadm }} + password: {{ .Values.secrets.dovecot.doveadm | quote }} ldap: dn: "uid=ldapsearch_dovecot,cn=users,dc=swp-ldap,dc=internal" - password: {{ .Values.secrets.univentionCorporateServer.ldapSearch.dovecot }} + password: {{ .Values.secrets.univentionCorporateServer.ldapSearch.dovecot | quote }} oidc: introspectionURL: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/token/introspect" clientSecret: {{ .Values.secrets.keycloak.clientSecret.as8oidc }} diff --git a/helmfile/apps/open-xchange/values-openxchange.gotmpl b/helmfile/apps/open-xchange/values-openxchange.gotmpl index 3707046c..98c8ca57 100644 --- a/helmfile/apps/open-xchange/values-openxchange.gotmpl +++ b/helmfile/apps/open-xchange/values-openxchange.gotmpl @@ -11,8 +11,8 @@ global: database: "{{ .Values.databases.oxAppsuite.name }}" auth: user: "{{ .Values.databases.oxAppsuite.username }}" - password: "{{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword }}" - rootPassword: "{{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword }}" + password: {{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword | quote }} + rootPassword: {{ .Values.databases.oxAppsuite.password | default .Values.secrets.mariadb.rootPassword | quote }} istio: enabled: {{ .Values.istio.enabled }} diff --git a/helmfile/apps/openproject/values.gotmpl b/helmfile/apps/openproject/values.gotmpl index ed71702e..ef4530be 100644 --- a/helmfile/apps/openproject/values.gotmpl +++ b/helmfile/apps/openproject/values.gotmpl @@ -24,7 +24,7 @@ memcached: postgresql: auth: - password: {{ .Values.databases.openproject.password | default .Values.secrets.postgresql.openprojectUser }} + password: {{ .Values.databases.openproject.password | default .Values.secrets.postgresql.openprojectUser | quote }} username: "{{ .Values.databases.openproject.username }}" database: "{{ .Values.databases.openproject.name }}" connection: @@ -38,7 +38,7 @@ openproject: name: "OpenProject Interal Admin" mail: "openproject-admin@swp-domain.internal" password_reset: "false" - password: "{{ .Values.secrets.openproject.adminPassword }}" + password: {{ .Values.secrets.openproject.adminPassword | quote }} ingress: host: "{{ .Values.global.hosts.openproject }}.{{ .Values.global.domain }}" diff --git a/helmfile/apps/provisioning/values-oxconnector.gotmpl b/helmfile/apps/provisioning/values-oxconnector.gotmpl index c86188ee..c10bed9d 100644 --- a/helmfile/apps/provisioning/values-oxconnector.gotmpl +++ b/helmfile/apps/provisioning/values-oxconnector.gotmpl @@ -21,7 +21,7 @@ oxConnector: domainName: "{{ .Values.global.domain }}" #oxMasterAdmin: "(( .Values.appsuite.core-mw.masterAdmin ))" oxMasterAdmin: "admin" - oxMasterPassword: "{{ .Values.secrets.oxAppsuite.adminPassword }}" + oxMasterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }} oxSoapServer: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}" oxDefaultContext: "1" diff --git a/helmfile/apps/services/values-mariadb.gotmpl b/helmfile/apps/services/values-mariadb.gotmpl index 0c23c459..28188641 100644 --- a/helmfile/apps/services/values-mariadb.gotmpl +++ b/helmfile/apps/services/values-mariadb.gotmpl @@ -18,11 +18,11 @@ image: job: users: - username: "xwiki_user" - password: "{{ .Values.secrets.mariadb.xwikiUser }}" + password: {{ .Values.secrets.mariadb.xwikiUser | quote }} - username: "openxchange_user" - password: "{{ .Values.secrets.mariadb.openxchangeUser }}" + password: {{ .Values.secrets.mariadb.openxchangeUser | quote }} - username: "nextcloud_user" - password: "{{ .Values.secrets.mariadb.nextcloudUser }}" + password: {{ .Values.secrets.mariadb.nextcloudUser | quote}} databases: - name: "xwiki" user: "xwiki_user" @@ -32,7 +32,7 @@ job: user: "openxchange_user" mariadb: - rootPassword: "{{ .Values.secrets.mariadb.rootPassword }}" + rootPassword: {{ .Values.secrets.mariadb.rootPassword | quote }} persistence: storageClass: "{{ .Values.persistence.storageClassNames.RWO }}" diff --git a/helmfile/apps/services/values-postgresql.gotmpl b/helmfile/apps/services/values-postgresql.gotmpl index 70b9a4ff..9a95c2b2 100644 --- a/helmfile/apps/services/values-postgresql.gotmpl +++ b/helmfile/apps/services/values-postgresql.gotmpl @@ -16,15 +16,15 @@ image: job: users: - username: "keycloak_user" - password: {{ .Values.secrets.postgresql.keycloakUser }} + password: {{ .Values.secrets.postgresql.keycloakUser | quote }} - username: "openproject_user" - password: {{ .Values.secrets.postgresql.openprojectUser }} + password: {{ .Values.secrets.postgresql.openprojectUser | quote }} - username: "keycloak_extensions_user" - password: {{ .Values.secrets.postgresql.keycloakExtensionUser }} + password: {{ .Values.secrets.postgresql.keycloakExtensionUser | quote }} - username: "matrix_user" - password: {{ .Values.secrets.postgresql.matrixUser }} + password: {{ .Values.secrets.postgresql.matrixUser | quote }} - username: "notificationsapi_user" - password: {{ .Values.secrets.postgresql.notificationsapiUser }} + password: {{ .Values.secrets.postgresql.notificationsapiUser | quote }} databases: - name: "keycloak" user: "keycloak_user" @@ -43,7 +43,7 @@ persistence: size: "{{ .Values.persistence.size.postgresql }}" postgres: - password: {{ .Values.secrets.postgresql.postgresUser }} + password: {{ .Values.secrets.postgresql.postgresUser | quote }} resources: {{ .Values.resources.postgresql | toYaml | nindent 2 }} diff --git a/helmfile/apps/services/values-redis.gotmpl b/helmfile/apps/services/values-redis.gotmpl index 0c9c8838..f941795e 100644 --- a/helmfile/apps/services/values-redis.gotmpl +++ b/helmfile/apps/services/values-redis.gotmpl @@ -4,7 +4,7 @@ SPDX-License-Identifier: Apache-2.0 */}} --- auth: - password: {{ .Values.secrets.redis.password }} + password: {{ .Values.secrets.redis.password | quote }} global: imageRegistry: "{{ .Values.global.imageRegistry }}" diff --git a/helmfile/apps/univention-corporate-container/values.gotmpl b/helmfile/apps/univention-corporate-container/values.gotmpl index 9381cfcb..9eb5ba1d 100644 --- a/helmfile/apps/univention-corporate-container/values.gotmpl +++ b/helmfile/apps/univention-corporate-container/values.gotmpl @@ -37,31 +37,31 @@ extraEnvVars: - name: LDAPSEARCH_OX_USERNAME value: "ldapsearch_ox" - name: LDAPSEARCH_OX_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.ox }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.ox | quote }} - name: LDAPSEARCH_DOVECOT_USERNAME value: "ldapsearch_dovecot" - name: LDAPSEARCH_DOVECOT_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.dovecot }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.dovecot | quote }} - name: LDAPSEARCH_KEYCLOAK_USERNAME value: "ldapsearch_keycloak" - name: LDAPSEARCH_KEYCLOAK_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.keycloak }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.keycloak | quote }} - name: LDAPSEARCH_NEXTCLOUD_USERNAME value: "ldapsearch_nextcloud" - name: LDAPSEARCH_NEXTCLOUD_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.nextcloud }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.nextcloud | quote }} - name: LDAPSEARCH_OPENPROJECT_USERNAME value: "ldapsearch_openproject" - name: LDAPSEARCH_OPENPROJECT_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.openproject }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.openproject | quote }} - name: LDAPSEARCH_XWIKI_USERNAME value: "ldapsearch_xwiki" - name: LDAPSEARCH_XWIKI_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.xwiki }} + value: {{ .Values.secrets.univentionCorporateServer.ldapSearch.xwiki | quote }} - name: DEFAULT_ACCOUNT_USER_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.defaultAccounts.userPassword }} + value: {{ .Values.secrets.univentionCorporateServer.defaultAccounts.userPassword | quote }} - name: DEFAULT_ACCOUNT_ADMIN_PASSWORD - value: {{ .Values.secrets.univentionCorporateServer.defaultAccounts.adminPassword }} + value: {{ .Values.secrets.univentionCorporateServer.defaultAccounts.adminPassword | quote }} resources: {{ .Values.resources.univentionCorporateServer | toYaml | nindent 2 }} diff --git a/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl b/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl index 2c8d45dd..1c42571a 100644 --- a/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl +++ b/helmfile/apps/univention-management-stack/values-notifications-api.gotmpl @@ -11,7 +11,7 @@ postgresql: auth: username: "notificationsapi_user" database: "notificationsapi" - password: {{ .Values.secrets.postgresql.notificationsapiUser }} + password: {{ .Values.secrets.postgresql.notificationsapiUser | quote }} image: registry: "{{ .Values.global.imageRegistry }}" diff --git a/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl b/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl index 1fc4bca8..ca605ebc 100644 --- a/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl +++ b/helmfile/apps/univention-management-stack/values-stack-data-swp.gotmpl @@ -5,7 +5,7 @@ SPDX-License-Identifier: Apache-2.0 --- stackDataSwp: udmApiUsername: "cn=admin" - udmApiPassword: "{{ .Values.secrets.univentionManagementStack.ldapSecret }}" + udmApiPassword: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} udmApiUrl: "http://ums-udm-rest-api/udm/" loadDevData: true diff --git a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl index f726416d..93499df5 100644 --- a/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl +++ b/helmfile/apps/univention-management-stack/values-stack-data-ums.gotmpl @@ -5,13 +5,13 @@ SPDX-License-Identifier: Apache-2.0 --- stackDataUms: udmApiUser: "cn=admin" - udmApiPassword: "{{ .Values.secrets.univentionManagementStack.ldapSecret }}" + udmApiPassword: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }} udmApiUrl: "http://ums-udm-rest-api/udm/" loadDevData: true stackDataContext: ldapBase: "dc=swp-ldap,dc=internal" - initialPasswordAdministrator: "{{ .Values.secrets.univentionManagementStack.defaultAccounts.administratorPassword }}" + initialPasswordAdministrator: {{ .Values.secrets.univentionManagementStack.defaultAccounts.administratorPassword | quote }} # The SWP configuration brings its own UMC policies. installUmcPolicies: false diff --git a/helmfile/apps/xwiki/values.gotmpl b/helmfile/apps/xwiki/values.gotmpl index 78953927..685972e7 100644 --- a/helmfile/apps/xwiki/values.gotmpl +++ b/helmfile/apps/xwiki/values.gotmpl @@ -9,7 +9,7 @@ image: pullPolicy: "{{ .Values.global.imagePullPolicy }}" externalDB: - password: "{{ .Values.databases.xwiki.password | default .Values.secrets.mariadb.rootPassword }}" + password: {{ .Values.databases.xwiki.password | default .Values.secrets.mariadb.rootPassword | quote }} database: "{{ .Values.databases.xwiki.name }}" user: "{{ .Values.databases.xwiki.username }}" host: "{{ .Values.databases.xwiki.host }}"