mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-08 16:28:36 +01:00
Compare commits
1 Commits
uv-jconde/
...
fix/trossn
| Author | SHA1 | Date | |
|---|---|---|---|
|
a71c6077b5 |
@@ -97,6 +97,12 @@ variables:
|
|||||||
options:
|
options:
|
||||||
- "yes"
|
- "yes"
|
||||||
- "no"
|
- "no"
|
||||||
|
DEPLOY_PROVISIONING:
|
||||||
|
description: "Enable Provisioning Components."
|
||||||
|
value: "no"
|
||||||
|
options:
|
||||||
|
- "yes"
|
||||||
|
- "no"
|
||||||
DEPLOY_COLLABORA:
|
DEPLOY_COLLABORA:
|
||||||
description: "Enable Collabora deployment."
|
description: "Enable Collabora deployment."
|
||||||
value: "no"
|
value: "no"
|
||||||
@@ -121,6 +127,12 @@ variables:
|
|||||||
options:
|
options:
|
||||||
- "yes"
|
- "yes"
|
||||||
- "no"
|
- "no"
|
||||||
|
DEPLOY_ICS:
|
||||||
|
description: "Enable ICS deployment."
|
||||||
|
value: "no"
|
||||||
|
options:
|
||||||
|
- "yes"
|
||||||
|
- "no"
|
||||||
DEPLOY_XWIKI:
|
DEPLOY_XWIKI:
|
||||||
description: "Enable XWiki deployment."
|
description: "Enable XWiki deployment."
|
||||||
value: "no"
|
value: "no"
|
||||||
@@ -177,8 +189,8 @@ variables:
|
|||||||
cache: {}
|
cache: {}
|
||||||
dependencies: []
|
dependencies: []
|
||||||
extends: ".environments"
|
extends: ".environments"
|
||||||
image: "registry.opencode.de/bmi/opendesk/components/platform-development/images/helm:1.1.0\
|
image: "registry.opencode.de/bmi/opendesk/components/platform-development/images/helm:1.0.1\
|
||||||
@sha256:74f349066ac5d20e3afaa6abd28781b4c8dc086f67e3d3c1b8345e4a9c3371b1"
|
@sha256:d38f41b88374e055332860018f2936db8807b763caf6089735db0484cbb2842a"
|
||||||
script:
|
script:
|
||||||
- "cd ${CI_PROJECT_DIR}/helmfile/apps/${COMPONENT}"
|
- "cd ${CI_PROJECT_DIR}/helmfile/apps/${COMPONENT}"
|
||||||
# MASTER_PASSWORD_WEB_VAR as precedence for MASTER_PASSWORD
|
# MASTER_PASSWORD_WEB_VAR as precedence for MASTER_PASSWORD
|
||||||
@@ -287,6 +299,18 @@ services-deploy:
|
|||||||
variables:
|
variables:
|
||||||
COMPONENT: "services"
|
COMPONENT: "services"
|
||||||
|
|
||||||
|
provisioning-deploy:
|
||||||
|
stage: "component-deploy-stage-2"
|
||||||
|
extends: ".deploy-common"
|
||||||
|
rules:
|
||||||
|
- if: >
|
||||||
|
$CI_PIPELINE_SOURCE =~ "web|schedules|trigger|api" &&
|
||||||
|
$NAMESPACE =~ /.+/ &&
|
||||||
|
($DEPLOY_ALL_COMPONENTS != "no" || $DEPLOY_UMS != "no" || $DEPLOY_PROVISIONING != "no")
|
||||||
|
when: "on_success"
|
||||||
|
variables:
|
||||||
|
COMPONENT: "provisioning"
|
||||||
|
|
||||||
nubus-deploy:
|
nubus-deploy:
|
||||||
stage: "component-deploy-stage-1"
|
stage: "component-deploy-stage-1"
|
||||||
extends: ".deploy-common"
|
extends: ".deploy-common"
|
||||||
@@ -312,6 +336,18 @@ ox-deploy:
|
|||||||
variables:
|
variables:
|
||||||
COMPONENT: "open-xchange"
|
COMPONENT: "open-xchange"
|
||||||
|
|
||||||
|
ics-deploy:
|
||||||
|
stage: "component-deploy-stage-1"
|
||||||
|
extends: ".deploy-common"
|
||||||
|
rules:
|
||||||
|
- if: >
|
||||||
|
$CI_PIPELINE_SOURCE =~ "web|schedules|trigger|api" &&
|
||||||
|
$NAMESPACE =~ /.+/ &&
|
||||||
|
($DEPLOY_ALL_COMPONENTS != "no" || $DEPLOY_ICS != "no")
|
||||||
|
when: "on_success"
|
||||||
|
variables:
|
||||||
|
COMPONENT: "intercom-service"
|
||||||
|
|
||||||
xwiki-deploy:
|
xwiki-deploy:
|
||||||
stage: "component-deploy-stage-1"
|
stage: "component-deploy-stage-1"
|
||||||
extends: ".deploy-common"
|
extends: ".deploy-common"
|
||||||
@@ -433,7 +469,7 @@ env-stop:
|
|||||||
kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.user_password}' | base64 -d \
|
kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.user_password}' | base64 -d \
|
||||||
)
|
)
|
||||||
DEFAULT_ADMIN_PASSWORD=$(
|
DEFAULT_ADMIN_PASSWORD=$(
|
||||||
kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.admin_password}' | base64 -d \
|
kubectl -n ${NAMESPACE} get secret ums-nubus-credentials -o jsonpath='{.data.administrator_password}' | base64 -d \
|
||||||
)
|
)
|
||||||
|
|
||||||
run-tests:
|
run-tests:
|
||||||
@@ -445,11 +481,6 @@ run-tests:
|
|||||||
- if: >
|
- if: >
|
||||||
$CI_PIPELINE_SOURCE =~ "web|schedules|trigger|api" && $NAMESPACE =~ /.+/ && $RUN_TESTS == "yes"
|
$CI_PIPELINE_SOURCE =~ "web|schedules|trigger|api" && $NAMESPACE =~ /.+/ && $RUN_TESTS == "yes"
|
||||||
when: "on_success"
|
when: "on_success"
|
||||||
parallel:
|
|
||||||
matrix:
|
|
||||||
- LANGUAGE:
|
|
||||||
- "de"
|
|
||||||
- "en"
|
|
||||||
script:
|
script:
|
||||||
- *ums-default-password
|
- *ums-default-password
|
||||||
- |
|
- |
|
||||||
@@ -463,7 +494,6 @@ run-tests:
|
|||||||
\"cluster\": \"${CLUSTER}\", \
|
\"cluster\": \"${CLUSTER}\", \
|
||||||
\"namespace\": \"${NAMESPACE}\", \
|
\"namespace\": \"${NAMESPACE}\", \
|
||||||
\"url\": \"https://portal.${DOMAIN}/\", \
|
\"url\": \"https://portal.${DOMAIN}/\", \
|
||||||
\"language\": \"${LANGUAGE}\", \
|
|
||||||
\"user_name\": \"${DEFAULT_USER_NAME}\", \
|
\"user_name\": \"${DEFAULT_USER_NAME}\", \
|
||||||
\"user_password\": \"${DEFAULT_USER_PASSWORD}\", \
|
\"user_password\": \"${DEFAULT_USER_PASSWORD}\", \
|
||||||
\"admin_name\": \"${DEFAULT_ADMIN_NAME}\", \
|
\"admin_name\": \"${DEFAULT_ADMIN_NAME}\", \
|
||||||
|
|||||||
@@ -14,12 +14,14 @@ lint-kyverno:
|
|||||||
- "collabora"
|
- "collabora"
|
||||||
- "cryptpad"
|
- "cryptpad"
|
||||||
- "element"
|
- "element"
|
||||||
|
- "intercom-service"
|
||||||
- "jitsi"
|
- "jitsi"
|
||||||
- "nextcloud"
|
- "nextcloud"
|
||||||
- "nubus"
|
- "nubus"
|
||||||
- "open-xchange"
|
- "open-xchange"
|
||||||
- "openproject"
|
- "openproject"
|
||||||
- "openproject-bootstrap"
|
- "openproject-bootstrap"
|
||||||
|
- "provisioning"
|
||||||
- "services"
|
- "services"
|
||||||
- "xwiki"
|
- "xwiki"
|
||||||
script:
|
script:
|
||||||
|
|||||||
@@ -35,18 +35,20 @@ they need to be replaced in production deployments.
|
|||||||
| CryptPad | Weboffice | Functional |
|
| CryptPad | Weboffice | Functional |
|
||||||
| dkimpy-milter | DKIM milter for Postfix | Eval |
|
| dkimpy-milter | DKIM milter for Postfix | Eval |
|
||||||
| Element | Secure communications platform | Functional |
|
| Element | Secure communications platform | Functional |
|
||||||
|
| Intercom Service | Cross service data exchange | Functional |
|
||||||
| Jitsi | Videoconferencing | Functional |
|
| Jitsi | Videoconferencing | Functional |
|
||||||
| MariaDB | Database | Eval |
|
| MariaDB | Database | Eval |
|
||||||
| Memcached | Cache Database | Eval |
|
| Memcached | Cache Database | Eval |
|
||||||
| MinIO | Object Storage | Eval |
|
| MinIO | Object Storage | Eval |
|
||||||
| Nextcloud | File share | Functional |
|
| Nextcloud | File share | Functional |
|
||||||
| Nubus (UMS) | Identity Management & Portal | Functional |
|
|
||||||
| OpenProject | Project management | Functional |
|
| OpenProject | Project management | Functional |
|
||||||
| OX Appsuite | Groupware | Functional |
|
| OX Appsuite | Groupware | Functional |
|
||||||
| OX Dovecot | Mail backend (IMAP) | Functional |
|
| OX Dovecot | Mail backend (IMAP) | Functional |
|
||||||
|
| Provisioning (OX Connector) | Groupware provisioning | Functional |
|
||||||
| Postfix | MTA | Eval |
|
| Postfix | MTA | Eval |
|
||||||
| PostgreSQL | Database | Eval |
|
| PostgreSQL | Database | Eval |
|
||||||
| Redis | Cache Database | Eval |
|
| Redis | Cache Database | Eval |
|
||||||
|
| Univention Management Stack | Identity Management & Portal | Functional |
|
||||||
| XWiki | Knowledge Management | Functional |
|
| XWiki | Knowledge Management | Functional |
|
||||||
|
|
||||||
# Component integration
|
# Component integration
|
||||||
@@ -73,9 +75,9 @@ Most details can be found in the upstream documentation that is linked in the re
|
|||||||
|
|
||||||
## Intercom Service / Silent Login
|
## Intercom Service / Silent Login
|
||||||
|
|
||||||
The Intercom Service is deployed in context of Nubus/UMS. Its role is to enable cross-application integration
|
The Intercom Service's role is to enable cross-application integration based on the user's browser interaction as handling
|
||||||
based on the user's browser interaction as handling authentication when the frontend of an application has to call
|
authentication when the frontend of an application has to call the API from another application is often a
|
||||||
the API from another application is often a challenge.
|
challenge.
|
||||||
|
|
||||||
To establish a session with the Intercom Service an application can use the silent login feature within an iframe.
|
To establish a session with the Intercom Service an application can use the silent login feature within an iframe.
