mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-07 16:01:37 +01:00
Compare commits
40 Commits
uv-jtorres
...
uv-jconde/
| Author | SHA1 | Date | |
|---|---|---|---|
|
57dac0b10e | ||
|
|
dc43763c7b | ||
|
|
17f7459377 | ||
|
|
cb0442ce66 | ||
|
|
b5801369f7 | ||
|
|
693045b8eb | ||
|
|
3b451ece45 | ||
|
|
9b15fb114c | ||
|
|
fbd6ba6969 | ||
|
|
073a3881cc | ||
|
|
783411d8d6 | ||
|
|
2d5565bb4a | ||
|
|
8953d12095 | ||
|
|
5c0fb577c9 | ||
|
|
8401e27e8d | ||
|
|
cb9cdea4a7 | ||
|
|
f0e689b8d9 | ||
|
|
7695c00426 | ||
|
|
e41e942ba4 | ||
|
|
22ddd60df0 | ||
|
|
76e5015de0 | ||
|
|
0d0e13bf2b | ||
|
|
61147f133c | ||
|
|
85a7d4c705 | ||
|
|
62fda9259f | ||
|
|
cab8e7a86d | ||
|
|
c25803196e | ||
|
|
10bd2537e6 | ||
|
|
a79718d6a5 | ||
|
|
4ca5894f0d | ||
|
|
c82fe3a5ea | ||
|
|
c83310440b | ||
|
|
412fcaeb55 | ||
|
|
7348547d96 | ||
|
|
8ef69ecaf2 | ||
|
|
fa04f88370 | ||
|
|
efc41cb3aa | ||
|
|
370c7cd836 | ||
|
|
ac148d0c28 | ||
|
|
3d441933ca |
@@ -307,7 +307,7 @@ provisioning-deploy:
|
||||
variables:
|
||||
COMPONENT: "provisioning"
|
||||
|
||||
ums-deploy:
|
||||
nubus-deploy:
|
||||
stage: "component-deploy-stage-1"
|
||||
extends: ".deploy-common"
|
||||
rules:
|
||||
|
||||
@@ -36,9 +36,9 @@ openDesk currently features the following functional main components:
|
||||
| Groupware | OX App Suite | [8.26](https://documentation.open-xchange.com/appsuite/releases/8.26/) | Online documentation available from within the installed application; [Additional resources](https://www.open-xchange.com/resources/oxpedia) |
|
||||
| Knowledge management | XWiki | [16.4.1](https://www.xwiki.org/xwiki/bin/view/ReleaseNotes/Data/XWiki/16.4.1/) | [For the most recent release](https://www.xwiki.org/xwiki/bin/view/Documentation) |
|
||||
| Portal & IAM | Nubus | Product Preview[^1] | [Univention's documentation website](https://docs.software-univention.de/n/en/index.html) |
|
||||
| Project management | OpenProject | [14.4.0](https://www.openproject.org/docs/release-notes/14-4-0/) | [For the most recent release](https://www.openproject.org/docs/user-guide/) |
|
||||
| Project management | OpenProject | [14.4.1](https://www.openproject.org/docs/release-notes/14-4-1/) | [For the most recent release](https://www.openproject.org/docs/user-guide/) |
|
||||
| Videoconferencing | Jitsi | [2.0.9646](https://github.com/jitsi/jitsi-meet/releases/tag/stable%2Fjitsi-meet_9646) | [For the most recent release](https://jitsi.github.io/handbook/docs/category/user-guide/) |
|
||||
| Weboffice | Collabora | [24.04.6.1.1](https://www.collaboraoffice.com/code-24-04-release-notes/) | Online documentation available from within the installed application; [Additional resources](https://sdk.collaboraonline.com/) |
|
||||
| Weboffice | Collabora | [24.04.6.2.1](https://www.collaboraoffice.com/code-24-04-release-notes/) | Online documentation available from within the installed application; [Additional resources](https://sdk.collaboraonline.com/) |
|
||||
|
||||
While not all components are perfectly shaped for the execution inside containers, one of the project's objectives is to
|
||||
align the applications with best practices regarding container design and operations.
