mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-07 07:51:38 +01:00
Compare commits
2 Commits
feat/updat
...
jlohmer/sp
| Author | SHA1 | Date | |
|---|---|---|---|
|
faba0b991d | ||
|
|
62f0a4bef2 |
@@ -440,7 +440,7 @@ portal-server:
|
||||
{{ .Values.resources.umsPortalServer | toYaml | nindent 4 }}
|
||||
|
||||
provisioning:
|
||||
enabled: false
|
||||
enabled: true
|
||||
api:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.umsProvisioningEventsAndConsumerApi.registry | quote }}
|
||||
@@ -452,6 +452,37 @@ provisioning:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
credentialSecretName: "ums-provisioning-api-credentials"
|
||||
udmTransformer:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.umsProvisioningUdmTransformer.registry | quote }}
|
||||
repository: {{ .Values.images.umsProvisioningUdmTransformer.repository }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy }}
|
||||
tag: {{ .Values.images.umsProvisioningUdmTransformer.tag }}
|
||||
pullSecrets:
|
||||
{{- range .Values.global.imagePullSecrets }}
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
config:
|
||||
LOG_LEVEL: "DEBUG"
|
||||
# not actually used in the code but needed for startup
|
||||
UDM_HOST: "foobar"
|
||||
UDM_PORT: 80
|
||||
LDAP_TLS_MODE: "off"
|
||||
api:
|
||||
auth:
|
||||
credentialSecretName: "ums-provisioning-udm-transformer-api-credentials"
|
||||
nats:
|
||||
auth:
|
||||
credentialSecretName: "ums-provisioning-udm-transformer-credentials"
|
||||
ldap:
|
||||
baseDn: {{ .Values.ldap.baseDn | quote }}
|
||||
auth:
|
||||
bindDn: {{ printf "%s,%s" "cn=admin" .Values.ldap.baseDn | quote }}
|
||||
credertialSecretName: "ums-provisioning-udm-transformer-ldap-credentials"
|
||||
connection:
|
||||
host: {{ .Values.ldap.host | quote }}
|
||||
port: "389"
|
||||
|
||||
dispatcher:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.umsProvisioningDispatcher.registry | quote }}
|
||||
@@ -463,6 +494,8 @@ provisioning:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
credentialSecretName: "ums-provisioning-dispatcher-credentials"
|
||||
config:
|
||||
UDM_HOST: "ums-udm-rest-api"
|
||||
prefill:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.umsProvisioningPrefill.registry | quote }}
|
||||
@@ -474,69 +507,19 @@ provisioning:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
credentialSecretName: "ums-provisioning-prefill-credentials"
|
||||
nats:
|
||||
config:
|
||||
authorization:
|
||||
enabled: false
|
||||
users:
|
||||
- user: "admin"
|
||||
password: "$NATS_PASSWORD"
|
||||
permissions:
|
||||
publish: ">"
|
||||
subscribe: ">"
|
||||
- user: "$NATS_API_USER"
|
||||
password: "$NATS_API_PASSWORD"
|
||||
permissions:
|
||||
publish: ">"
|
||||
subscribe: ">"
|
||||
- user: "$NATS_DISPATCHER_USER"
|
||||
password: "$NATS_DISPATCHER_PASSWORD"
|
||||
permissions:
|
||||
publish: ">"
|
||||
subscribe: ">"
|
||||
- user: "$NATS_PREFILL_USER"
|
||||
password: "$NATS_PREFILL_PASSWORD"
|
||||
permissions:
|
||||
publish: ">"
|
||||
subscribe: ">"
|
||||
extraEnvVars:
|
||||
- name: NATS_USER
|
||||
value: "admin"
|
||||
- name: NATS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-nats-credentials
|
||||
key: admin_password
|
||||
- name: NATS_API_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-api-credentials
|
||||
key: NATS_USER
|
||||
- name: NATS_API_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-api-credentials
|
||||
key: NATS_PASSWORD
|
||||
- name: NATS_DISPATCHER_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-dispatcher-credentials
|
||||
key: NATS_USER
|
||||