|
||||||
|
|
||||||
|
|||||||
@@ -109,6 +109,7 @@ All available apps and their default value can be found in `helmfile/environment
|
|||||||
| CryptPad | `cryptpad.enabled` | `true` | Weboffice |
|
| CryptPad | `cryptpad.enabled` | `true` | Weboffice |
|
||||||
| Dovecot | `dovecot.enabled` | `true` | Mail backend |
|
| Dovecot | `dovecot.enabled` | `true` | Mail backend |
|
||||||
| Element | `element.enabled` | `true` | Secure communications platform |
|
| Element | `element.enabled` | `true` | Secure communications platform |
|
||||||
|
| Intercom Service | `intercom.enabled` | `true` | Cross service data exchange |
|
||||||
| Jitsi | `jitsi.enabled` | `true` | Videoconferencing |
|
| Jitsi | `jitsi.enabled` | `true` | Videoconferencing |
|
||||||
| MariaDB | `mariadb.enabled` | `true` | Database |
|
| MariaDB | `mariadb.enabled` | `true` | Database |
|
||||||
| Memcached | `memcached.enabled` | `true` | Cache Database |
|
| Memcached | `memcached.enabled` | `true` | Cache Database |
|
||||||
@@ -117,6 +118,7 @@ All available apps and their default value can be found in `helmfile/environment
|
|||||||
| Nubus | `nubus.enabled` | `true` | Identity Management & Portal |
|
| Nubus | `nubus.enabled` | `true` | Identity Management & Portal |
|
||||||
| OpenProject | `openproject.enabled` | `true` | Project management |
|
| OpenProject | `openproject.enabled` | `true` | Project management |
|
||||||
| OX Appsuite | `oxAppsuite.enabled` | `true` | Groupware |
|
| OX Appsuite | `oxAppsuite.enabled` | `true` | Groupware |
|
||||||
|
| Provisioning | `oxConnector.enabled` | `true` | Backend provisioning |
|
||||||
| Postfix | `postfix.enabled` | `true` | MTA |
|
| Postfix | `postfix.enabled` | `true` | MTA |
|
||||||
| PostgreSQL | `postgresql.enabled` | `true` | Database |
|
| PostgreSQL | `postgresql.enabled` | `true` | Database |
|
||||||
| Redis | `redis.enabled` | `true` | Cache Database |
|
| Redis | `redis.enabled` | `true` | Cache Database |
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ openDesk is a Kubernetes only solution and requires an existing Kubernetes (K8s)
|
|||||||
- Domain and DNS Service
|
- Domain and DNS Service
|
||||||
- Ingress controller (Ingress NGINX)
|
- Ingress controller (Ingress NGINX)
|
||||||
- [Helm](https://helm.sh/) >= v3.9.0
|
- [Helm](https://helm.sh/) >= v3.9.0
|
||||||
- [Helmfile](https://helmfile.readthedocs.io/en/latest/) >= **v1.0.0-rc.5**
|
- [Helmfile](https://helmfile.readthedocs.io/en/latest/) >= **v0.157.0**
|
||||||
- [HelmDiff](https://github.com/databus23/helm-diff) >= 3.6.0
|
- [HelmDiff](https://github.com/databus23/helm-diff) >= 3.6.0
|
||||||
- Volume provisioner supporting RWO (read-write-once)
|
- Volume provisioner supporting RWO (read-write-once)
|
||||||
- Certificate handling with [cert-manager](https://cert-manager.io/)
|
- Certificate handling with [cert-manager](https://cert-manager.io/)
|
||||||
|
|||||||
@@ -158,6 +158,7 @@ This list gives you an overview of templated security settings and if they compl
|
|||||||
| **element**/opendesk-synapse | :white_check_mark: | no | no | yes | yes | 10991 | 10991 | yes | yes |
|
| **element**/opendesk-synapse | :white_check_mark: | no | no | yes | yes | 10991 | 10991 | yes | yes |
|
||||||
| **element**/opendesk-synapse-web | :white_check_mark: | no | no | yes | yes | 101 | 101 | yes | yes |
|
| **element**/opendesk-synapse-web | :white_check_mark: | no | no | yes | yes | 101 | 101 | yes | yes |
|
||||||
| **element**/opendesk-well-known | :white_check_mark: | no | no | yes | yes | 101 | 101 | yes | yes |
|
| **element**/opendesk-well-known | :white_check_mark: | no | no | yes | yes | 101 | 101 | yes | yes |
|
||||||
|
| **intercom-service**/intercom-service | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
||||||
| **jitsi**/jitsi | :white_check_mark: | no | no | yes | yes | 1993 | 1993 | yes | yes |
|
| **jitsi**/jitsi | :white_check_mark: | no | no | yes | yes | 1993 | 1993 | yes | yes |
|
||||||
| **jitsi**/jitsi/jitsi/jibri | :x: | n/a | n/a | n/a | n/a | n/a | n/a | n/a | no ["SYS_ADMIN"] |
|
| **jitsi**/jitsi/jitsi/jibri | :x: | n/a | n/a | n/a | n/a | n/a | n/a | n/a | no ["SYS_ADMIN"] |
|
||||||
| **jitsi**/jitsi/jitsi/jicofo | :x: | no | no | no | no | 0 | 0 | yes | no |
|
| **jitsi**/jitsi/jitsi/jicofo | :x: | no | no | no | no | 0 | 0 | yes | no |
|
||||||
@@ -182,7 +183,7 @@ This list gives you an overview of templated security settings and if they compl
|
|||||||
| **open-xchange**/open-xchange/public-sector-ui | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
| **open-xchange**/open-xchange/public-sector-ui | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
||||||
| **openproject**/openproject | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
| **openproject**/openproject | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
||||||
| **openproject-bootstrap**/opendesk-openproject-bootstrap | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
| **openproject-bootstrap**/opendesk-openproject-bootstrap | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
||||||
| **open-xchange**/ox-connector | :x: | no | no | no | no | 0 | 0 | yes | no ["CHOWN","DAC_OVERRIDE","FOWNER","FSETID","KILL","SETGID","SETUID","SETPCAP","NET_BIND_SERVICE","NET_RAW","SYS_CHROOT"] |
|
| **provisioning**/ox-connector | :x: | no | no | no | no | 0 | 0 | yes | no ["CHOWN","DAC_OVERRIDE","FOWNER","FSETID","KILL","SETGID","SETUID","SETPCAP","NET_BIND_SERVICE","NET_RAW","SYS_CHROOT"] |
|
||||||
| **services**/clamav | :x: | no | no | yes | no | 0 | 0 | yes | no |
|
| **services**/clamav | :x: | no | no | yes | no | 0 | 0 | yes | no |
|
||||||
| **services**/clamav-simple | :white_check_mark: | no | no | yes | yes | 100 | 101 | yes | yes |
|
| **services**/clamav-simple | :white_check_mark: | no | no | yes | yes | 100 | 101 | yes | yes |
|
||||||
| **services**/clamav/clamd | :white_check_mark: | no | no | yes | yes | 100 | 101 | yes | yes |
|
| **services**/clamav/clamd | :white_check_mark: | no | no | yes | yes | 100 | 101 | yes | yes |
|
||||||
@@ -195,7 +196,6 @@ This list gives you an overview of templated security settings and if they compl
|
|||||||
| **services**/postfix | :x: | yes | yes | no | no | 0 | 0 | yes | no |
|
| **services**/postfix | :x: | yes | yes | no | no | 0 | 0 | yes | no |
|
||||||
| **services**/postgresql | :white_check_mark: | no | no | yes | yes | 1001 | 1001 | yes | yes |
|
| **services**/postgresql | :white_check_mark: | no | no | yes | yes | 1001 | 1001 | yes | yes |
|
||||||
| **services**/redis/master | :white_check_mark: | no | no | yes | yes | 1001 | 1001 | yes | yes |
|
| **services**/redis/master | :white_check_mark: | no | no | yes | yes | 1001 | 1001 | yes | yes |
|
||||||
| **univention-management-stack**/intercom-service | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
|
||||||
| **univention-management-stack**/opendesk-keycloak-bootstrap | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
| **univention-management-stack**/opendesk-keycloak-bootstrap | :white_check_mark: | no | no | yes | yes | 1000 | 1000 | yes | yes |
|
||||||
| **univention-management-stack**/ums/keycloak | :x: | no | no | no | yes | 1000 | 1000 | yes | yes |
|
| **univention-management-stack**/ums/keycloak | :x: | no | no | no | yes | 1000 | 1000 | yes | yes |
|
||||||
| **univention-management-stack**/ums/keycloak-bootstrap | :x: | no | no | no | yes | 1000 | 1000 | yes | yes |
|
| **univention-management-stack**/ums/keycloak-bootstrap | :x: | no | no | no | yes | 1000 | 1000 | yes | yes |
|
||||||
|
|||||||
@@ -355,7 +355,7 @@ Commit messages must adhere to the [Conventional Commit standard](https://www.co
|
|||||||
│ │ |
|
│ │ |
|
||||||
│ │ └─> Issue reference (optional)
|
│ │ └─> Issue reference (optional)
|
||||||
│ │
|
│ │
|
||||||
│ └─> Commit Scope: helmfile, docs, collabora, nextcloud, open-xhcange etc.
|
│ └─> Commit Scope: helmfile, docs, collabora, intercom-service, ...
|
||||||
│
|
│
|
||||||
└─> Commit Type: chore, ci, docs, feat, fix
|
└─> Commit Type: chore, ci, docs, feat, fix
|
||||||
```
|
```
|
||||||
|
|||||||
@@ -18,7 +18,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.collabora.version }}"
|
version: "{{ .Values.charts.collabora.version }}"
|
||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.collaboraOnline | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.collabora.enabled }}
|
installed: {{ .Values.collabora.enabled }}
|
||||||
|
|
||||||
commonLabels:
|
commonLabels:
|
||||||
|
|||||||
@@ -18,7 +18,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.cryptpad.version }}"
|
version: "{{ .Values.charts.cryptpad.version }}"
|
||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.cryptpad | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.cryptpad.enabled }}
|
installed: {{ .Values.cryptpad.enabled }}
|
||||||
|
|
||||||
commonLabels:
|
commonLabels:
|
||||||
|
|||||||
@@ -39,7 +39,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.element.version }}"
|
version: "{{ .Values.charts.element.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-element.yaml.gotmpl"
|
- "values-element.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskElement | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.element.enabled }}
|
installed: {{ .Values.element.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -48,7 +47,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.elementWellKnown.version }}"
|
version: "{{ .Values.charts.elementWellKnown.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-well-known.yaml.gotmpl"
|
- "values-well-known.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskWellKnown | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.element.enabled }}
|
installed: {{ .Values.element.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -57,7 +55,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.synapseWeb.version }}"
|
version: "{{ .Values.charts.synapseWeb.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-synapse-web.yaml.gotmpl"
|
- "values-synapse-web.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskSynapseWeb | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.element.enabled }}
|
installed: {{ .Values.element.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -66,7 +63,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.synapse.version }}"
|
version: "{{ .Values.charts.synapse.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-synapse.yaml.gotmpl"
|
- "values-synapse.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskSynapse | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.element.enabled }}
|
installed: {{ .Values.element.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -13,16 +13,6 @@ configuration:
|
|||||||
additional_event_types:
|
additional_event_types:
|
||||||
- "m.space.parent"
|
- "m.space.parent"
|
||||||
- "m.room.power_levels"
|
- "m.room.power_levels"
|
||||||
# To allow intercom service logins for the users and also allow proper testautomation we want to raise the
|
|
||||||
# ratelimit in a reasonable manner.
|
|
||||||
# https://matrix-org.github.io/synapse/v1.59/usage/configuration/config_documentation.html#ratelimiting
|
|
||||||
rc_login:
|
|
||||||
account:
|
|
||||||
per_second: 2
|
|
||||||
burst_count: 8
|
|
||||||
address:
|
|
||||||
per_second: 2
|
|
||||||
burst_count: 12
|
|
||||||
|
|
||||||
database:
|
database:
|
||||||
host: {{ .Values.databases.synapse.host | quote }}
|
host: {{ .Values.databases.synapse.host | quote }}
|
||||||
|
|||||||
26
helmfile/apps/intercom-service/helmfile-child.yaml.gotmpl
Normal file
26
helmfile/apps/intercom-service/helmfile-child.yaml.gotmpl
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
---
|
||||||
|
repositories:
|
||||||
|
# Intercom Service
|
||||||
|
# Source: https://gitlab.souvap-univention.de/souvap/tooling/charts/intercom-service
|
||||||
|
- name: "intercom-service-repo"
|
||||||
|
keyring: "../../files/gpg-pubkeys/univention-de.gpg"
|
||||||
|
verify: {{ .Values.charts.intercomService.verify }}
|
||||||
|
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
||||||
|
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
||||||
|
oci: true
|
||||||
|
url: "{{ .Values.global.helmRegistry | default .Values.charts.intercomService.registry }}/{{ .Values.charts.intercomService.repository }}"
|
||||||
|
|
||||||
|
releases:
|
||||||
|
- name: "intercom-service"
|
||||||
|
chart: "intercom-service-repo/{{ .Values.charts.intercomService.name }}"
|
||||||
|
version: "{{ .Values.charts.intercomService.version }}"
|
||||||
|
values:
|
||||||
|
- "values.yaml.gotmpl"
|
||||||
|
installed: {{ .Values.intercom.enabled }}
|
||||||
|
|
||||||
|
commonLabels:
|
||||||
|
deploy-stage: "component-1"
|
||||||
|
component: "intercom-service"
|
||||||
|
...
|
||||||
12
helmfile/apps/intercom-service/helmfile.yaml.gotmpl
Normal file
12
helmfile/apps/intercom-service/helmfile.yaml.gotmpl
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||||
|
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
---
|
||||||
|
bases:
|
||||||
|
- "../../bases/environments.yaml"
|
||||||
|
---
|
||||||
|
helmfiles:
|
||||||
|
- path: "./helmfile-child.yaml.gotmpl"
|
||||||
|
values:
|
||||||
|
- {{ toYaml .Values | nindent 8 }}
|
||||||
|
...