|
||||
|
||||
@@ -73,7 +73,8 @@
|
||||
"Addressbooks",
|
||||
"filestore",
|
||||
"trashbin",
|
||||
"bootstrap"
|
||||
"bootstrap",
|
||||
"configurability"
|
||||
],
|
||||
"ignoreWords": [],
|
||||
"import": []
|
||||
|
||||
@@ -157,6 +157,15 @@ alternatively you can use an environment variable:
|
||||
export PRIVATE_IMAGE_REGISTRY_URL=my_private_registry.domain.tld
|
||||
```
|
||||
|
||||
or control repository override fine-granular per registry:
|
||||
|
||||
```yaml
|
||||
repositories:
|
||||
image:
|
||||
dockerHub: "my_private_registry.domain.tld/docker.io/"
|
||||
registryOpencodeDe: "my_private_registry.domain.tld/registry.opencode.de/"
|
||||
```
|
||||
|
||||
If authentication is required, you can reference imagePullSecrets as following:
|
||||
|
||||
```yaml
|
||||
|
||||
@@ -8,7 +8,11 @@ SPDX-License-Identifier: Apache-2.0
|
||||
* [Disclaimer](#disclaimer)
|
||||
* [Releases upgrades](#releases-upgrades)
|
||||
* [From v0.9.0](#from-v090)
|
||||
* [Changed openDesk defaults](#changed-opendesk-defaults)
|
||||
* [MatrixID localpart update](#matrixid-localpart-update)
|
||||
* [Fileshare configurability](#fileshare-configurability)
|
||||
* [Automated migrations](#automated-migrations)
|
||||
* [Local Postfix as Relay](#local-postfix-as-relay)
|
||||
* [Updated IAM component Nubus](#updated-iam-component-nubus)
|
||||
* [Manual cleanup](#manual-cleanup)
|
||||
* [From v0.8.1](#from-v081)
|
||||
@@ -31,18 +35,80 @@ Limitations:
|
||||
|
||||
## From v0.9.0
|
||||
|
||||
### Changed openDesk defaults
|
||||
|
||||
#### MatrixID localpart update
|
||||
|
||||
Until 0.9.0 openDesk used the LDAP entryUUID of a user to generate the user's MatrixID. Due to restrictions of the
|
||||
Matrix protocol an update of a MatrixID is not possible, therefore it was technically convenient to use the UUID
|
||||
as it is immutable (see https://de.wikipedia.org/wiki/Universally_Unique_Identifier for more details on UUIDs.)
|
||||
|
||||
From the user experience perspective that was a bad approach, so from now on by default the username, that
|
||||
is also used for logging into openDesk, is used to define the localpart of the MatrixID.
|
||||
|
||||
For existing installations: The changed setting only affects users that login to Element the first time. Existing
|
||||
user accounts will not be harmed. If you want existing users to get new MatrixIDs based on the new setting, you
|
||||
need to update their external ID in Synapse and deactivate the old user afterwards. The user will get a new
|
||||
Matrix account from the scratch, losing the existing contacts, chats and rooms.
|
||||
|
||||
The following Admin API calls are helpful:
|
||||
- GET /_synapse/admin/v2/users/@<entryuuid>:<matrixdomain> get the user's existing external_id (auth_provider: "oidc")
|
||||
- PUT /_synapse/admin/v2/users/@<entryuuid>:<matrixdomain> update user's external_id with JSON payload:
|
||||
`{ "external_ids": [ { "auth_provider": "oidc", "external_id": "<old_id>+deprecated" } ] }`
|
||||
- POST /_synapse/admin/v1/deactivate/@<entryuuid>:<matrixdomain> deactivate old user with JSON payload:
|
||||
`{ "erase": true }`
|
||||
|
||||
For more details check the Admin API documentation:
|
||||
https://element-hq.github.io/synapse/latest/usage/administration/admin_api/index.html
|
||||
|
||||
You can enforce the old standard with the following setting:
|
||||
```
|
||||
functional:
|
||||
chat:
|
||||
matrix:
|
||||
profile:
|
||||
useImmutableIdentifierForLocalpart: true
|
||||
```
|
||||
|
||||
#### Fileshare configurability
|
||||
|
||||
We provide now some configurability regarding the sharing capabilities of the Nextcloud component.
|
||||
|
||||
The new default is different from the standard until now. To keep the current state after the upgrade from 0.9.0 you have to provide the following settings:
|
||||
|
||||
```
|
||||
functional:
|
||||
filestore:
|
||||
sharing:
|
||||
# Enables sharing of files with external participants (create external links, send links by mail and allow external upload in shared folders).
|
||||
enableExternalSharing: true
|
||||
# Enforces passwords to be used on external shares.
|
||||
enforceSharingPasswords: false
|
||||
```
|
||||
|
||||
### Automated migrations
|
||||
|
||||
#### Local Postfix as Relay
|
||||
|
||||
All components relay outgoing mails to the local Postfix. In order for the configuration to be picked up by all components the following restarts are triggered in the migrations `POST` stage:
|
||||
|
||||
- Deployments:
|
||||
- `opendesk-nextcloud-php`
|
||||
- `ums-umc-server`
|
||||
- Stateful Sets:
|
||||
- `ums-selfservice-listener`
|
||||
- `opendesk-synapse`
|
||||
|
||||
#### Updated IAM component Nubus
|
||||
|
||||
openDesk is integrating the latest [Nubus](https://www.univention.de/produkte/nubus/) development from Univention. The now redundant and scalable LDAP requires migration activities. These have been automated to avoid manual interaction. The `run_2` of the openDesk
|
||||
upgrade migrations executes the following steps:
|
||||
|
||||
- Stage PRE:
|
||||
- Stage `PRE`:
|
||||
- Delete service `ums-keycloak`, as it will be recreated headless.