- name: NATS_DISPATCHER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-dispatcher-credentials
|
||||
key: NATS_PASSWORD
|
||||
- name: NATS_PREFILL_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-prefill-credentials
|
||||
key: NATS_USER
|
||||
- name: NATS_PREFILL_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: ums-provisioning-prefill-credentials
|
||||
key: NATS_PASSWORD
|
||||
register_consumers:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.umsWaitForDependency.registry | quote }}
|
||||
repository: {{ .Values.images.umsWaitForDependency.repository }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy }}
|
||||
tag: {{ .Values.images.umsWaitForDependency.tag }}
|
||||
pullSecrets:
|
||||
{{- range .Values.global.imagePullSecrets }}
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
credentialSecretName: "ums-provisioning-register-consumers-credentials"
|
||||
jsonSecretName: "ums-provisioning-register-consumers-json-secrets"
|
||||
provisioningApiBaseUrl: "http://ums-provisioning-api/internal/admin/v1/subscriptions"
|
||||
nats:
|
||||
nats:
|
||||
image:
|
||||
@@ -557,14 +540,13 @@ provisioning:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.umsNatsReloader.tag | quote }}
|
||||
|
||||
|
||||
ingress:
|
||||
host: "localhost"
|
||||
tls:
|
||||
enabled: false
|
||||
|
||||
udm-listener:
|
||||
enabled: false
|
||||
enabled: true
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.umsProvisioningUdmListener.registry | quote }}
|
||||
repository: {{ .Values.images.umsProvisioningUdmListener.repository | quote }}
|
||||
@@ -575,15 +557,18 @@ udm-listener:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
config:
|
||||
debugLevel: "4"
|
||||
ldapBaseDn: {{ .Values.ldap.baseDn | quote }}
|
||||
ldapHost: {{ .Values.ldap.host | quote }}
|
||||
ldapHostDn: {{ printf "%s,%s" "cn=admin" .Values.ldap.baseDn | quote }}
|
||||
ldapPassword: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
|
||||
ldapPort: "389"
|
||||
internalApiHost: "ums-provisioning-api"
|
||||
notifierServer: "ums-ldap-notifier"
|
||||
tlsMode: "off"
|
||||
natsHost: "ums-provisioning-nats"
|
||||
natsUser: {{ .Values.provisioning.udmListener.nats.username | quote }}
|
||||
natsPassword: {{ .Values.provisioning.udmListener.nats.password | default .Values.secrets.univentionManagementStack.provisioning.udmListener.nats.password | quote }}
|
||||
eventsUsernameUdm: {{ .Values.provisioning.api.udmListener.username | quote }}
|
||||
eventsPasswordUdm: {{ .Values.provisioning.api.udmListener.password | default .Values.secrets.univentionManagementStack.provisioning.api.udmListener.password | quote }}
|
||||
|
||||
stack-data-ums:
|
||||
enabled: true
|
||||
@@ -1052,12 +1037,25 @@ keycloak-bootstrap:
|
||||
cleanup:
|
||||
deletePodsOnSuccess: {{ .Values.cleanup.deletePodsOnSuccess }}
|
||||
keepPVCOnDelete: {{ .Values.cleanup.keepPVCOnDelete }}
|
||||
keycloak:
|
||||
auth:
|
||||
username: "kcadmin"
|
||||
password: {{ .Values.secrets.keycloak.adminPassword | quote }}
|
||||
realm: {{ .Values.platform.realm | quote }}
|
||||
connection:
|
||||
host: "ums-keycloak.{{ .Release.Namespace }}.svc.{{ .Values.cluster.networking.domain }}:8080"
|
||||
baseUrl: "http://ums-keycloak:8080"
|
||||
ldap:
|
||||
connection:
|
||||
host: "ums-ldap-server"
|
||||
port: 389
|
||||
baseDn: "dc=univention-organization,dc=intranet"
|
||||
auth:
|
||||
bindDn: "uid=ldapsearch_keycloak,cn=users,dc=univention-organization,dc=intranet"
|
||||
password: "univention"
|
||||
|
||||
config:
|
||||
keycloak:
|
||||
adminUser: "kcadmin"
|
||||