|
||||||
@@ -97,21 +97,6 @@ provisioning:
|
|||||||
clientSecret: {{ .Values.secrets.keycloak.clientSecret.intercom | quote }}
|
clientSecret: {{ .Values.secrets.keycloak.clientSecret.intercom | quote }}
|
||||||
credentialSecret:
|
credentialSecret:
|
||||||
key: "ics_secret"
|
key: "ics_secret"
|
||||||
image:
|
|
||||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }}
|
|
||||||
repository: {{ .Values.images.nubusWaitForDependency.repository | quote }}
|
|
||||||
tag: {{ .Values.images.nubusWaitForDependency.tag | quote }}
|
|
||||||
provisioningImage:
|
|
||||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusKeycloakBootstrap.registry | quote }}
|
|
||||||
repository: {{ .Values.images.nubusKeycloakBootstrap.repository | quote }}
|
|
||||||
tag: {{ .Values.images.nubusKeycloakBootstrap.tag | quote }}
|
|
||||||
securityContext:
|
|
||||||
seccompProfile:
|
|
||||||
type: "RuntimeDefault"
|
|
||||||
seLinuxOptions:
|
|
||||||
{{ .Values.seLinuxOptions.intercom | toYaml | nindent 6 }}
|
|
||||||
|
|
||||||
replicaCount: {{ .Values.replicas.intercomService }}
|
replicaCount: {{ .Values.replicas.intercomService }}
|
||||||
|
|
||||||
@@ -18,7 +18,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.jitsi.version }}"
|
version: "{{ .Values.charts.jitsi.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-jitsi.yaml.gotmpl"
|
- "values-jitsi.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.jitsi | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.jitsi.enabled }}
|
installed: {{ .Values.jitsi.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -52,7 +52,6 @@ jitsi:
|
|||||||
image:
|
image:
|
||||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jitsi.registry }}/{{ .Values.images.jitsi.repository }}"
|
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jitsi.registry }}/{{ .Values.images.jitsi.repository }}"
|
||||||
tag: {{ .Values.images.jitsi.tag | quote }}
|
tag: {{ .Values.images.jitsi.tag | quote }}
|
||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
ingress:
|
ingress:
|
||||||
enabled: {{ .Values.ingress.enabled }}
|
enabled: {{ .Values.ingress.enabled }}
|
||||||
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
|
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
|
||||||
@@ -86,7 +85,6 @@ jitsi:
|
|||||||
image:
|
image:
|
||||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.prosody.registry }}/{{ .Values.images.prosody.repository }}"
|
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.prosody.registry }}/{{ .Values.images.prosody.repository }}"
|
||||||
tag: {{ .Values.images.prosody.tag | quote }}
|
tag: {{ .Values.images.prosody.tag | quote }}
|
||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- range .Values.global.imagePullSecrets }}
|
{{- range .Values.global.imagePullSecrets }}
|
||||||
- name: {{ . | quote }}
|
- name: {{ . | quote }}
|
||||||
@@ -136,7 +134,6 @@ jitsi:
|
|||||||
image:
|
image:
|
||||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jicofo.registry }}/{{ .Values.images.jicofo.repository }}"
|
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jicofo.registry }}/{{ .Values.images.jicofo.repository }}"
|
||||||
tag: {{ .Values.images.jicofo.tag | quote }}
|
tag: {{ .Values.images.jicofo.tag | quote }}
|
||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
xmpp:
|
xmpp:
|
||||||
password: {{ .Values.secrets.jitsi.jicofoAuthPassword | quote }}
|
password: {{ .Values.secrets.jitsi.jicofoAuthPassword | quote }}
|
||||||
componentSecret: {{ .Values.secrets.jitsi.jicofoComponentPassword | quote }}
|
componentSecret: {{ .Values.secrets.jitsi.jicofoComponentPassword | quote }}
|
||||||
@@ -159,7 +156,6 @@ jitsi:
|
|||||||
image:
|
image:
|
||||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jvb.registry }}/{{ .Values.images.jvb.repository }}"
|
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jvb.registry }}/{{ .Values.images.jvb.repository }}"
|
||||||
tag: {{ .Values.images.jvb.tag | quote }}
|
tag: {{ .Values.images.jvb.tag | quote }}
|
||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
xmpp:
|
xmpp:
|
||||||
password: {{ .Values.secrets.jitsi.jvbAuthPassword | quote }}
|
password: {{ .Values.secrets.jitsi.jvbAuthPassword | quote }}
|
||||||
resources:
|
resources:
|
||||||
@@ -183,7 +179,6 @@ jitsi:
|
|||||||
image:
|
image:
|
||||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jibri.registry }}/{{ .Values.images.jibri.repository }}"
|
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jibri.registry }}/{{ .Values.images.jibri.repository }}"
|
||||||
tag: {{ .Values.images.jibri.tag | quote }}
|
tag: {{ .Values.images.jibri.tag | quote }}
|
||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
||||||
recorder:
|
recorder:
|
||||||
password: {{ .Values.secrets.jitsi.jibriRecorderPassword | quote }}
|
password: {{ .Values.secrets.jitsi.jibriRecorderPassword | quote }}
|
||||||
xmpp:
|
xmpp:
|
||||||
|
|||||||
@@ -21,7 +21,6 @@ releases:
|
|||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- "../../shared/migrations.yaml.gotmpl"
|
- "../../shared/migrations.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.migrationsPost | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.migrations.enabled }}
|
installed: {{ .Values.migrations.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -21,7 +21,6 @@ releases:
|
|||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- "../../shared/migrations.yaml.gotmpl"
|
- "../../shared/migrations.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.migrationsPre | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.migrations.enabled }}
|
installed: {{ .Values.migrations.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -25,7 +25,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.nextcloudManagement.version }}"
|
version: "{{ .Values.charts.nextcloudManagement.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-nextcloud-mgmt.yaml.gotmpl"
|
- "values-nextcloud-mgmt.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskNextcloudManagement | default "additionalValues: false" }}
|
|
||||||
waitForJobs: true
|
waitForJobs: true
|
||||||
wait: true
|
wait: true
|
||||||
installed: {{ .Values.nextcloud.enabled }}
|
installed: {{ .Values.nextcloud.enabled }}
|
||||||
@@ -35,7 +34,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.nextcloud.version }}"
|
version: "{{ .Values.charts.nextcloud.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-nextcloud.yaml.gotmpl"
|
- "values-nextcloud.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskNextcloud | default "additionalValues: false" }}
|
|
||||||
needs:
|
needs:
|
||||||
- "opendesk-nextcloud-management"
|
- "opendesk-nextcloud-management"
|
||||||
installed: {{ .Values.nextcloud.enabled }}
|
installed: {{ .Values.nextcloud.enabled }}
|
||||||
|
|||||||
@@ -11,16 +11,7 @@ repositories:
|
|||||||
oci: true
|
oci: true
|
||||||
url:
|
url:
|
||||||
"{{ .Values.global.helmRegistry | default .Values.charts.nubus.registry }}/{{ .Values.charts.nubus.repository }}"
|
"{{ .Values.global.helmRegistry | default .Values.charts.nubus.registry }}/{{ .Values.charts.nubus.repository }}"
|
||||||
# Intercom Service
|
# OpenDesk Keycloak Bootstrap Chart
|
||||||
# Source: https://gitlab.souvap-univention.de/souvap/tooling/charts/intercom-service
|
|
||||||
- name: "intercom-service-repo"
|
|
||||||
keyring: "../../files/gpg-pubkeys/univention-de.gpg"
|
|
||||||
verify: {{ .Values.charts.intercomService.verify }}
|
|
||||||
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
|
||||||
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
|
||||||
oci: true
|
|
||||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.intercomService.registry }}/{{ .Values.charts.intercomService.repository }}"
|
|
||||||
# openDesk Keycloak Bootstrap Chart
|
|
||||||
- name: "opendesk-keycloak-bootstrap-repo"
|
- name: "opendesk-keycloak-bootstrap-repo"
|
||||||
keyring: "../../files/gpg-pubkeys/opencode.gpg"
|
keyring: "../../files/gpg-pubkeys/opencode.gpg"
|
||||||
verify: {{ .Values.charts.opendeskKeycloakBootstrap.verify }}
|
verify: {{ .Values.charts.opendeskKeycloakBootstrap.verify }}
|
||||||
@@ -38,25 +29,14 @@ releases:
|
|||||||
- "values-nubus.yaml.gotmpl"
|
- "values-nubus.yaml.gotmpl"
|
||||||
- "values-opendesk-customization.yaml.gotmpl"
|
- "values-opendesk-customization.yaml.gotmpl"
|
||||||
- "values-opendesk-images.yaml.gotmpl"
|
- "values-opendesk-images.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.ums | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.nubus.enabled }}
|
installed: {{ .Values.nubus.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
# Intercom-Service
|
# OpenDesk Keycloak Bootstrap Chart
|
||||||
- name: "intercom-service"
|
|
||||||
chart: "intercom-service-repo/{{ .Values.charts.intercomService.name }}"
|
|
||||||
version: "{{ .Values.charts.intercomService.version }}"
|
|
||||||
values:
|
|
||||||
- "values-intercom-service.yaml.gotmpl"
|
|
||||||
- {{ .Values.customization.release.intercomService | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.nubus.enabled }}
|
|
||||||
|
|
||||||
# openDesk Keycloak Bootstrap Chart
|
|
||||||
- name: "opendesk-keycloak-bootstrap"
|
- name: "opendesk-keycloak-bootstrap"
|
||||||
chart: "opendesk-keycloak-bootstrap-repo/{{ .Values.charts.opendeskKeycloakBootstrap.name }}"
|
chart: "opendesk-keycloak-bootstrap-repo/{{ .Values.charts.opendeskKeycloakBootstrap.name }}"
|
||||||
version: "{{ .Values.charts.opendeskKeycloakBootstrap.version }}"
|
version: "{{ .Values.charts.opendeskKeycloakBootstrap.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-opendesk-keycloak-bootstrap.yaml.gotmpl"
|
- "values-opendesk-keycloak-bootstrap.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskKeycloakBootstrap | default "additionalValues: false" }}
|
|
||||||
needs:
|
needs:
|
||||||
- "ums"
|
- "ums"
|
||||||
installed: {{ .Values.nubus.enabled }}
|
installed: {{ .Values.nubus.enabled }}
|
||||||
|
|||||||
@@ -225,72 +225,10 @@ nubusNotificationsApi:
|
|||||||
|
|
||||||
nubusPortalFrontend:
|
nubusPortalFrontend:
|
||||||
ingress:
|
ingress:
|
||||||
certManager:
|
|
||||||
enabled: false
|
|
||||||
tls:
|
tls:
|
||||||
enabled: {{ .Values.ingress.tls.enabled }}
|
enabled: {{ .Values.ingress.tls.enabled }}
|
||||||
secretName: {{ .Values.ingress.tls.secretName }}
|
secretName: {{ .Values.ingress.tls.secretName }}
|
||||||
|
|
||||||
# TODO: Remove the block "items" once the "redirects" section has been
|
|
||||||
# corrected.
|
|
||||||
#
|
|
||||||
# This does override the path configuration of the ingress
|
|
||||||
# "ums-portal-frontend-redirects" to avoid that "/univention/*" is
|
|
||||||
# redirected to "/univention/portal/".
|
|
||||||
items:
|
|
||||||
- name: rewrites
|
|
||||||
# -- Define the Fully Qualified Domain Name (FQDN) where application should be reachable.
|
|
||||||
host: ""
|
|
||||||
|
|
||||||
# -- Define the Ingress paths.
|
|
||||||
paths:
|
|
||||||
- path: /univention/(portal|selfservice)/
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
- path: /univention/(portal|selfservice)/index.html
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
- path: /univention/(portal|selfservice)/(css|fonts|i18n|media|js|oidc|custom)(/.*)
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
- path: /univention/(portal)/(icons)(/.*)$
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
|
|
||||||
# -- The Ingress controller class name.
|
|
||||||
ingressClassName: ""
|
|
||||||
|
|
||||||
# -- Define custom ingress annotations.
|
|
||||||
# annotations:
|
|
||||||
# nginx.ingress.kubernetes.io/rewrite-target: /
|
|
||||||
annotations:
|
|
||||||
nginx.ingress.kubernetes.io/rewrite-target: "/$2$3"
|
|
||||||
nginx.ingress.kubernetes.io/use-regex: "true"