|
||||
- Scale down `statefulset/ums-ldap-server` and `statefulset/ums-ldap-notifier` in preparation or the next step:
|
||||
- Create two new PVCs `shared-data-ums-ldap-server-primary-0` and `shared-data-ums-ldap-server-primary-1` for the new LDAP primary pods as copy from the existing `shared-data-ums-ldap-server-0`. The LDAP secondaries will sync from the primary nodes.
|
||||
- Stage POST:
|
||||
- Stage `POST`:
|
||||
- Restart Keycloak.
|
||||
|
||||
##### Manual cleanup
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
@@ -7,7 +8,7 @@ autoscaling:
|
||||
enabled: false
|
||||
|
||||
collabora:
|
||||
extra_params: "--o:ssl.enable=false --o:ssl.termination=true --o:fetch_update_check=0"
|
||||
extra_params: "--o:ssl.enable=false --o:ssl.termination=true --o:fetch_update_check=0 --o:remote_font_config.url=https://{{ .Values.global.hosts.nextcloud }}.{{ .Values.global.domain }}/index.php/apps/richdocuments/settings/fonts.json"
|
||||
username: "collabora-internal-admin"
|
||||
password: {{ .Values.secrets.collabora.adminPassword | quote }}
|
||||
aliasgroups:
|
||||
@@ -24,7 +25,7 @@ grafana:
|
||||
{{ .Values.monitoring.grafana.dashboards.annotations | toYaml | nindent 6 }}
|
||||
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.collabora.registry }}/{{ .Values.images.collabora.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.collabora.registry }}/{{ .Values.images.collabora.repository }}"
|
||||
tag: {{ .Values.images.collabora.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
# https://github.com/cryptpad/helm/blob/main/charts/cryptpad/README.md or
|
||||
# https://github.com/cryptpad/helm/blob/main/charts/cryptpad/values.yaml
|
||||
@@ -23,7 +26,7 @@ enableEmbedding: true
|
||||
fullnameOverride: "cryptpad"
|
||||
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.cryptpad.registry }}/{{ .Values.images.cryptpad.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.cryptpad.registry }}/{{ .Values.images.cryptpad.repository }}"
|
||||
tag: {{ .Values.images.cryptpad.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
configuration:
|
||||
endToEndEncryption: true
|
||||
@@ -121,7 +123,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.element.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.element.registry | quote }}
|
||||
repository: {{ .Values.images.element.repository | quote }}
|
||||
tag: {{ .Values.images.element.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -26,7 +29,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.matrixNeoBoardWidget.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.matrixNeoBoardWidget.registry | quote }}
|
||||
repository: {{ .Values.images.matrixNeoBoardWidget.repository | quote }}
|
||||
tag: {{ .Values.images.matrixNeoBoardWidget.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -26,7 +29,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.matrixNeoChoiceWidget.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.matrixNeoChoiceWidget.registry | quote }}
|
||||
repository: {{ .Values.images.matrixNeoChoiceWidget.repository | quote }}
|
||||
tag: {{ .Values.images.matrixNeoChoiceWidget.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
cleanup:
|
||||
deletePodsOnSuccess: {{ .Values.debug.cleanup.deletePodsOnSuccess }}
|
||||
@@ -16,7 +19,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.synapseCreateUser.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.synapseCreateUser.registry | quote }}
|
||||
url: {{ .Values.images.synapseCreateUser.repository | quote }}
|
||||
tag: {{ .Values.images.synapseCreateUser.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
global:
|
||||
domain: {{ .Values.global.domain | quote }}
|
||||
@@ -47,7 +50,7 @@ extraEnvVars:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.matrixNeoDateFixBot.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.matrixNeoDateFixBot.registry | quote }}
|
||||
repository: {{ .Values.images.matrixNeoDateFixBot.repository | quote }}
|
||||
tag: {{ .Values.images.matrixNeoDateFixBot.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
configuration:
|
||||
bot:
|
||||
@@ -31,7 +34,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.matrixNeoDateFixWidget.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.matrixNeoDateFixWidget.registry | quote }}
|
||||
repository: {{ .Values.images.matrixNeoDateFixWidget.repository | quote }}
|
||||
tag: {{ .Values.images.matrixNeoDateFixWidget.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