adminPassword: {{ .Values.secrets.keycloak.adminPassword | quote }}
|
||||
realm: {{ .Values.platform.realm | quote }}
|
||||
intraCluster:
|
||||
enabled: true
|
||||
internalBaseUrl: "http://ums-keycloak.{{ .Release.Namespace }}.svc.{{ .Values.cluster.networking.domain }}:8080"
|
||||
@@ -1115,10 +1113,12 @@ keycloak-bootstrap:
|
||||
keycloak-extensions:
|
||||
enabled: true
|
||||
keycloak:
|
||||
host: "ums-keycloak.{{ .Release.Namespace }}.svc.{{ .Values.cluster.networking.domain }}:8080"
|
||||
adminUsername: "kcadmin"
|
||||
adminPassword: {{ .Values.secrets.keycloak.adminPassword | quote }}
|
||||
adminRealm: "master"
|
||||
connection:
|
||||
host: "ums-keycloak.{{ .Release.Namespace }}.svc.{{ .Values.cluster.networking.domain }}:8080"
|
||||
auth:
|
||||
username: "kcadmin"
|
||||
password: {{ .Values.secrets.keycloak.adminPassword | quote }}
|
||||
realm: "master"
|
||||
realm: {{ .Values.platform.realm | quote }}
|
||||
postgresql:
|
||||
connection:
|
||||
@@ -1547,23 +1547,6 @@ extraSecrets:
|
||||
- name: ums-portal-server-authenticator-credentials
|
||||
stringData:
|
||||
authenticator.secret: {{ .Values.secrets.centralnavigation.apiKey | quote }}
|
||||
- name: ums-provisioning-api-credentials
|
||||
stringData:
|
||||
NATS_USER: "api"
|
||||
NATS_PASSWORD: "password"
|
||||
- name: ums-provisioning-dispatcher-credentials
|
||||
stringData:
|
||||
UDM_USERNAME: "cn=admin"
|
||||
UDM_PASSWORD: "password"
|
||||
NATS_USER: "dispatcher"
|
||||
NATS_PASSWORD: "password"
|
||||
- name: ums-provisioning-prefill-credentials
|
||||
stringData:
|
||||
NATS_USER: "prefill"
|
||||
NATS_PASSWORD: "password"
|
||||
- name: ums-provisioning-nats-credentials
|
||||
stringData:
|
||||
admin_password: "nimda"
|
||||
- name: ums-udm-rest-api-credentials
|
||||
stringData:
|
||||
ldap.secret: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
|
||||
@@ -1578,4 +1561,68 @@ extraSecrets:
|
||||
stringData:
|
||||
KEYCLOAK_ADMIN_PASSWORD: {{ .Values.secrets.keycloak.adminPassword | quote }}
|
||||
GUARDIAN_MANAGEMENT_API_CLIENT_SECRET: {{ .Values.secrets.keycloak.clientSecret.guardian | quote }}
|
||||
|
||||
|
||||
- name: ums-provisioning-nats-credentials
|
||||
stringData:
|
||||
admin_password: {{ .Values.provisioning.nats.password | default .Values.secrets.univentionManagementStack.provisioning.nats.password | quote }}
|
||||
- name: ums-provisioning-api-credentials
|
||||
stringData:
|
||||
NATS_USER: {{ .Values.provisioning.api.nats.username | quote }}
|
||||
NATS_PASSWORD: {{ .Values.provisioning.api.nats.password | default .Values.secrets.univentionManagementStack.provisioning.api.nats.password | quote }}
|
||||
ADMIN_NATS_USER: {{ .Values.provisioning.nats.username | quote }}
|
||||
ADMIN_NATS_PASSWORD: {{ .Values.provisioning.nats.password | default .Values.secrets.univentionManagementStack.provisioning.nats.password | quote }}
|
||||
ADMIN_USERNAME: {{ .Values.provisioning.api.admin.username | quote }}
|
||||
ADMIN_PASSWORD: {{ .Values.provisioning.api.admin.password | default .Values.secrets.univentionManagementStack.provisioning.api.admin.password | quote }}
|
||||
PREFILL_USERNAME: {{ .Values.provisioning.api.prefill.username | quote }}
|
||||
PREFILL_PASSWORD: {{ .Values.provisioning.api.prefill.password | default .Values.secrets.univentionManagementStack.provisioning.api.prefill.password | quote }}
|
||||
# UDM Transformer Username
|
||||
EVENTS_USERNAME_UDM: {{ .Values.provisioning.api.udmListener.username | quote }}
|
||||
# UDM Transformer Password
|
||||