|
|
||||||
|
|
||||||
# -- Secure an Ingress by specifying a Secret that contains a TLS private key and certificate.
|
|
||||||
#
|
|
||||||
# Ref.: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
|
||||||
tls:
|
|
||||||
# enabled: true
|
|
||||||
# Set to override the global secretName
|
|
||||||
secretName: ""
|
|
||||||
- name: redirects
|
|
||||||
host: ""
|
|
||||||
paths:
|
|
||||||
- pathType: Exact
|
|
||||||
path: /$
|
|
||||||
- pathType: Exact
|
|
||||||
path: /univention$
|
|
||||||
- pathType: Exact
|
|
||||||
path: /univention/$
|
|
||||||
- pathType: Exact
|
|
||||||
path: /univention/portal$
|
|
||||||
- pathType: Exact
|
|
||||||
path: /univention/selfservice$
|
|
||||||
ingressClassName: ""
|
|
||||||
annotations:
|
|
||||||
nginx.ingress.kubernetes.io/permanent-redirect: "/univention/portal/"
|
|
||||||
tls:
|
|
||||||
# enabled: true
|
|
||||||
# Set to override the global secretName
|
|
||||||
secretName: ""
|
|
||||||
|
|
||||||
nubusKeycloakExtensions:
|
nubusKeycloakExtensions:
|
||||||
keycloak:
|
keycloak:
|
||||||
auth:
|
auth:
|
||||||
@@ -348,6 +286,13 @@ nubusKeycloakExtensions:
|
|||||||
newDeviceLoginSubject: "New device login on your {{ .Values.theme.texts.productName }} account"
|
newDeviceLoginSubject: "New device login on your {{ .Values.theme.texts.productName }} account"
|
||||||
mailFrom: "{{ .Values.smtp.localpartNoReply }}@{{ .Values.global.domain }}"
|
mailFrom: "{{ .Values.smtp.localpartNoReply }}@{{ .Values.global.domain }}"
|
||||||
|
|
||||||
|
nubusPortalFrontend:
|
||||||
|
ingress:
|
||||||
|
certManager:
|
||||||
|
enabled: false
|
||||||
|
tls:
|
||||||
|
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||||
|
|
||||||
nubusPortalListener:
|
nubusPortalListener:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
@@ -388,6 +333,11 @@ nubusUdmRestApi:
|
|||||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||||
|
|
||||||
nubusProvisioning:
|
nubusProvisioning:
|
||||||
|
nats:
|
||||||
|
config:
|
||||||
|
lame_duck_grace_period: |
|
||||||
|
10s
|
||||||
|
max_payload: 16MB
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
nubusUdmListener:
|
nubusUdmListener:
|
||||||
@@ -508,15 +458,6 @@ nubusUmcGateway:
|
|||||||
enabled: {{ .Values.ingress.tls.enabled }}
|
enabled: {{ .Values.ingress.tls.enabled }}
|
||||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||||
|
|
||||||
# TODO: Remove the block "paths" once it has been corrected upstream.
|
|
||||||
paths:
|
|
||||||
- path: /()(univention/)(languages.json|meta.json|theme.css)
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
- path: /()(univention/)((js|management|themes)/.*)
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
- path: /()(univention/login/)(dialog.js|main.js|LoginDialog.js|i18n/.*?/main.json)
|
|
||||||
pathType: ImplementationSpecific
|
|
||||||
|
|
||||||
nubusKeycloakBootstrap:
|
nubusKeycloakBootstrap:
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
argocd.argoproj.io/hook: "Sync"
|
argocd.argoproj.io/hook: "Sync"
|
||||||
|
|||||||
@@ -239,12 +239,9 @@ nubusKeycloakExtensions:
|
|||||||
{{ .Values.seLinuxOptions.umsKeycloakExtensionHandler | toYaml | nindent 8 }}
|
{{ .Values.seLinuxOptions.umsKeycloakExtensionHandler | toYaml | nindent 8 }}
|
||||||
|
|
||||||
nubusPortalConsumer:
|
nubusPortalConsumer:
|
||||||
portalConsumer:
|
image:
|
||||||
image:
|
pullSecrets:
|
||||||
pullSecrets:
|
{{ .Values.global.imagePullSecrets | toYaml | nindent 6 }}
|
||||||
{{- range .Values.global.imagePullSecrets }}
|
|
||||||
- name: {{ . | quote }}
|
|
||||||
{{- end }}
|
|
||||||
podAnnotations:
|
podAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-portal-consumer"
|
intents.otterize.com/service-name: "ums-portal-consumer"
|
||||||
replicaCount: {{ .Values.replicas.umsPortalConsumer }}
|
replicaCount: {{ .Values.replicas.umsPortalConsumer }}
|
||||||
@@ -255,11 +252,7 @@ nubusPortalConsumer:
|
|||||||
persistence:
|
persistence:
|
||||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||||
size: {{ .Values.persistence.size.nubus.portalConsumer | quote }}
|
size: {{ .Values.persistence.size.nubus.portalConsumer | quote }}
|
||||||
securityContext:
|
|
||||||
seccompProfile:
|
|
||||||
type: "RuntimeDefault"
|
|
||||||
seLinuxOptions:
|
|
||||||
{{ .Values.seLinuxOptions.umsPortalConsumer | toYaml | nindent 6 }}
|
|
||||||
|
|
||||||
nubusUdmListener:
|
nubusUdmListener:
|
||||||
containerSecurityContext:
|
containerSecurityContext:
|
||||||
@@ -431,22 +424,6 @@ nubusPortalFrontend:
|
|||||||
backgroundImage: {{ .Values.theme.imagery.logoPortalBackgroundSvgB64 | toJson }}
|
backgroundImage: {{ .Values.theme.imagery.logoPortalBackgroundSvgB64 | toJson }}
|
||||||
|
|
||||||
nubusStackDataUms:
|
nubusStackDataUms:
|
||||||
containerSecurityContext:
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
capabilities:
|
|
||||||
drop:
|
|
||||||
- "ALL"
|
|
||||||
enabled: true
|
|
||||||
runAsUser: 1000
|
|
||||||
runAsGroup: 1000
|
|
||||||
seccompProfile:
|
|
||||||
type: "RuntimeDefault"
|
|
||||||
readOnlyRootFilesystem: true
|
|
||||||
runAsNonRoot: true
|
|
||||||
seLinuxOptions:
|
|
||||||
{{ .Values.seLinuxOptions.umsStackDataUms | toYaml | nindent 6 }}
|
|
||||||
pullSecrets:
|
|
||||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-stack-data-ums"
|
intents.otterize.com/service-name: "ums-stack-data-ums"
|
||||||
resources:
|
resources:
|
||||||
@@ -525,22 +502,6 @@ nubusUmcGateway:
|
|||||||
{{ .Values.resources.umsUmcGateway | toYaml | nindent 4 }}
|
{{ .Values.resources.umsUmcGateway | toYaml | nindent 4 }}
|
||||||
|
|
||||||
nubusKeycloakBootstrap:
|
nubusKeycloakBootstrap:
|
||||||
containerSecurityContext:
|
|
||||||
enabled: true
|
|
||||||
allowPrivilegeEscalation: false
|
|
||||||
capabilities:
|
|
||||||
drop:
|
|
||||||
- "ALL"
|
|
||||||
readOnlyRootFilesystem: false
|
|
||||||
runAsGroup: 1000
|
|
||||||
runAsNonRoot: true
|
|
||||||
runAsUser: 1000
|
|
||||||
seccompProfile:
|
|
||||||
type: "RuntimeDefault"
|
|
||||||
seLinuxOptions:
|
|
||||||
{{ .Values.seLinuxOptions.umsKeycloakBootstrap | toYaml | nindent 6 }}
|
|
||||||
imagePullSecrets:
|
|
||||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
|
||||||
podAnnotations:
|
podAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-keycloak-bootstrap"
|
intents.otterize.com/service-name: "ums-keycloak-bootstrap"
|
||||||
serviceAccount:
|
serviceAccount:
|
||||||
@@ -594,37 +555,34 @@ nubusProvisioning:
|
|||||||
{{ .Values.seLinuxOptions.umsProvisioningNats | toYaml | nindent 8 }}
|
{{ .Values.seLinuxOptions.umsProvisioningNats | toYaml | nindent 8 }}
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 6 }}
|
{{ .Values.global.imagePullSecrets | toYaml | nindent 6 }}
|
||||||
persistence:
|
|
||||||
size: {{ .Values.persistence.size.nubus.provisioningNats }}
|
|
||||||
resources:
|
resources:
|
||||||
{{ .Values.resources.umsProvisioningNats | toYaml | nindent 6 }}
|
{{ .Values.resources.nubusProvisioning.nats | toYaml | nindent 6 }}
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-provisioning-nats"
|
intents.otterize.com/service-name: "ums-provisioning-nats"
|
||||||
serviceAccount:
|
serviceAccount:
|
||||||
create: true
|
create: true
|
||||||
api:
|
api:
|
||||||
resources:
|
resources:
|
||||||
{{ .Values.resources.umsProvisioningApi | toYaml | nindent 6 }}
|
{{ .Values.resources.nubusProvisioning.api | toYaml | nindent 6 }}
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-provisioning-api"
|
intents.otterize.com/service-name: "ums-provisioning-api"
|
||||||
dispatcher:
|
dispatcher:
|
||||||
resources:
|
resources:
|
||||||
{{ .Values.resources.umsProvisioningDispatcher | toYaml | nindent 6 }}
|
{{ .Values.resources.nubusProvisioning.dispatcher | toYaml | nindent 6 }}
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-provisioning-dispatcher"
|
intents.otterize.com/service-name: "ums-provisioning-dispatcher"
|
||||||
prefill:
|
prefill:
|
||||||
resources:
|
resources:
|
||||||
{{ .Values.resources.umsProvisioningPrefill | toYaml | nindent 6 }}
|
{{ .Values.resources.nubusProvisioning.prefill | toYaml | nindent 6 }}
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-provisioning-prefill"
|
intents.otterize.com/service-name: "ums-provisioning-prefill"
|
||||||
registerConsumers:
|
registerConsumers:
|
||||||
|
resources:
|
||||||
|
{{ .Values.resources.nubusProvisioning.registerConsumers | toYaml | nindent 6 }}
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-provisioning-register-consumers"
|
intents.otterize.com/service-name: "ums-provisioning-register-consumers"
|
||||||
udmTransformer:
|
udmTransformer:
|
||||||
resources:
|
resources:
|
||||||
{{ .Values.resources.umsProvisioningUdmTransformer | toYaml | nindent 6 }}
|
{{ .Values.resources.nubusProvisioning.udmTransformer | toYaml | nindent 6 }}
|
||||||
additionalAnnotations:
|
additionalAnnotations:
|
||||||
intents.otterize.com/service-name: "ums-provisioning-udm-transformer"
|
intents.otterize.com/service-name: "ums-provisioning-udm-transformer"
|
||||||
resources:
|
|
||||||
registerConsumers:
|
|
||||||
{{ .Values.resources.umsProvisioningRegisterConsumers | toYaml | nindent 6 }}
|
|
||||||
|
|||||||
@@ -32,20 +32,12 @@ repositories:
|
|||||||
oci: true
|
oci: true
|
||||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.openXchangeAppSuiteBootstrap.registry }}/{{ .Values.charts.openXchangeAppSuiteBootstrap.repository }}"
|
url: "{{ .Values.global.helmRegistry | default .Values.charts.openXchangeAppSuiteBootstrap.registry }}/{{ .Values.charts.openXchangeAppSuiteBootstrap.repository }}"
|
||||||
|
|
||||||
# OX Connector
|
|
||||||
- name: "ox-connector-repo"
|
|
||||||
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
|
||||||
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
|
||||||
oci: true
|
|
||||||
url: "{{ .Values.global.helmRegistry | default .Values.charts.oxConnector.registry }}/{{ .Values.charts.oxConnector.repository }}"
|
|
||||||
|
|
||||||
releases:
|
releases:
|
||||||
- name: "dovecot"
|
- name: "dovecot"
|
||||||
chart: "dovecot-repo/{{ .Values.charts.dovecot.name }}"
|
chart: "dovecot-repo/{{ .Values.charts.dovecot.name }}"
|
||||||
version: "{{ .Values.charts.dovecot.version }}"
|
version: "{{ .Values.charts.dovecot.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-dovecot.yaml.gotmpl"
|
- "values-dovecot.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.dovecot | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.dovecot.enabled }}
|
installed: {{ .Values.dovecot.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -55,7 +47,6 @@ releases:
|
|||||||
values:
|
values:
|
||||||
- "values-openxchange.yaml.gotmpl"
|
- "values-openxchange.yaml.gotmpl"
|
||||||
- "values-openxchange-enterprise-contact-picker.yaml.gotmpl"
|
- "values-openxchange-enterprise-contact-picker.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.openXchange | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.oxAppsuite.enabled }}
|
installed: {{ .Values.oxAppsuite.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -64,20 +55,9 @@ releases:
|
|||||||
version: "{{ .Values.charts.openXchangeAppSuiteBootstrap.version }}"
|
version: "{{ .Values.charts.openXchangeAppSuiteBootstrap.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-openxchange-bootstrap.yaml.gotmpl"
|
- "values-openxchange-bootstrap.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskOpenXchangeBootstrap | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.oxAppsuite.enabled }}
|
installed: {{ .Values.oxAppsuite.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
- name: "ox-connector"
|
|
||||||
chart: "ox-connector-repo/{{ .Values.charts.oxConnector.name }}"
|
|
||||||
version: "{{ .Values.charts.oxConnector.version }}"
|
|
||||||
values:
|
|
||||||
- "values-oxconnector.yaml.gotmpl"
|
|
||||||
- {{ .Values.customization.release.oxConnector | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.oxAppsuite.enabled }}
|
|
||||||
needs:
|
|
||||||
- "open-xchange"
|
|
||||||
|
|
||||||
commonLabels:
|
commonLabels:
|
||||||
deploy-stage: "component-1"
|
deploy-stage: "component-1"
|
||||||
component: "open-xchange"
|
component: "open-xchange"
|
||||||
|
|||||||
@@ -8,10 +8,12 @@ image:
|
|||||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.dovecot.registry | quote }}
|
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.dovecot.registry | quote }}
|
||||||
repository: {{ .Values.images.dovecot.repository | quote }}
|
repository: {{ .Values.images.dovecot.repository | quote }}
|
||||||
tag: {{ .Values.images.dovecot.tag | quote }}
|
tag: {{ .Values.images.dovecot.tag | quote }}
|
||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||||
|
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 2 }}
|
{{- range .Values.global.imagePullSecrets }}
|
||||||
|
- name: {{ . | quote }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
dovecot:
|
dovecot:
|
||||||
mailDomain: {{ .Values.global.mailDomain | default .Values.global.domain | quote }}
|
mailDomain: {{ .Values.global.mailDomain | default .Values.global.domain | quote }}
|
||||||
|
|||||||
@@ -8,12 +8,6 @@ cleanup:
|
|||||||
deletePodsOnSuccess: {{ .Values.debug.cleanup.deletePodsOnSuccess }}
|
deletePodsOnSuccess: {{ .Values.debug.cleanup.deletePodsOnSuccess }}
|
||||||
deletePodsOnSuccessTimeout: {{ .Values.debug.cleanup.deletePodsOnSuccessTimeout }}
|
deletePodsOnSuccessTimeout: {{ .Values.debug.cleanup.deletePodsOnSuccessTimeout }}
|
||||||
|
|
||||||
containerSecurityContext:
|
|
||||||
seccompProfile:
|
|
||||||
type: "RuntimeDefault"
|
|
||||||
seLinuxOptions:
|
|
||||||
{{ .Values.seLinuxOptions.openxchangeBootstrap | toYaml | nindent 4 }}
|
|
||||||
|
|
||||||
image:
|
image:
|
||||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.openxchangeBootstrap.registry | quote }}
|
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.openxchangeBootstrap.registry | quote }}
|
||||||
url: {{ .Values.images.openxchangeBootstrap.repository | quote }}
|
url: {{ .Values.images.openxchangeBootstrap.repository | quote }}
|