cleanup:
|
||||
deletePodsOnSuccess: {{ .Values.debug.cleanup.deletePodsOnSuccess }}
|
||||
@@ -16,7 +19,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.synapseCreateUser.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.synapseCreateUser.registry | quote }}
|
||||
url: {{ .Values.images.synapseCreateUser.repository | quote }}
|
||||
tag: {{ .Values.images.synapseCreateUser.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -35,7 +38,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.matrixUserVerificationService.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.matrixUserVerificationService.registry | quote }}
|
||||
repository: {{ .Values.images.matrixUserVerificationService.repository | quote }}
|
||||
tag: {{ .Values.images.matrixUserVerificationService.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
clusterDomain: {{ .Values.cluster.networking.domain }}
|
||||
|
||||
@@ -29,7 +32,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.synapseWeb.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.synapseWeb.registry | quote }}
|
||||
repository: {{ .Values.images.synapseWeb.repository | quote }}
|
||||
tag: {{ .Values.images.synapseWeb.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
configuration:
|
||||
additionalConfiguration:
|
||||
@@ -53,6 +56,9 @@ configuration:
|
||||
presence:
|
||||
enabled: {{ .Values.functional.dataProtection.matrixPresence.enabled }}
|
||||
|
||||
profile:
|
||||
allowUsersToUpdateDisplayname: {{ .Values.functional.chat.matrix.profile.allowUsersToUpdateDisplayname }}
|
||||
|
||||
smtp:
|
||||
senderAddress: "{{ .Values.smtp.localpartNoReply }}@{{ .Values.global.domain }}"
|
||||
host: {{ printf "%s.%s.svc.%s" "postfix" (.Values.postfix.namespace | default .Release.Namespace) .Values.cluster.networking.domain | quote }}
|
||||
@@ -66,6 +72,7 @@ configuration:
|
||||
clientId: "opendesk-matrix"
|
||||
clientSecret: {{ .Values.secrets.keycloak.clientSecret.matrix | quote }}
|
||||
issuer: "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/{{ .Values.platform.realm }}"
|
||||
matrixIdLocalpart: {{ if .Values.functional.chat.matrix.profile.useImmutableIdentifierForLocalpart }}"opendesk_useruuid"{{ else }}"opendesk_username"{{ end }}
|
||||
scopes:
|
||||
- "openid"
|
||||
- "opendesk-matrix-scope"
|
||||
@@ -87,7 +94,7 @@ configuration:
|
||||
enabled: true
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.synapseGuestModule.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.synapseGuestModule.registry | quote }}
|
||||
repository: {{ .Values.images.synapseGuestModule.repository | quote }}
|
||||
tag: {{ .Values.images.synapseGuestModule.tag | quote }}
|
||||
|
||||
@@ -126,7 +133,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.synapse.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.synapse.registry | quote }}
|
||||
repository: {{ .Values.images.synapse.repository | quote }}
|
||||
tag: {{ .Values.images.synapse.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
configuration:
|
||||
e2ee:
|
||||
@@ -30,7 +33,7 @@ global:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.wellKnown.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.wellKnown.registry | quote }}
|
||||
repository: {{ .Values.images.wellKnown.repository | quote }}
|
||||
tag: {{ .Values.images.wellKnown.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -55,7 +58,7 @@ ics:
|
||||
audience: "opendesk-nextcloud"
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.intercom.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.intercom.registry | quote }}
|
||||
repository: {{ .Values.images.intercom.repository | quote }}
|
||||
tag: {{ .Values.images.intercom.tag | quote }}
|
||||
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
@@ -31,7 +32,7 @@ cleanup:
|
||||
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.jitsiKeycloakAdapter.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jitsiKeycloakAdapter.registry | quote }}
|
||||
repository: {{ .Values.images.jitsiKeycloakAdapter.repository | quote }}
|
||||
tag: {{ .Values.images.jitsiKeycloakAdapter.tag | quote }}
|
||||
|
||||
@@ -48,7 +49,7 @@ jitsi:
|
||||
web:
|
||||
replicaCount: {{ .Values.replicas.jitsi }}
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.jitsi.registry }}/{{ .Values.images.jitsi.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jitsi.registry }}/{{ .Values.images.jitsi.repository }}"
|