EVENTS_PASSWORD_UDM: {{ .Values.provisioning.api.udmListener.password | default .Values.secrets.univentionManagementStack.provisioning.api.udmListener.password | quote }}
|
||||
- name: ums-provisioning-dispatcher-credentials
|
||||
stringData:
|
||||
UDM_USERNAME: "cn=admin"
|
||||
UDM_PASSWORD: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
|
||||
NATS_USER: {{ .Values.provisioning.dispatcher.nats.username | quote }}
|
||||
NATS_PASSWORD: {{ .Values.provisioning.dispatcher.nats.password | default .Values.secrets.univentionManagementStack.provisioning.dispatcher.nats.password | quote }}
|
||||
- name: ums-provisioning-prefill-credentials
|
||||
stringData:
|
||||
NATS_USER: {{ .Values.provisioning.prefill.nats.username | quote }}
|
||||
NATS_PASSWORD: {{ .Values.provisioning.prefill.nats.password | default .Values.secrets.univentionManagementStack.provisioning.prefill.nats.password | quote }}
|
||||
UDM_USERNAME: "cn=admin"
|
||||
UDM_PASSWORD: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
|
||||
PREFILL_USERNAME: {{ .Values.provisioning.api.prefill.username | quote }}
|
||||
PREFILL_PASSWORD: {{ .Values.provisioning.api.prefill.password | default .Values.secrets.univentionManagementStack.provisioning.api.prefill.password | quote }}
|
||||
- name: ums-provisioning-udm-transformer-api-credentials
|
||||
stringData:
|
||||
# UDM Transformer Username
|
||||
EVENTS_USERNAME_UDM: {{ .Values.provisioning.api.udmListener.username | quote }}
|
||||
# UDM Transformer Password
|
||||
EVENTS_PASSWORD_UDM: {{ .Values.provisioning.api.udmListener.password | default .Values.secrets.univentionManagementStack.provisioning.api.udmListener.password | quote }}
|
||||
- name: ums-provisioning-udm-transformer-credentials
|
||||
stringData:
|
||||
NATS_USER: {{ .Values.provisioning.udmTransformer.nats.username | quote }}
|
||||
NATS_PASSWORD: {{ .Values.provisioning.udmTransformer.nats.password | default .Values.secrets.univentionManagementStack.provisioning.udmTransformer.nats.password | quote }}
|
||||
- name: ums-provisioning-udm-transformer-ldap-credentials
|
||||
stringData:
|
||||
LDAP_BIND_PW: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
|
||||
- name: "ums-provisioning-udm-listener-credentials"
|
||||
stringData:
|
||||
NATS_USER: {{ .Values.provisioning.udmListener.nats.username | quote }}
|
||||
NATS_PASSWORD: {{ .Values.provisioning.udmListener.nats.password | default .Values.secrets.univentionManagementStack.provisioning.udmListener.nats.password | quote }}
|
||||
EVENTS_USERNAME_UDM: {{ .Values.provisioning.api.udmListener.username | quote }}
|
||||
EVENTS_PASSWORD_UDM: {{ .Values.provisioning.api.udmListener.password | default .Values.secrets.univentionManagementStack.provisioning.api.udmListener.password | quote }}
|
||||
- name: "ums-provisioning-register-consumers-credentials"
|
||||
stringData:
|
||||
ADMIN_USERNAME: {{ .Values.provisioning.api.admin.username | quote }}
|
||||
ADMIN_PASSWORD: {{ .Values.provisioning.api.admin.password | default .Values.secrets.univentionManagementStack.provisioning.api.admin.password | quote }}
|
||||
- name: "ums-provisioning-register-consumers-json-secrets"
|
||||
stringData:
|
||||
consumer.json: |
|
||||
{ "name": "consumer", "realms_topics": [["udm", "groups/group"]], "request_prefill": true, "password": "s0m3p4ss" }
|
||||
- name: "ums-provisioning-selfservice-listener-credentials"
|
||||
stringData:
|
||||
NATS_USER: {{ .Values.provisioning.selfservice.nats.username | quote }}
|
||||
NATS_PASSWORD: {{ .Values.provisioning.selfservice.nats.password | default .Values.secrets.univentionManagementStack.provisioning.selfservice.nats.password | quote }}
|
||||
...