||||||
@@ -21,7 +15,9 @@ image:
|
|||||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||||
|
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 2 }}
|
{{- range .Values.global.imagePullSecrets }}
|
||||||
|
- name: {{ . | quote }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
podAnnotations:
|
podAnnotations:
|
||||||
argocd.argoproj.io/hook: "Sync"
|
argocd.argoproj.io/hook: "Sync"
|
||||||
|
|||||||
@@ -20,7 +20,6 @@ releases:
|
|||||||
waitForJobs: true
|
waitForJobs: true
|
||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskOpenprojectBootstrap | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.openproject.enabled }}
|
installed: {{ .Values.openproject.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -20,7 +20,6 @@ releases:
|
|||||||
waitForJobs: true
|
waitForJobs: true
|
||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.openproject | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.openproject.enabled }}
|
installed: {{ .Values.openproject.enabled }}
|
||||||
timeout: 1500
|
timeout: 1500
|
||||||
|
|
||||||
|
|||||||
23
helmfile/apps/provisioning/helmfile-child.yaml.gotmpl
Normal file
23
helmfile/apps/provisioning/helmfile-child.yaml.gotmpl
Normal file
@@ -0,0 +1,23 @@
|
|||||||
|
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
---
|
||||||
|
repositories:
|
||||||
|
# OX Connector
|
||||||
|
- name: "ox-connector-repo"
|
||||||
|
username: {{ env "OD_PRIVATE_REGISTRY_USERNAME" | quote }}
|
||||||
|
password: {{ env "OD_PRIVATE_REGISTRY_PASSWORD" | quote }}
|
||||||
|
oci: true
|
||||||
|
url: "{{ .Values.global.helmRegistry | default .Values.charts.oxConnector.registry }}/{{ .Values.charts.oxConnector.repository }}"
|
||||||
|
|
||||||
|
releases:
|
||||||
|
- name: "ox-connector"
|
||||||
|
chart: "ox-connector-repo/{{ .Values.charts.oxConnector.name }}"
|
||||||
|
version: "{{ .Values.charts.oxConnector.version }}"
|
||||||
|
values:
|
||||||
|
- "values-oxconnector.yaml.gotmpl"
|
||||||
|
installed: {{ .Values.oxConnector.enabled }}
|
||||||
|
|
||||||
|
commonLabels:
|
||||||
|
deploy-stage: "component-2"
|
||||||
|
component: "provisioning"
|
||||||
|
...
|
||||||
12
helmfile/apps/provisioning/helmfile.yaml.gotmpl
Normal file
12
helmfile/apps/provisioning/helmfile.yaml.gotmpl
Normal file
@@ -0,0 +1,12 @@
|
|||||||
|
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||||
|
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
---
|
||||||
|
bases:
|
||||||
|
- "../../bases/environments.yaml"
|
||||||
|
---
|
||||||
|
helmfiles:
|
||||||
|
- path: "./helmfile-child.yaml.gotmpl"
|
||||||
|
values:
|
||||||
|
- {{ toYaml .Values | nindent 8 }}
|
||||||
|
...
|
||||||
@@ -10,16 +10,6 @@ image:
|
|||||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||||
tag: {{ .Values.images.oxConnector.tag | quote }}
|
tag: {{ .Values.images.oxConnector.tag | quote }}
|
||||||
|
|
||||||
waitForDependency:
|
|
||||||
registry: {{ .Values.global.imageRegistry | default .Values.images.nubusWaitForDependency.registry | quote }}
|
|
||||||
repository: {{ .Values.images.nubusWaitForDependency.repository }}
|
|
||||||
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
|
|
||||||
pullSecrets:
|
|
||||||
{{- range .Values.global.imagePullSecrets }}
|
|
||||||
- name: {{ . | quote }}
|
|
||||||
{{- end }}
|
|
||||||
tag: {{ .Values.images.nubusWaitForDependency.tag | quote }}
|
|
||||||
|
|
||||||
imagePullSecrets:
|
imagePullSecrets:
|
||||||
{{- range .Values.global.imagePullSecrets }}
|
{{- range .Values.global.imagePullSecrets }}
|
||||||
- name: {{ . | quote }}
|
- name: {{ . | quote }}
|
||||||
@@ -29,8 +19,16 @@ ingress:
|
|||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
oxConnector:
|
oxConnector:
|
||||||
|
caCert: "ucctempldapstring"
|
||||||
|
debugLevel: {{ if .Values.debug.enabled }}"4"{{ else }}"1"{{ end }}
|
||||||
domainName: {{ .Values.global.domain | quote }}
|
domainName: {{ .Values.global.domain | quote }}
|
||||||
logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }}
|
ldapHost: "{{ .Values.ldap.host }}-primary"
|
||||||
|
logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"WARN"{{ end }}
|
||||||
|
ldapPassword: {{ .Values.secrets.nubus.ldapSecret | quote }}
|
||||||
|
ldapBaseDn: "dc=swp-ldap,dc=internal"
|
||||||
|
ldapHostDn: "cn=admin,dc=swp-ldap,dc=internal"
|
||||||
|
tlsMode: "off"
|
||||||
|
notifierServer: {{ .Values.ldap.notifierHost | quote }}
|
||||||
oxDefaultContext: "1"
|
oxDefaultContext: "1"
|
||||||
oxImapServer: "imap://127.0.0.1:143"
|
oxImapServer: "imap://127.0.0.1:143"
|
||||||
oxLocalTimezone: "Europe/Berlin"
|
oxLocalTimezone: "Europe/Berlin"
|
||||||
@@ -40,13 +38,6 @@ oxConnector:
|
|||||||
oxSmtpServer: "smtp://127.0.0.1:587"
|
oxSmtpServer: "smtp://127.0.0.1:587"
|
||||||
oxSoapServer: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.global.domain }}"
|
oxSoapServer: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.global.domain }}"
|
||||||
|
|
||||||
provisioningApi:
|
|
||||||
connection:
|
|
||||||
baseUrl: "http://ums-provisioning-api"
|
|
||||||
auth:
|
|
||||||
username: "ox-connector"
|
|
||||||
password: {{ .Values.secrets.oxConnector.provisioningApiPassword | quote }}
|
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
{{ .Values.resources.oxConnector | toYaml | nindent 2 }}
|
{{ .Values.resources.oxConnector | toYaml | nindent 2 }}
|
||||||
|
|
||||||
@@ -119,7 +119,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.otterize.version }}"
|
version: "{{ .Values.charts.otterize.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-otterize.yaml.gotmpl"
|
- "values-otterize.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskOtterize | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.security.otterizeIntents.enabled }}
|
installed: {{ .Values.security.otterizeIntents.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -128,7 +127,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.home.version }}"
|
version: "{{ .Values.charts.home.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-home.yaml.gotmpl"
|
- "values-home.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskHome | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.home.enabled }}
|
installed: {{ .Values.home.enabled }}
|
||||||
|
|
||||||
- name: "opendesk-certificates"
|
- name: "opendesk-certificates"
|
||||||
@@ -136,7 +134,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.certificates.version }}"
|
version: "{{ .Values.charts.certificates.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-certificates.yaml.gotmpl"
|
- "values-certificates.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskCertificates | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.certificates.enabled }}
|
installed: {{ .Values.certificates.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -145,7 +142,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.redis.version }}"
|
version: "{{ .Values.charts.redis.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-redis.yaml.gotmpl"
|
- "values-redis.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.redis | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.redis.enabled }}
|
installed: {{ .Values.redis.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -154,7 +150,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.memcached.version }}"
|
version: "{{ .Values.charts.memcached.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-memcached.yaml.gotmpl"
|
- "values-memcached.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.memcached | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.memcached.enabled }}
|
installed: {{ .Values.memcached.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -163,7 +158,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.postgresql.version }}"
|
version: "{{ .Values.charts.postgresql.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-postgresql.yaml.gotmpl"
|
- "values-postgresql.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.postgresql | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.postgresql.enabled }}
|
installed: {{ .Values.postgresql.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -172,7 +166,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.mariadb.version }}"
|
version: "{{ .Values.charts.mariadb.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-mariadb.yaml.gotmpl"
|
- "values-mariadb.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.mariadb | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.mariadb.enabled }}
|
installed: {{ .Values.mariadb.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -181,7 +174,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.postfix.version }}"
|
version: "{{ .Values.charts.postfix.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-postfix.yaml.gotmpl"
|
- "values-postfix.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.postfix | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.postfix.enabled }}
|
installed: {{ .Values.postfix.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -190,7 +182,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.dkimpy.version }}"
|
version: "{{ .Values.charts.dkimpy.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-dkimpy.yaml.gotmpl"
|
- "values-dkimpy.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.opendeskDkimpyMilter | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.dkimpy.enabled }}
|
installed: {{ .Values.dkimpy.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -199,7 +190,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.clamav.version }}"
|
version: "{{ .Values.charts.clamav.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-clamav-distributed.yaml.gotmpl"
|
- "values-clamav-distributed.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.clamav | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.clamavDistributed.enabled }}
|
installed: {{ .Values.clamavDistributed.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -208,7 +198,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.clamavSimple.version }}"
|
version: "{{ .Values.charts.clamavSimple.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-clamav-simple.yaml.gotmpl"
|
- "values-clamav-simple.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.clamavSimple | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.clamavSimple.enabled }}
|
installed: {{ .Values.clamavSimple.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
@@ -217,7 +206,6 @@ releases:
|
|||||||
version: "{{ .Values.charts.minio.version }}"
|
version: "{{ .Values.charts.minio.version }}"
|
||||||
values:
|
values:
|
||||||
- "values-minio.yaml.gotmpl"
|
- "values-minio.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.minio | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.minio.enabled }}
|
installed: {{ .Values.minio.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ global:
|
|||||||
synapseFederation: {{ .Values.global.hosts.synapseFederation }}
|
synapseFederation: {{ .Values.global.hosts.synapseFederation }}
|
||||||
whiteboard: {{ .Values.global.hosts.whiteboard }}
|
whiteboard: {{ .Values.global.hosts.whiteboard }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.nubus.enabled }}
|
{{- if .Values.intercom.enabled }}
|
||||||
intercomService: {{ .Values.global.hosts.intercomService }}
|
intercomService: {{ .Values.global.hosts.intercomService }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.jitsi.enabled }}
|
{{- if .Values.jitsi.enabled }}
|
||||||
|
|||||||
@@ -16,6 +16,8 @@ apps:
|
|||||||
enabled: {{ .Values.dovecot.enabled }}
|
enabled: {{ .Values.dovecot.enabled }}
|
||||||
element:
|
element:
|
||||||
enabled: {{ .Values.element.enabled }}
|
enabled: {{ .Values.element.enabled }}
|
||||||
|
intercom:
|
||||||
|
enabled: {{ .Values.intercom.enabled }}
|
||||||
jitsi:
|
jitsi:
|
||||||
enabled: {{ .Values.jitsi.enabled }}
|
enabled: {{ .Values.jitsi.enabled }}
|
||||||
mariadb:
|
mariadb:
|
||||||
@@ -30,6 +32,8 @@ apps:
|
|||||||
enabled: {{ .Values.openproject.enabled }}
|
enabled: {{ .Values.openproject.enabled }}
|
||||||
oxAppsuite:
|
oxAppsuite:
|
||||||
enabled: {{ .Values.oxAppsuite.enabled }}
|
enabled: {{ .Values.oxAppsuite.enabled }}
|
||||||
|
oxConnector:
|
||||||
|
enabled: {{ .Values.oxConnector.enabled }}
|
||||||
postfix:
|
postfix:
|
||||||
enabled: {{ .Values.postfix.enabled }}
|
enabled: {{ .Values.postfix.enabled }}
|
||||||
postgresql:
|
postgresql:
|
||||||
@@ -44,6 +48,7 @@ apps:
|
|||||||
ingressController:
|
ingressController:
|
||||||
{{ .Values.security.ingressController | toYaml | nindent 2 }}
|
{{ .Values.security.ingressController | toYaml | nindent 2 }}
|
||||||
|
|
||||||
|
|
||||||
extraApps:
|
extraApps:
|
||||||
clusterPostfix:
|
clusterPostfix:
|
||||||
enabled: {{ .Values.security.clusterPostfix.enabled }}
|
enabled: {{ .Values.security.clusterPostfix.enabled }}
|
||||||
|
|||||||
@@ -19,7 +19,6 @@ releases:
|
|||||||
wait: true
|
wait: true
|
||||||
values:
|
values:
|
||||||
- "values.yaml.gotmpl"
|
- "values.yaml.gotmpl"
|
||||||
- {{ .Values.customization.release.xwiki | default "additionalValues: false" }}
|
|
||||||
installed: {{ .Values.xwiki.enabled }}
|
installed: {{ .Values.xwiki.enabled }}
|
||||||
timeout: 900
|
timeout: 900
|
||||||
|
|
||||||
|
|||||||
@@ -137,8 +137,6 @@ properties:
|
|||||||
"property:xwiki:XWiki.XWikiServerXwiki^XWiki.XWikiServerClass.secure": 1
|
"property:xwiki:XWiki.XWikiServerXwiki^XWiki.XWikiServerClass.secure": 1
|
||||||
"property:xwiki:XWiki.XWikiServerXwiki^XWiki.XWikiServerClass.server": "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
"property:xwiki:XWiki.XWikiServerXwiki^XWiki.XWikiServerClass.server": "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
|
||||||
"property:xwiki:XWiki.XWikiServerXwiki^XWiki.XWikiServerClass.port": 443
|
"property:xwiki:XWiki.XWikiServerXwiki^XWiki.XWikiServerClass.port": 443
|
||||||
## This option overwrites the LDAP group mappings including all dynamically created mappings, therefore on XWiki restart an LDAP sync is triggered to load the dynamic mapping.