||||
tag: {{ .Values.images.jitsi.tag | quote }}
|
||||
ingress:
|
||||
enabled: {{ .Values.ingress.enabled }}
|
||||
@@ -79,7 +80,7 @@ jitsi:
|
||||
{{ .Values.seLinuxOptions.jitsi | toYaml | nindent 8 }}
|
||||
prosody:
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.prosody.registry }}/{{ .Values.images.prosody.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.prosody.registry }}/{{ .Values.images.prosody.repository }}"
|
||||
tag: {{ .Values.images.prosody.tag | quote }}
|
||||
imagePullSecrets:
|
||||
{{- range .Values.global.imagePullSecrets }}
|
||||
@@ -128,7 +129,7 @@ jitsi:
|
||||
jicofo:
|
||||
replicaCount: {{ .Values.replicas.jicofo }}
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.jicofo.registry }}/{{ .Values.images.jicofo.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jicofo.registry }}/{{ .Values.images.jicofo.repository }}"
|
||||
tag: {{ .Values.images.jicofo.tag | quote }}
|
||||
xmpp:
|
||||
password: {{ .Values.secrets.jitsi.jicofoAuthPassword | quote }}
|
||||
@@ -150,7 +151,7 @@ jitsi:
|
||||
jvb:
|
||||
replicaCount: {{ .Values.replicas.jvb }}
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.jvb.registry }}/{{ .Values.images.jvb.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jvb.registry }}/{{ .Values.images.jvb.repository }}"
|
||||
tag: {{ .Values.images.jvb.tag | quote }}
|
||||
xmpp:
|
||||
password: {{ .Values.secrets.jitsi.jvbAuthPassword | quote }}
|
||||
@@ -173,7 +174,7 @@ jitsi:
|
||||
jibri:
|
||||
replicaCount: {{ .Values.replicas.jibri }}
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.jibri.registry }}/{{ .Values.images.jibri.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.jibri.registry }}/{{ .Values.images.jibri.repository }}"
|
||||
tag: {{ .Values.images.jibri.tag | quote }}
|
||||
recorder:
|
||||
password: {{ .Values.secrets.jitsi.jibriRecorderPassword | quote }}
|
||||
@@ -211,7 +212,7 @@ patchJVB:
|
||||
{{ .Values.seLinuxOptions.jitsiPatchJVB | toYaml | nindent 6 }}
|
||||
image:
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.jitsiPatchJVB.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.jitsiPatchJVB.registry | quote }}
|
||||
repository: {{ .Values.images.jitsiPatchJVB.repository | quote }}
|
||||
tag: {{ .Values.images.jitsiPatchJVB.tag | quote }}
|
||||
replicaCount: {{ .Values.replicas.jitsiKeycloakAdapter }}
|
||||
|
||||
@@ -73,6 +73,12 @@ configuration:
|
||||
value: "opendesk_username"
|
||||
password:
|
||||
value: {{ .Values.secrets.centralnavigation.apiKey | quote }}
|
||||
sharing:
|
||||
allowLinks: {{ .Values.functional.filestore.sharing.enableExternalSharing }}
|
||||
allowMailNotification: {{ .Values.functional.filestore.sharing.enableExternalSharing }}
|
||||
allowPublicUpload: {{ .Values.functional.filestore.sharing.enableExternalSharing }}
|
||||
enforceLinksPassword: {{ .Values.functional.filestore.sharing.enforceSharingPasswords }}
|
||||
enforcePasswordProtection: {{ .Values.functional.filestore.sharing.enforceSharingPasswords }}
|
||||
smtp:
|
||||
auth:
|
||||
enabled: false
|
||||
@@ -115,7 +121,7 @@ debug:
|
||||
loglevel: {{ if .Values.debug.enabled }}"0"{{ else }}"2"{{ end }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.nextcloudManagement.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nextcloudManagement.registry | quote }}
|
||||
repository: {{ .Values.images.nextcloudManagement.repository | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.nextcloudManagement.tag | quote }}
|
||||
|
||||
@@ -28,7 +28,7 @@ exporter:
|
||||
seLinuxOptions:
|
||||
{{ .Values.seLinuxOptions.nextcloudExporter | toYaml | nindent 6 }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.nextcloudExporter.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nextcloudExporter.registry | quote }}
|
||||
repository: "{{ .Values.images.nextcloudExporter.repository }}"
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.nextcloudExporter.tag | quote }}
|
||||
@@ -87,7 +87,7 @@ php:
|
||||
debug:
|
||||
loglevel: {{ if .Values.debug.enabled }}"0"{{ else }}"2"{{ end }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.nextcloudPHP.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nextcloudPHP.registry | quote }}
|
||||
repository: "{{ .Values.images.nextcloudPHP.repository }}"
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.nextcloudPHP.tag | quote }}
|
||||
@@ -138,7 +138,7 @@ apache2:
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.nextcloudApache2.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nextcloudApache2.registry | quote }}
|
||||
repository: {{ .Values.images.nextcloudApache2.repository | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.nextcloudApache2.tag | quote }}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
# SPDX-FileCopyrightText: 2024 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
global:
|
||||
nubusDeployment: true
|
||||
@@ -8,7 +10,7 @@ global:
|
||||
domainName: {{ .Values.global.domain | quote }}
|
||||
domain: {{ .Values.global.domain | quote }}
|
||||
ingressClass: {{ .Values.ingress.ingressClassName | default "nginx" | quote }}
|
||||
certManagerIssuer: "letsencrypt-prod-dns"
|
||||
certManagerIssuer: {{ .Values.certificate.issuerRef.name | quote }}
|
||||
nubusMasterPassword: {{ env "MASTER_PASSWORD" | default "sovereign-workplace" | quote }}
|
||||
keycloak:
|
||||
realm: {{ .Values.platform.realm | quote }}
|
||||
@@ -29,16 +31,16 @@ global:
|
||||
extensions:
|
||||
- name: "ox"
|
||||
image:
|
||||
registry: {{ .Values.images.nubusOxExtension.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusOxExtension.registry | quote }}
|
||||
repository: {{ .Values.images.nubusOxExtension.repository }}
|
||||
tag: {{ .Values.images.nubusOxExtension.tag }}
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
|
||||
- name: "opendesk"
|
||||
image:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
tag: "1.1.0"
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusOpendeskExtension.registry | quote }}
|
||||
repository: {{ .Values.images.nubusOpendeskExtension.repository }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
|
||||
tag: {{ .Values.images.nubusOpendeskExtension.tag }}
|
||||
|
||||
# -- Allows to configure the system extensions to load. This is intended for
|
||||
# internal usage, prefer to use `global.extensions` for user configured
|
||||
@@ -46,10 +48,87 @@ global:
|
||||
systemExtensions:
|
||||
- name: "portal"
|
||||
image:
|
||||
registry: {{ .Values.images.nubusPortalExtension.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalExtension.registry | quote }}
|
||||
repository: {{ .Values.images.nubusPortalExtension.repository }}
|
||||
tag: {{ .Values.images.nubusPortalExtension.tag }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
configUcr:
|
||||
directory:
|
||||
manager:
|
||||
web:
|
||||
modules:
|
||||
users:
|
||||
user:
|
||||
add:
|
||||
default: cn=openDesk User,cn=templates,cn=univention,{{ .Values.ldap.baseDn }}
|
||||
properties:
|
||||
description:
|
||||
syntax: TextArea
|
||||
firstname:
|
||||
required: "true"
|
||||
mailPrimaryAddress:
|
||||
required: "true"
|
||||
username:
|
||||
syntax: uid
|
||||
search:
|
||||
autosearch: "False"
|
||||
wizard:
|
||||
property:
|
||||
invite:
|
||||
default: "True"
|
||||
overridePWLength:
|
||||
default: "False"
|
||||
visible: "False"
|
||||
pwdChangeNextLogin:
|
||||
default: "True"
|
||||
visible: "False"
|
||||
wizard:
|
||||
disabled: "No"
|
||||
|
||||
ucs:
|
||||
web:
|
||||
theme: light
|
||||
|
||||
umc:
|
||||
cookie-banner:
|
||||
show: "false"
|
||||
login:
|
||||
password-complexity-message:
|
||||
de: "Das Passwort muss den folgenden Anforderungen entsprechen:<br><ul><li>Mindestlänge: 8 Zeichen</li></ul>Anmerkung: Wird befinden uns nicht in einer Produktivumgebung."
|
||||
en: "Password must comply with the following rules:<br><ul><li>Minimum length: 8 characters</li></ul>Note: We are in a non production (dev/test/demo) system."
|
||||
module:
|
||||
udm:
|
||||
oxmail:
|
||||
oxcontext:
|
||||
disabled: "True"
|
||||
portals:
|
||||
all:
|
||||
disabled: "True"
|
||||
self-service:
|
||||
passwordreset:
|
||||
token_validity_period: 172800
|
||||
|
||||
password:
|
||||
# quality:
|
||||
# length:
|
||||
# min: 8
|
||||
# required:
|
||||
# chars:
|
||||
# forbidden:
|
||||
# chars:
|
||||
# credit:
|
||||
# digits: 1
|
||||
# upper: 0
|
||||
# other: 0
|
||||
# lower: 1
|
||||
# mspolicy: false
|
||||
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
# Nubus bundled services
|
||||
postgresql:
|
||||
@@ -93,7 +172,11 @@ nubusGuardian:
|
||||
credentialSecret:
|
||||
name: "ums-opendesk-guardian-client-secret"
|
||||
key: "managementApiClientSecret"
|
||||
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
postgresql:
|
||||
connection:
|
||||
host: {{ .Values.databases.umsGuardianManagementApi.host | quote }}
|
||||