|
||||
|
||||
@@ -375,10 +375,10 @@ charts:
|
||||
# upstreamRepository: 'souvap/tooling/charts/univention/ums'
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ['0', '0', '1']
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
||||
registry: "registry.souvap-univention.de"
|
||||
repository: "souvap/tooling/charts/univention"
|
||||
name: "ums"
|
||||
version: "0.12.0"
|
||||
version: "0.14.0-pre-jlohmer-split-provisioning-listener"
|
||||
verify: true
|
||||
umsKeycloakBootstrap:
|
||||
# providerCategory: 'Supplier'
|
||||
|
||||
@@ -668,9 +668,11 @@ images:
|
||||
# upstreamRepository: 'souvap/tooling/images/univention/provisioning-dispatcher'
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ['0', '14', '0']
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-dispatcher"
|
||||
tag: "0.21.3@sha256:29c5f216ab0f8d12c1e77969de6e82046c0d47e1111838fb0a2dcd9950c0175d"
|
||||
# /univention/customers/dataport/upx/provisioning/provisioning-dispatcher@sha256:3e62ca53312ed3c24a72216b881c6859013286d43fde17923309f99c613f14ab
|
||||
# /souvap/tooling/images/univention/provisioning-dispatcher:0.26.0
|
||||
registry: "registry.souvap-univention.de"
|
||||
repository: "souvap/tooling/images/univention/provisioning-dispatcher"
|
||||
tag: "0.26.0"
|
||||
umsProvisioningEventsAndConsumerApi:
|
||||
# providerCategory: 'Supplier'
|
||||
# providerResponsible: 'Univention'
|
||||
@@ -678,9 +680,9 @@ images:
|
||||
# upstreamRepository: 'souvap/tooling/images/univention/provisioning-events-and-consumer-api'
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ['0', '14', '0']
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-events-and-consumer-api"
|
||||
tag: "0.21.3@sha256:4cb498a64dd40c0963ca1ca382213ad5b8a4de5eb57650946d78ac44b359f43f"
|
||||
registry: "registry.souvap-univention.de"
|
||||
repository: "souvap/tooling/images/univention/provisioning-events-and-consumer-api"
|
||||
tag: "0.26.0"
|
||||
umsProvisioningPrefill:
|
||||
# providerCategory: 'Supplier'
|
||||
# providerResponsible: 'Univention'
|
||||
@@ -688,9 +690,19 @@ images:
|
||||
# upstreamRepository: 'souvap/tooling/images/univention/provisioning-prefill'
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ['0', '14', '0']
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-prefill"
|
||||
tag: "0.21.3@sha256:944ff8558d12c59f3490cba68680281c3fa5468fd6fd011fd002befcb9956973"
|
||||
registry: "registry.souvap-univention.de"
|
||||
repository: "souvap/tooling/images/univention/provisioning-prefill"
|
||||
tag: "0.26.0"
|
||||
umsProvisioningUdmTransformer:
|
||||
# providerCategory: 'Supplier'
|
||||
# providerResponsible: 'Univention'
|
||||
# upstreamRegistry: 'registry.souvap-univention.de'
|
||||
# upstreamRepository: 'souvap/tooling/images/univention/provisioning-udm-transformer'
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ['0', '14', '0']
|
||||
registry: "registry.souvap-univention.de"
|
||||
repository: "souvap/tooling/images/univention/provisioning-udm-transformer"
|
||||
tag: "0.26.0"
|
||||
umsProvisioningUdmListener:
|
||||
# providerCategory: 'Supplier'
|
||||
# providerResponsible: 'Univention'
|
||||
@@ -698,9 +710,9 @@ images:
|
||||
# upstreamRepository: 'souvap/tooling/images/univention/provisioning-udm-listener'
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ['0', '14', '0']
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-listener"
|
||||
tag: "0.21.3@sha256:e1cd42558e44bb72ed5c7798cef711db94df7d10d6895c993ca6412df1d25f02"
|
||||
registry: "registry.souvap-univention.de"
|
||||
repository: "souvap/tooling/images/univention/provisioning-udm-listener"
|
||||
tag: "0.26.0"
|
||||
umsSelfserviceInvitation:
|
||||
# providerCategory: 'Supplier'
|
||||
# providerResponsible: 'Univention'
|
||||
|
||||
41