|
|
||||||
"property:xwiki:XWiki.XWikiPreferences^XWiki.XWikiPreferences.ldap_group_mapping": "xwiki:XWiki.XWikiAdminGroup=cn=managed-by-attribute-KnowledgemanagementAdmin,cn=groups,dc=swp-ldap,dc=internal"
|
|
||||||
## SMTP settings
|
## SMTP settings
|
||||||
"property:xwiki:Mail.MailConfig^Mail.SendMailConfigClass.from": "{{ .Values.smtp.localpartNoReply }}@{{ .Values.global.domain }}"
|
"property:xwiki:Mail.MailConfig^Mail.SendMailConfigClass.from": "{{ .Values.smtp.localpartNoReply }}@{{ .Values.global.domain }}"
|
||||||
"property:xwiki:Mail.MailConfig^Mail.SendMailConfigClass.host": {{ printf "%s.%s.svc.%s" "postfix" (.Values.postfix.namespace | default .Release.Namespace) .Values.cluster.networking.domain | quote }}
|
"property:xwiki:Mail.MailConfig^Mail.SendMailConfigClass.host": {{ printf "%s.%s.svc.%s" "postfix" (.Values.postfix.namespace | default .Release.Namespace) .Values.cluster.networking.domain | quote }}
|
||||||
|
|||||||
@@ -122,7 +122,7 @@ charts:
|
|||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
||||||
name: "intercom-service"
|
name: "intercom-service"
|
||||||
version: "2.2.0"
|
version: "2.1.1"
|
||||||
verify: true
|
verify: true
|
||||||
jitsi:
|
jitsi:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
@@ -162,7 +162,7 @@ charts:
|
|||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-migrations"
|
repository: "bmi/opendesk/components/platform-development/charts/opendesk-migrations"
|
||||||
name: "opendesk-migrations"
|
name: "opendesk-migrations"
|
||||||
version: "1.3.3"
|
version: "1.3.2"
|
||||||
verify: true
|
verify: true
|
||||||
minio:
|
minio:
|
||||||
# providerCategory: "Community"
|
# providerCategory: "Community"
|
||||||
@@ -211,12 +211,10 @@ charts:
|
|||||||
# upstreamRepository: "nubus/charts/nubus"
|
# upstreamRepository: "nubus/charts/nubus"
|
||||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||||
# upstreamMirrorStartFrom: ["0", "19", "3"]
|
# upstreamMirrorStartFrom: ["0", "19", "3"]
|
||||||
# registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
# repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
||||||
registry: "artifacts.software-univention.de"
|
|
||||||
repository: "nubus-dev/charts"
|
|
||||||
name: "nubus"
|
name: "nubus"
|
||||||
version: "0.63.0-pre-jconde-plain-nubus"
|
version: "0.57.3"
|
||||||
verify: true
|
verify: true
|
||||||
opendeskKeycloakBootstrap:
|
opendeskKeycloakBootstrap:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
@@ -260,7 +258,7 @@ charts:
|
|||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/charts-mirror"
|
repository: "bmi/opendesk/components/supplier/open-xchange/charts-mirror"
|
||||||
name: "appsuite-public-sector"
|
name: "appsuite-public-sector"
|
||||||
version: "2.10.9"
|
version: "2.8.78"
|
||||||
verify: false
|
verify: false
|
||||||
openXchangeAppSuiteBootstrap:
|
openXchangeAppSuiteBootstrap:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
@@ -292,7 +290,7 @@ charts:
|
|||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
||||||
name: "ox-connector"
|
name: "ox-connector"
|
||||||
version: "0.14.5"
|
version: "0.4.2"
|
||||||
verify: true
|
verify: true
|
||||||
postfix:
|
postfix:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
|
|||||||
@@ -1,57 +0,0 @@
|
|||||||
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
|
||||||
---
|
|
||||||
# This variable allows customization of helmfile releases by loading custom values file.
|
|
||||||
# Example:
|
|
||||||
# customization:
|
|
||||||
# release:
|
|
||||||
# collaboraOnline: /path/to/additional/file.yaml
|
|
||||||
customization:
|
|
||||||
release:
|
|
||||||
# collabora
|
|
||||||
collaboraOnline: ~
|
|
||||||
# cryptpad
|
|
||||||
cryptpad: ~
|
|
||||||
# element
|
|
||||||
opendeskElement: ~
|
|
||||||
opendeskWellKnown: ~
|
|
||||||
opendeskSynapseWeb: ~
|
|
||||||
opendeskSynapse: ~
|
|
||||||
# jitsi
|
|
||||||
jitsi: ~
|
|
||||||
# migrations-post
|
|
||||||
migrationsPost: ~
|
|
||||||
# migrations-pre
|
|
||||||
migrationsPre: ~
|
|
||||||
# nextcloud
|
|
||||||
opendeskNextcloudManagement: ~
|
|
||||||
opendeskNextcloud: ~
|
|
||||||
# nubus
|
|
||||||
ums: ~
|
|
||||||
intercomService: ~
|
|
||||||
opendeskKeycloakBootstrap: ~
|
|
||||||
# open-xchange
|
|
||||||
dovecot: ~
|
|
||||||
openXchange: ~
|
|
||||||
opendeskOpenXchangeBootstrap: ~
|
|
||||||
oxConnector: ~
|
|
||||||
# openproject
|
|
||||||
openproject: ~
|
|
||||||
# openproject-bootstrap
|
|
||||||
opendeskOpenprojectBootstrap: ~
|
|
||||||
# services
|
|
||||||
opendeskOtterize: ~
|
|
||||||
opendeskHome: ~
|
|
||||||
opendeskCertificates: ~
|
|
||||||
redis: ~
|
|
||||||
memcached: ~
|
|
||||||
postgresql: ~
|
|
||||||
mariadb: ~
|
|
||||||
postfix: ~
|
|
||||||
opendeskDkimpyMilter: ~
|
|
||||||
clamav: ~
|
|
||||||
clamavSimple: ~
|
|
||||||
minio: ~
|
|
||||||
# xwiki
|
|
||||||
xwiki: ~
|
|
||||||
...