@@ -114,6 +197,11 @@ nubusNotificationsApi:
|
||||
username: {{ .Values.databases.umsNotificationsApi.username | quote }}
|
||||
database: {{ .Values.databases.umsNotificationsApi.name | quote }}
|
||||
existingSecret: "ums-notifications-api-postgresql-opendesk-credentials"
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
|
||||
nubusKeycloakExtensions:
|
||||
@@ -138,6 +226,10 @@ nubusKeycloakExtensions:
|
||||
path: "/resources/"
|
||||
- pathType: "Prefix"
|
||||
path: "/fingerprintjs"
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
|
||||
postgresql:
|
||||
@@ -168,7 +260,15 @@ nubusKeycloakExtensions:
|
||||
newDeviceLoginSubject: "New device login on your {{ .Values.theme.texts.productName }} account"
|
||||
mailFrom: "{{ .Values.smtp.localpartNoReply }}@{{ .Values.global.domain }}"
|
||||
|
||||
nubusPortalFrontend:
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
nubusPortalListener:
|
||||
enabled: true
|
||||
portalListener:
|
||||
objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
|
||||
objectStorageBucket: {{ .Values.objectstores.nubus.bucket | quote }}
|
||||
@@ -177,6 +277,20 @@ nubusPortalListener:
|
||||
accessKeyKey: "access-key-id"
|
||||
secretKeyKey: "secret-key-id"
|
||||
|
||||
nubusPortalConsumer:
|
||||
enabled: false
|
||||
portalConsumer:
|
||||
logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }}
|
||||
objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
|
||||
objectStorageBucket: {{ .Values.objectstores.nubus.bucket | quote }}
|
||||
objectStorageCredentialSecret:
|
||||
name: "ums-portal-consumer-minio-opendesk-credentials"
|
||||
accessKeyKey: "access-key-id"
|
||||
secretKeyKey: "secret-key-id"
|
||||
provisioningApi:
|
||||
auth:
|
||||
username: "portal-consumer"
|
||||
|
||||
nubusPortalServer:
|
||||
portalServer:
|
||||
objectStorageEndpoint: {{ .Values.objectstores.nubus.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
|
||||
@@ -188,16 +302,28 @@ nubusPortalServer:
|
||||
centralNavigation:
|
||||
enabled: true
|
||||
authenticatorSecretName: "ums-opendesk-portal-server-central-navigation"
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
nubusUdmRestApi:
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
# NOTE: disabled until the next update.
|
||||
nubusProvisioning:
|
||||
enabled: false
|
||||
nubusUdmListener:
|
||||
enabled: false
|
||||
nubusSelfServiceListener:
|
||||
enabled: true
|
||||
selfserviceListener:
|
||||
umcAdminUser: "default.admin"
|
||||
|
||||
nubusSelfServiceConsumer:
|
||||
enabled: false
|
||||
|
||||
# Nubus services
|
||||
nubusStackDataUms:
|
||||
@@ -209,6 +335,50 @@ nubusStackDataUms:
|
||||
externalMailDomain: {{ .Values.global.mailDomain | default .Values.global.domain }}
|
||||
umcHtmlTitle: "openDesk Portal"
|
||||
installUmcPolicies: true
|
||||
smtpHost: {{ printf "%s.%s.svc.%s" "postfix" (.Values.postfix.namespace | default .Release.Namespace) .Values.cluster.networking.domain | quote }}
|
||||
smtpPort: 25
|
||||
smtpUser: ""
|
||||
smtpStartTls: false
|
||||
ldapBase: {{ .Values.ldap.baseDn }}
|
||||
templateContext:
|
||||
portalRealtimeCollaborationLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.element .Values.global.domain }}
|
||||
portalRealtimeVideoconferenceLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.jitsi .Values.global.domain }}
|
||||
portalManagementProjectLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.openproject .Values.global.domain }}
|
||||
portalManagementKnowledgeLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.xwiki .Values.global.domain }}
|
||||
portalGroupwareLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.openxchange .Values.global.domain }}
|
||||
portalFileshareLinkBase: {{ printf "https://%s.%s" .Values.global.hosts.nextcloud .Values.global.domain }}
|
||||
portalTitleDE: "openDesk Portal"
|
||||
portalTitleEN: "openDesk Portal"
|
||||
oxDefaultContext: "1"
|
||||
ldapSearchUsers:
|
||||
{{- range $username, $password := .Values.secrets.nubus.ldapSearch }}
|
||||
- username: {{ printf "ldapsearch_%s" $username | quote }}
|
||||
password: {{ $password | quote }}
|
||||
lastname: "LDAP-Search-User"
|
||||
{{- end }}
|
||||
ldapSystemUsers: []
|
||||
portaltileGroupUserStandard:
|
||||
- 'cn=Domain Users,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
- 'cn=Domain Users,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupUserAdmin:
|
||||
- 'cn=Domain Admins,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