helmfile/environments/default/provisioning.yaml
Normal file
41
helmfile/environments/default/provisioning.yaml
Normal file
@@ -0,0 +1,41 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
---
|
||||
provisioning:
|
||||
nats:
|
||||
username: "admin"
|
||||
password: ""
|
||||
api:
|
||||
nats:
|
||||
username: "api"
|
||||
password: ""
|
||||
admin:
|
||||
username: "admin"
|
||||
password: ""
|
||||
prefill:
|
||||
username: "prefill"
|
||||
password: ""
|
||||
udmListener:
|
||||
username: "udmListener"
|
||||
password: ""
|
||||
dispatcher:
|
||||
nats:
|
||||
username: "dispatcher"
|
||||
password: ""
|
||||
udmTransformer:
|
||||
nats:
|
||||
username: "udmTransformer"
|
||||
password: ""
|
||||
prefill:
|
||||
nats:
|
||||
username: "prefill"
|
||||
password: ""
|
||||
udmListener:
|
||||
nats:
|
||||
username: "udmListener"
|
||||
password: ""
|
||||
selfservice:
|
||||
nats:
|
||||
username: "selfservice"
|
||||
password: ""
|
||||
...
|
||||
@@ -31,20 +31,32 @@ secrets:
|
||||
portalServer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum | quote }}
|
||||
portalListener: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum | quote }}
|
||||
provisioning:
|
||||
apiNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "nats" | sha1sum | quote }}
|
||||
apiAdminNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "apiAdmin" "nats" | sha1sum | quote }}
|
||||
apiAdminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "admin_api" | sha1sum | quote }}
|
||||
dispatcherPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "dispatcher" "dispatcher_service" | sha1sum | quote }}
|
||||
prefillPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "prefill" "prefill_service" | sha1sum | quote }}
|
||||
prefillNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "prefill" "nats" | sha1sum | quote }}
|
||||
udmProducerPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "udmproducer" "events_api" | sha1sum | quote }}
|
||||
dispatcherNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "dispatcher" "nats" | sha1sum | quote }}
|
||||
dispatcherUdmPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "udm" | sha1sum | quote }}
|
||||
udmListenerNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "udmlistener" "nats" | sha1sum | quote }}
|
||||
udmPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "udm" | sha1sum | quote }}
|
||||
nats:
|
||||
natsAdminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "admin" "nats" | sha1sum | quote }}
|
||||
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "admin" | b64enc | quote }}
|
||||
api:
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "api" | b64enc | quote }}
|
||||
admin:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "admin" | sha1sum | quote }}
|
||||
prefill:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "prefill" | sha1sum | quote }}
|
||||
udmListener:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "udmListener" | sha1sum | quote }}
|
||||
dispatcher:
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "dispatcher" | b64enc | quote }}
|
||||
udmTransformer:
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "udmTransformer" | b64enc | quote }}
|
||||
prefill:
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "prefill" | b64enc | quote }}
|
||||
udmListener:
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "udmListener" | b64enc | quote }}
|
||||
selfservice:
|
||||
nats:
|
||||
password: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nats" "selfservice" | b64enc | quote }}
|
||||
postgresql:
|
||||
postgresUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "postgres_user" | sha1sum | quote }}
|
||||
keycloakUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_user" | sha1sum | quote }}
|
||||
|
||||
Reference in New Issue
Block a user