|
|
||||||
@@ -79,7 +79,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["2", "1", "0"]
|
# upstreamMirrorStartFrom: ["2", "1", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/intercom-service"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/intercom-service"
|
||||||
tag: "2.2.0@sha256:6e02a3b06827d8f23615ea43ed87f510018b8ecf77b2a8404b1554077b1bdc6b"
|
tag: "2.1.1@sha256:889b82681883b2cec1267a744f135f5b25a716de6ca584f7565ccd118b6f6c4f"
|
||||||
jibri:
|
jibri:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Nordeck"
|
# providerResponsible: "Nordeck"
|
||||||
@@ -161,7 +161,7 @@ images:
|
|||||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-migrations"
|
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-migrations"
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-migrations"
|
repository: "bmi/opendesk/components/platform-development/images/opendesk-migrations"
|
||||||
tag: "1.3.10@sha256:8cdc1d497840bbf3a1d824969e471503b42b8d8fae0ad22c275947085fc3179a"
|
tag: "1.3.9@sha256:dee06e4da27ff67cad12ba990aca58ca81eae89a02dfe4831bd3e9c67c08ddcf"
|
||||||
milter:
|
milter:
|
||||||
# providerCategory: "Community"
|
# providerCategory: "Community"
|
||||||
# providerResponsible: "openDesk"
|
# providerResponsible: "openDesk"
|
||||||
@@ -217,11 +217,9 @@ images:
|
|||||||
# upstreamRepository: "nubus/images/data-loader"
|
# upstreamRepository: "nubus/images/data-loader"
|
||||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||||
# upstreamMirrorStartFrom: ["0", "41", "5"]
|
# upstreamMirrorStartFrom: ["0", "41", "5"]
|
||||||
# registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
# repository: "bmi/opendesk/components/supplier/univention/images-mirror/data-loader"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/data-loader"
|
||||||
registry: "artifacts.software-univention.de"
|
tag: "0.69.3@sha256:2eed474783e27a70996b19fe1db1fdb3b4c100fa5f611241b6a72340db48e4af"
|
||||||
repository: "nubus-dev/images/data-loader"
|
|
||||||
tag: "0.72.0-pre-jconde-plain-nubus-theming@sha256:cbe0054bf57cb3bf80b6c03557dfac8691e4f777aba09ad0fc5c446271325ba8"
|
|
||||||
nubusGuardianAuthorizationApi:
|
nubusGuardianAuthorizationApi:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -261,7 +259,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "3", "0"]
|
# upstreamMirrorStartFrom: ["0", "3", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/guardian-init"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/guardian-init"
|
||||||
tag: "0.14.0@sha256:91613f123f7e46b321002d4b2b86c4635b79621376e513d4bea1bb1d01aa99f8"
|
tag: "0.13.0@sha256:0b0a4e4ab60a3d0f5e4872c9ed6d7b7db35e967007dd9b8ee7473daa5f6774f5"
|
||||||
nubusKeycloak:
|
nubusKeycloak:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -281,7 +279,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "1", "0"]
|
# upstreamMirrorStartFrom: ["0", "1", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-bootstrap"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-bootstrap"
|
||||||
tag: "0.3.0@sha256:2911e8d5409f4e302b5c8c073cc6bf3f3622582e6eef43c63672ac4551712750"
|
tag: "0.2.1@sha256:33acee89e870016d51b79d28213052b3fc40f9fed94898f6e11c51c2eb5677fb"
|
||||||
nubusKeycloakExtensionHandler:
|
nubusKeycloakExtensionHandler:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -291,7 +289,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "0", "3"]
|
# upstreamMirrorStartFrom: ["0", "0", "3"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-handler"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-handler"
|
||||||
tag: "0.11.0@sha256:aaba6527f37a7302cf54b0a689a1c11cb439bdc471e01d101726a05902714b9c"
|
tag: "0.10.0@sha256:7aa5bac4821c9226fd74c6a2883f7c24d214b4610d516574866cf933ee1be080"
|
||||||
nubusKeycloakExtensionProxy:
|
nubusKeycloakExtensionProxy:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -301,7 +299,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "0", "3"]
|
# upstreamMirrorStartFrom: ["0", "0", "3"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-proxy"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-proxy"
|
||||||
tag: "0.11.0@sha256:9b2079ed4078daee00d95ac2de4d72497131e699b967943db5be1c655048edb0"
|
tag: "0.10.0@sha256:a5f6ae65732f7fb9d7ceae11f1c412b109d230e197075d8a8e1d989c87a0309d"
|
||||||
nubusLdapNotifier:
|
nubusLdapNotifier:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -311,7 +309,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "8", "2"]
|
# upstreamMirrorStartFrom: ["0", "8", "2"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-notifier"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-notifier"
|
||||||
tag: "0.25.2@sha256:9e29c7fb5c609d7e597f27e0384c4f932e6962cdf64012154d7b7c076755d86c"
|
tag: "0.24.0@sha256:c41ecc4e6446ae6182b6e0a01592c69c9a99c8e17b33d0373b6892d0669e9902"
|
||||||
nubusLdapServer:
|
nubusLdapServer:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -321,7 +319,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "8", "2"]
|
# upstreamMirrorStartFrom: ["0", "8", "2"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-server"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-server"
|
||||||
tag: "0.25.2@sha256:2b9d53f93a93d0f3a659c81c0e44596da8941bd83c8e1f7301a24e46ca06dba2"
|
tag: "0.24.0@sha256:8db7292ec34291a2416bd72b1944b9076d651ed3b257890ebd8a990bcb8a7e98"
|
||||||
nubusLdapServerDhInitContainer:
|
nubusLdapServerDhInitContainer:
|
||||||
# providerCategory: 'Community'
|
# providerCategory: 'Community'
|
||||||
# providerResponsible: 'Univention'
|
# providerResponsible: 'Univention'
|
||||||
@@ -363,7 +361,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/notifications-api"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/notifications-api"
|
||||||
tag: "0.40.1@sha256:1c18a88b3eefe421b6da1bbd8f569cbf54de3749d9285decaad186d9d28f520a"
|
tag: "0.38.3@sha256:3b74617c6a8b68b086be8ab648bfffb08ba6ddb052ff0dcd4731c1bcc5a87a03"
|
||||||
nubusOpendeskExtension:
|
nubusOpendeskExtension:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
# providerResponsible: "openDesk"
|
# providerResponsible: "openDesk"
|
||||||
@@ -371,7 +369,7 @@ images:
|
|||||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
repository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
||||||
tag: "1.5.1@sha256:d4b97a6438e89e747ab38d975895347eec5ecd771af4d35dd0865d98fd585029"
|
tag: "1.5.0@sha256:2bfdf79028ec788162cf75bf80b08ed5aa3f747430bc85fd5e0427decc9994de"
|
||||||
nubusOpenPolicyAgent:
|
nubusOpenPolicyAgent:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -401,7 +399,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "27", "0"]
|
# upstreamMirrorStartFrom: ["0", "27", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-consumer"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-consumer"
|
||||||
tag: "0.40.1@sha256:468b7785a0baff67dce184ecf66b048517d10587e8a877030b140efe4384f3fb"
|
tag: "0.38.3@sha256:a4c7b57870aa7868174ef446f4212da1fc9f57d72c31dca245a5787699f2975b"
|
||||||
nubusPortalExtension:
|
nubusPortalExtension:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -419,11 +417,9 @@ images:
|
|||||||
# upstreamRepository: "nubus/images/portal-frontend"
|
# upstreamRepository: "nubus/images/portal-frontend"
|
||||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||||
# registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
# repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-frontend"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-frontend"
|
||||||
registry: "artifacts.software-univention.de"
|
tag: "0.38.3@sha256:514ff5117331d0b446944b252d993db547daad64062fcfaab8794bfb4f5290a3"
|
||||||
repository: "nubus-dev/images/portal-frontend"
|
|
||||||
tag: "0.41.0-pre-jconde-plain-nubus-theming@sha256:7eb3e30906a461468d835e7a50a74444749218b47e0b0abd1243b4faae079455"
|
|
||||||
nubusPortalServer:
|
nubusPortalServer:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -433,7 +429,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-server"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-server"
|
||||||
tag: "0.40.1@sha256:ae1966abc103267d1399eef0a1ee53951d545309071a51283323c7f6d4c3e7cb"
|
tag: "0.38.3@sha256:0cd37fc82a7426013a1f93dcf4a72686f3b90b7532991dd1d50ae28cbca493e5"
|
||||||
nubusProvisioningDispatcher:
|
nubusProvisioningDispatcher:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -443,7 +439,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-dispatcher"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-dispatcher"
|
||||||
tag: "0.43.1@sha256:c646a5888b0a146580bb451d5b04d738de915a7251d51b035ccc0edc9ec948e7"
|
tag: "0.39.0@sha256:cff262c399785594a07d61a0645ca304e4da044d37831c29f848d8d70b2e58c9"
|
||||||
nubusProvisioningEventsAndConsumerApi:
|
nubusProvisioningEventsAndConsumerApi:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -453,7 +449,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-events-and-consumer-api"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-events-and-consumer-api"
|
||||||
tag: "0.43.1@sha256:0e6a75695e2654be6aae895a9dc97b937b3c3bcb2d42fcbbdc8a9fc3ee3476c8"
|
tag: "0.39.0@sha256:9f537eb138863ea9c3f6f7b416e7787ab1841e3e0ba3a8dd39fe35464955d75d"
|
||||||
nubusProvisioningPrefill:
|
nubusProvisioningPrefill:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -463,7 +459,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-prefill"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-prefill"
|
||||||
tag: "0.43.1@sha256:92a24a3955ad16258f7c0a881d8b113fe29936defab041258c0b4735eeb21e1f"
|
tag: "0.39.0@sha256:72ab91cd235b52875c03411c5488984b482aafc6d58f2064bd5313ab7a119cab"
|
||||||
nubusProvisioningUdmListener:
|
nubusProvisioningUdmListener:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -473,7 +469,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-listener"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-listener"
|
||||||
tag: "0.42.0@sha256:123165dcf5a723fc1a3e88923a11f31784a1f6e66b3da15f20f11477cecbd3ac"
|
tag: "0.39.0@sha256:f0e63353f0ea28890c992a374b82ac65f379f9dfd4c7fe645f002b170df1da69"
|
||||||
nubusProvisioningUdmTransformer:
|
nubusProvisioningUdmTransformer:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -483,7 +479,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-transformer"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-transformer"
|
||||||
tag: "0.43.1@sha256:33aa61b6f2ca23d6383b3b27fc9c5a23a8dfc39ccbdd127191d40a9c6b6337f5"
|
tag: "0.39.0@sha256:64166fae60856da544698b601b70037a93239e9f6072ced890cd5965fab148dc"
|
||||||
nubusSelfServiceConsumer:
|
nubusSelfServiceConsumer:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -493,7 +489,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "3", "2"]
|
# upstreamMirrorStartFrom: ["0", "3", "2"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/selfservice-invitation"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/selfservice-invitation"
|
||||||
tag: "0.11.1@sha256:3d6afb820f55272727ace7e7213f4b3a46bcc6c2c8c22aa45dd421a6daf33322"
|
tag: "0.7.3@sha256:7eb99ca8e7b5af321c45a515d7999ec421a3644e34c47028e90b627e8af9d39d"
|
||||||
nubusUdmRestApi:
|
nubusUdmRestApi:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -503,7 +499,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "9", "3"]
|
# upstreamMirrorStartFrom: ["0", "9", "3"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/udm-rest-api"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/udm-rest-api"
|
||||||
tag: "0.24.0@sha256:113251d8052f69ac0c7af721954d1711231ca72de1ce6565bb86cdadf53a0ad9"
|
tag: "0.23.0@sha256:908e79f13bee54b6ee521278d8423b436071aa0628803f561c9cebdfebda1403"
|
||||||
nubusUmcGateway:
|
nubusUmcGateway:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -513,7 +509,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "7", "3"]
|
# upstreamMirrorStartFrom: ["0", "7", "3"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-gateway"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-gateway"
|
||||||
tag: "0.32.0@sha256:d47716784ea86659ef93b1e79b0edd72a69d5e8169704accaf6213f01d4e395e"
|
tag: "0.30.0@sha256:73cd61b29c2d1e44c025c3da56ec8664c2509ee2ac49a0bccf0b357f017489e6"
|
||||||
nubusUmcServer:
|
nubusUmcServer:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
@@ -523,14 +519,14 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "7", "3"]
|
# upstreamMirrorStartFrom: ["0", "7", "3"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-server"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-server"
|
||||||
tag: "0.32.0@sha256:e2b28d54e9b9c0a3f0267a631dd0f2b18e04a8f8438986b570a9c8a5ccb06001"
|
tag: "0.30.0@sha256:78e20377a8cb3f6c5efa004a52aee444345e71d91e02e414c86c2a2631de5822"
|
||||||
nubusUmcServerProxy:
|
nubusUmcServerProxy:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Univention"
|
# providerResponsible: "Univention"
|
||||||
# upstreamRegistry: "https://registry-1.docker.io"
|
# upstreamRegistry: "https://registry-1.docker.io"
|
||||||
# upstreamRepository: "traefik"
|
# upstreamRepository: "traefik"
|
||||||
registry: "registry-1.docker.io"
|
registry: "registry-1.docker.io"
|
||||||
repository: "library/traefik"
|
repository: "traefik"
|
||||||
tag: "3.0@sha256:a208c74fd80a566d4ea376053bff73d31616d7af3f1465a7747b8b89ee34d97e"
|
tag: "3.0@sha256:a208c74fd80a566d4ea376053bff73d31616d7af3f1465a7747b8b89ee34d97e"
|
||||||
nubusWaitForDependency:
|
nubusWaitForDependency:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
@@ -541,7 +537,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/wait-for-dependency"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/wait-for-dependency"
|
||||||
tag: "0.26.0@sha256:a31fde86bf21c597a31356fe492ab7e7a03a89282ca215eb7100763d6eb96b6b"
|
tag: "0.25.0@sha256:71a4d66fd67db6f92212b1936862b2b0d5a678d412213d74452a9195c2fe67f7"
|
||||||
opendeskKeycloakBootstrap:
|
opendeskKeycloakBootstrap:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
# providerResponsible: "openDesk"
|
# providerResponsible: "openDesk"
|
||||||
@@ -593,7 +589,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["8", "6", "0"]
|
# upstreamMirrorStartFrom: ["8", "6", "0"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/core-guidedtours"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/core-guidedtours"
|
||||||
tag: "8.6.6@sha256:3082f3259a03025c03f6b9b77fafcd5b9e391ae5ac4a47b47d5f546d4f1534ee"
|
tag: "8.6.5@sha256:cbdea676267011d5c9ef7764fcd23ef432219b61c4f3949ef11ddfc4920873dd"
|
||||||
openxchangeCoreMW:
|
openxchangeCoreMW:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -603,7 +599,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["8", "20", "51"]
|
# upstreamMirrorStartFrom: ["8", "20", "51"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/middleware-public-sector"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/middleware-public-sector"
|
||||||
tag: "8.28.50@sha256:38447bd607c497977a5ba9189d957eebe7f82f09fa329ebc38c0785c70b04558"
|
tag: "8.26.38@sha256:ff2dcf50a9d9a801357255f7244173fe9835715fd1852a28e3a8ebb7c0634293"
|
||||||
openxchangeCoreUI:
|
openxchangeCoreUI:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -613,7 +609,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["8", "20", "1"]
|
# upstreamMirrorStartFrom: ["8", "20", "1"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/core-ui"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/core-ui"
|
||||||
tag: "8.28.1@sha256:be9cfb5a1d9389a151b057884857ddebba982cfde621e432c55a17c03fff28d0"
|
tag: "8.27.4@sha256:d5b99bfc12baaeb5cbfc332c260ecca5308b6b662fe8acc8cd07479c99a1d148"
|
||||||
openxchangeCoreUIMiddleware:
|
openxchangeCoreUIMiddleware:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -633,7 +629,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["8", "20", "799279"]
|
# upstreamMirrorStartFrom: ["8", "20", "799279"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/core-user-guide"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/core-user-guide"
|
||||||
tag: "8.28.1107609@sha256:96a700ef71b4c723146ed0a274482422e09f5a9ccd035c351e192ea4de81eb9f"
|
tag: "8.27.1071402@sha256:764108a8dcb28467dadad1cfd98074a8e174209652de2f009d74fea51bb50d65"
|
||||||
openxchangeDocumentConverter:
|
openxchangeDocumentConverter:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -643,7 +639,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["8", "20", "50"]
|
# upstreamMirrorStartFrom: ["8", "20", "50"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/documentconverter"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/documentconverter"
|
||||||
tag: "8.28.49@sha256:0b45243cb2b6453b4073f4b80f205873fff49d8ed93f05c55971d728aa957e07"
|
tag: "8.27.54@sha256:79080b4b766901977532a18ef38af70234a99cf0bf53900c4df3902f24702eb7"
|
||||||
openxchangeGotenberg:
|
openxchangeGotenberg:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -663,7 +659,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["4", "2", "2"]
|
# upstreamMirrorStartFrom: ["4", "2", "2"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/guard-ui"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/guard-ui"
|
||||||
tag: "8.28.0@sha256:950dd4ec4633fb920502392e8e93d9f497eaf920ae4fe79629b53a835f129741"
|
tag: "8.27.0@sha256:89b81de90a6e7078371d8ea02ab4e1056c512ba515db113daf55b160533f7a73"
|
||||||
openxchangeImageConverter:
|
openxchangeImageConverter:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -673,7 +669,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["8", "20", "50"]
|
# upstreamMirrorStartFrom: ["8", "20", "50"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/imageconverter"
|
repository: "bmi/opendesk/components/supplier/open-xchange/images-mirror/imageconverter"
|
||||||
tag: "8.28.49@sha256:90d2f7defae974d115654986acb2035e38bb16a9daa9b2bf15078d48c0c24366"
|
tag: "8.27.55@sha256:f999c8205d83730a064aec13eb98762e1c7354f31f42e0add0136cf15be32dd0"
|
||||||
openxchangeNextcloudIntegrationUI:
|
openxchangeNextcloudIntegrationUI:
|
||||||
# providerCategory: "Supplier"
|
# providerCategory: "Supplier"
|
||||||
# providerResponsible: "Open-Xchange"
|
# providerResponsible: "Open-Xchange"
|
||||||
@@ -703,7 +699,7 @@ images:
|
|||||||
# upstreamMirrorStartFrom: ["0", "4", "2"]
|
# upstreamMirrorStartFrom: ["0", "4", "2"]
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ox-connector-standalone"
|
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ox-connector-standalone"
|
||||||
tag: "0.14.5@sha256:0b7816e3c8eca1949d3adc8c19d64394a862cbe478a3c51c6d18e546f02aea3d"
|
tag: "0.4.2@sha256:308489c0c0e0436bbbedbd757f78875d44468992c46c8d371c584dc778b30770"
|
||||||
postfix:
|
postfix:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
# providerResponsible: "openDesk"
|
# providerResponsible: "openDesk"
|
||||||
|
|||||||
@@ -31,6 +31,9 @@ element:
|
|||||||
home:
|
home:
|
||||||
enabled: true
|
enabled: true
|
||||||
namespace: ~
|
namespace: ~
|
||||||
|
intercom:
|
||||||
|
enabled: true
|
||||||
|
namespace: ~
|
||||||
jitsi:
|
jitsi:
|
||||||
enabled: true
|
enabled: true
|
||||||
namespace: ~
|
namespace: ~
|
||||||
@@ -58,6 +61,9 @@ openproject:
|
|||||||
oxAppsuite:
|
oxAppsuite:
|
||||||
enabled: true
|
enabled: true
|
||||||
namespace: ~
|
namespace: ~
|
||||||
|
oxConnector:
|
||||||
|
enabled: true
|
||||||
|
namespace: ~
|
||||||
postfix:
|
postfix:
|
||||||
enabled: true
|
enabled: true
|
||||||
namespace: ~
|
namespace: ~
|
||||||
|
|||||||
@@ -20,6 +20,5 @@ persistence:
|
|||||||
ldapServerData: "1Gi"
|
ldapServerData: "1Gi"
|
||||||
ldapServerShared: "1Gi"
|
ldapServerShared: "1Gi"
|
||||||
portalConsumer: "1Gi"
|
portalConsumer: "1Gi"
|
||||||
provisioningNats: "1Gi"
|
|
||||||
xwiki: "1Gi"
|
xwiki: "1Gi"
|
||||||
...
|
...
|
||||||
|
|||||||
@@ -111,6 +111,8 @@ replicas:
|
|||||||
umsProvisioningUdmTransformer: 1
|
umsProvisioningUdmTransformer: 1
|
||||||
# -- scalable: tbd
|
# -- scalable: tbd
|
||||||
umsSelfserviceConsumer: 1
|
umsSelfserviceConsumer: 1
|
||||||
|
# -- scalable: tbd
|
||||||
|
umsStackGateway: 1
|
||||||
# -- scalable: true
|
# -- scalable: true
|
||||||
umsUdmListener: 1
|
umsUdmListener: 1
|
||||||
# -- scalable: tbd
|
# -- scalable: tbd
|
||||||
|
|||||||
@@ -225,6 +225,49 @@ resources:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "512Mi"
|
memory: "512Mi"
|
||||||
|
nubusProvisioning:
|
||||||
|
nats:
|
||||||
|
limits:
|
||||||
|
cpu: 288
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "128Mi"
|
||||||
|
dispatcher:
|
||||||
|
limits:
|
||||||
|
cpu: 1
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "64Mi"
|
||||||
|
registerConsumers:
|
||||||
|
limits:
|
||||||
|
cpu: 1
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "64Mi"
|
||||||
|
udmTransformer:
|
||||||
|
limits:
|
||||||
|
cpu: 1
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "64Mi"
|
||||||
|
prefill:
|
||||||
|
limits:
|
||||||
|
cpu: 1
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "64Mi"
|
||||||
|
api:
|
||||||
|
limits:
|
||||||
|
cpu: 1
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "100Mi"
|
||||||
openproject:
|
openproject:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
@@ -435,6 +478,13 @@ resources:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
|
umsLdapServerInit:
|
||||||
|
limits:
|
||||||
|
cpu: 99
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "256Mi"
|
||||||
umsNotificationsApi:
|
umsNotificationsApi:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
@@ -470,13 +520,13 @@ resources:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
umsProvisioningApi:
|
umsProvisioningEventsAndConsumerApi:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
memory: "1Gi"
|
memory: "1Gi"
|
||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "100Mi"
|
memory: "256Mi"
|
||||||
umsProvisioningDispatcher:
|
umsProvisioningDispatcher:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
@@ -491,27 +541,20 @@ resources:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
umsProvisioningRegisterConsumers:
|
umsProvisioningUdmListener:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
memory: "1Gi"
|
memory: "1Gi"
|
||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "64Mi"
|
memory: "256Mi"
|
||||||
umsProvisioningUdmTransformer:
|
|
||||||
limits:
|
|
||||||
cpu: 99
|
|
||||||
memory: "1Gi"
|
|
||||||
requests:
|
|
||||||
cpu: 0.1
|
|
||||||
memory: "64Mi"
|
|
||||||
umsProvisioningNats:
|
umsProvisioningNats:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
memory: "1Gi"
|
memory: "1Gi"
|
||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "128Mi"
|
memory: "256Mi"
|
||||||
umsSelfserviceConsumer:
|
umsSelfserviceConsumer:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
@@ -519,6 +562,13 @@ resources:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
|
umsSelfserviceListenerDependencies:
|
||||||
|
limits:
|
||||||
|
cpu: 99
|
||||||
|
memory: "1Gi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "256Mi"
|
||||||
umsStackDataUms:
|
umsStackDataUms:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
@@ -526,6 +576,13 @@ resources:
|
|||||||
requests:
|
requests:
|
||||||
cpu: 0.1
|
cpu: 0.1
|
||||||
memory: "256Mi"
|
memory: "256Mi"
|
||||||
|
umsStackGateway:
|
||||||
|
limits:
|
||||||
|
cpu: 99
|
||||||
|
memory: "64Mi"
|
||||||
|
requests:
|
||||||
|
cpu: 0.1
|
||||||
|
memory: "16Mi"
|
||||||
umsUdmListener:
|
umsUdmListener:
|
||||||
limits:
|
limits:
|
||||||
cpu: 99
|
cpu: 99
|
||||||
|
|||||||
@@ -19,8 +19,6 @@ secrets:
|
|||||||
shareCryptKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "share_crypt_key" | sha1sum | quote }}
|
shareCryptKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "share_crypt_key" | sha1sum | quote }}
|
||||||
sessiondEncryptionKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "sessiond_encryption_key" | sha1sum | quote }}
|
sessiondEncryptionKey: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "sessiond_encryption_key" | sha1sum | quote }}
|
||||||
synapseAsToken: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "as_token" | sha1sum | quote }}
|
synapseAsToken: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "as_token" | sha1sum | quote }}
|
||||||
oxConnector:
|
|
||||||
provisioningApiPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "ox-connector" | sha1sum | quote }}
|
|
||||||
nubus:
|
nubus:
|
||||||
ldapSecret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "ldap" | sha1sum | quote }}
|
ldapSecret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "ldap" | sha1sum | quote }}
|
||||||
ldapSearch:
|
ldapSearch:
|
||||||
|
|||||||
@@ -60,7 +60,11 @@ seLinuxOptions:
|
|||||||
prosody: ~
|
prosody: ~
|
||||||
redis: ~
|
redis: ~
|
||||||
synapse: ~
|
synapse: ~
|
||||||
|
synapseCreateUser: ~
|
||||||
|
synapseGuestModule: ~
|
||||||
synapseWeb: ~
|
synapseWeb: ~
|
||||||
|
umsConfigHtpasswd: ~
|
||||||
|
umsDataLoader: ~
|
||||||
umsGuardianAuthorizationApi: ~
|
umsGuardianAuthorizationApi: ~
|
||||||
umsGuardianManagementApi: ~
|
umsGuardianManagementApi: ~
|
||||||
umsGuardianManagementUi: ~
|
umsGuardianManagementUi: ~
|
||||||
@@ -77,12 +81,15 @@ seLinuxOptions:
|
|||||||
umsPortalServer: ~
|
umsPortalServer: ~
|
||||||
umsProvisioning: ~
|
umsProvisioning: ~
|
||||||
umsProvisioningNats: ~
|
umsProvisioningNats: ~
|
||||||
|
umsSelfserviceInvitation: ~
|
||||||
umsSelfserviceConsumer: ~
|
umsSelfserviceConsumer: ~
|
||||||
umsStackDataUms: ~
|
umsStackGateway: ~
|
||||||
|
umsStoreDav: ~
|
||||||
umsUdmListener: ~
|
umsUdmListener: ~
|
||||||
umsUdmRestApi: ~
|
umsUdmRestApi: ~
|
||||||
umsUmcGateway: ~
|
umsUmcGateway: ~
|
||||||
umsUmcServer: ~
|
umsUmcServer: ~
|
||||||
|
umsWaitForDependency: ~
|
||||||
wellKnown: ~
|
wellKnown: ~
|
||||||
xwiki: ~
|
xwiki: ~
|
||||||
...
|
...
|
||||||
|
|||||||
@@ -15,6 +15,8 @@ helmfiles:
|
|||||||
values: *values
|
values: *values
|
||||||
- path: "helmfile/apps/nubus/helmfile-child.yaml.gotmpl"
|
- path: "helmfile/apps/nubus/helmfile-child.yaml.gotmpl"
|
||||||
values: *values
|
values: *values
|
||||||
|
- path: "helmfile/apps/intercom-service/helmfile-child.yaml.gotmpl"
|
||||||
|
values: *values
|
||||||
- path: "helmfile/apps/open-xchange/helmfile-child.yaml.gotmpl"
|
- path: "helmfile/apps/open-xchange/helmfile-child.yaml.gotmpl"
|
||||||
values: *values
|
values: *values
|
||||||
- path: "helmfile/apps/nextcloud/helmfile-child.yaml.gotmpl"
|
- path: "helmfile/apps/nextcloud/helmfile-child.yaml.gotmpl"
|
||||||
@@ -31,6 +33,8 @@ helmfiles:
|
|||||||
values: *values
|
values: *values
|
||||||
- path: "helmfile/apps/xwiki/helmfile-child.yaml.gotmpl"
|
- path: "helmfile/apps/xwiki/helmfile-child.yaml.gotmpl"
|
||||||
values: *values
|
values: *values
|
||||||
|
- path: "helmfile/apps/provisioning/helmfile-child.yaml.gotmpl"
|
||||||
|
values: *values
|
||||||
- path: "helmfile/apps/openproject-bootstrap/helmfile-child.yaml.gotmpl"
|
- path: "helmfile/apps/openproject-bootstrap/helmfile-child.yaml.gotmpl"
|
||||||
values: *values
|
values: *values
|
||||||
- path: "helmfile/apps/migrations-post/helmfile-child.yaml.gotmpl"
|
- path: "helmfile/apps/migrations-post/helmfile-child.yaml.gotmpl"
|
||||||
|
|||||||
Reference in New Issue
Block a user