- 'cn=Support,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupUserAll:
|
||||
- 'cn=Domain Admins,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
- 'cn=Domain Users,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupGroupware:
|
||||
- 'cn=managed-by-attribute-Groupware,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupFileshare:
|
||||
- 'cn=managed-by-attribute-Fileshare,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupManagementProject:
|
||||
- 'cn=managed-by-attribute-Projectmanagement,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupManagementKnowledge:
|
||||
- 'cn=managed-by-attribute-Knowledgemanagement,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupManagementLearn:
|
||||
- 'cn=managed-by-attribute-Learnmanagement,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
portaltileGroupLiveCollaboration:
|
||||
- 'cn=managed-by-attribute-Livecollaboration,cn=groups,{{ .Values.ldap.baseDn }}'
|
||||
|
||||
nubusUmcServer:
|
||||
memcached:
|
||||
auth:
|
||||
@@ -223,12 +393,6 @@ nubusStackDataSwp:
|
||||
releaseVersion: "Release: {{ .Values.global.systemInformation.releaseVersion }}"
|
||||
{{- end }}
|
||||
stackDataContext:
|
||||
ldapSearchUsers:
|
||||
{{- range $username, $password := .Values.secrets.nubus.ldapSearch }}
|
||||
- username: {{ printf "ldapsearch_%s" $username | quote }}
|
||||
password: {{ $password | quote }}
|
||||
lastname: "LDAP-Search-User"
|
||||
{{- end }}
|
||||
externalMailDomain: {{ .Values.global.mailDomain | default .Values.global.domain }}
|
||||
smtpHost: {{ printf "%s.%s.svc.%s" "postfix" (.Values.postfix.namespace | default .Release.Namespace) .Values.cluster.networking.domain | quote }}
|
||||
smtpPort: 25
|
||||
@@ -268,10 +432,20 @@ nubusUmcServer:
|
||||
smtp:
|
||||
credentialSecret:
|
||||
name: "ums-umc-server-smtp-credentials-custom"
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
nubusUmcGateway:
|
||||
umcGateway:
|
||||
umcHtmlTitle: "openDesk Portal"
|
||||
ingress:
|
||||
certManager:
|
||||
enabled: false
|
||||
tls:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
|
||||
nubusKeycloakBootstrap:
|
||||
keycloak:
|
||||
@@ -328,6 +502,10 @@ extraSecrets:
|
||||
stringData:
|
||||
access-key-id: {{ .Values.objectstores.nubus.username | quote }}
|
||||
secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }}
|
||||
- name: "ums-portal-consumer-minio-opendesk-credentials"
|
||||
stringData:
|
||||
access-key-id: {{ .Values.objectstores.nubus.username | quote }}
|
||||
secret-key-id: {{ .Values.objectstores.nubus.secretKey | default .Values.secrets.minio.umsUser | quote }}
|
||||
- name: "ums-umc-server-smtp-credentials-custom"
|
||||
stringData:
|
||||
password: ""
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
# SPDX-FileCopyrightText: 2024 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
keycloak:
|
||||
enabled: true
|
||||
@@ -13,21 +15,25 @@ guardian:
|
||||
authorizationApi:
|
||||
podAnnotations:
|
||||
intents.otterize.com/service-name: "ums-guardian-authorization-api"
|
||||
replicaCount: {{ .Values.replicas.umsGuardianAuthorizationApi }}
|
||||
resources:
|
||||
{{ .Values.resources.umsGuardianAuthorizationApi | toYaml | nindent 6 }}
|
||||
managementApi:
|
||||
podAnnotations:
|
||||
intents.otterize.com/service-name: "ums-guardian-management-api"
|
||||
replicaCount: {{ .Values.replicas.umsGuardianManagementApi }}
|
||||
resources:
|
||||
{{ .Values.resources.umsGuardianManagementApi | toYaml | nindent 6 }}
|
||||
managementUi:
|
||||
podAnnotations:
|
||||
intents.otterize.com/service-name: "ums-guardian-management-ui"
|
||||
replicaCount: {{ .Values.replicas.umsGuardianManagementUi }}
|
||||
resources:
|
||||
{{ .Values.resources.umsGuardianManagementUi | toYaml | nindent 6 }}#
|
||||
openPolicyAgent:
|
||||
podAnnotations:
|
||||
intents.otterize.com/service-name: "ums-ums-open-policy-agent"
|
||||
replicaCount: {{ .Values.replicas.umsGuardianOpenPolicyAgent }}
|
||||
resources:
|
||||
{{ .Values.resources.umsOpenPolicyAgent | toYaml | nindent 6 }}
|
||||
provisioning:
|
||||
@@ -91,6 +97,18 @@ nubusPortalListener:
|
||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||
size: {{ .Values.persistence.size.nubus.portalListener | quote }}
|
||||
|
||||
nubusPortalConsumer:
|
||||
podAnnotations:
|
||||
intents.otterize.com/service-name: "ums-portal-consumer"
|
||||
replicaCount: {{ .Values.replicas.umsPortalConsumer }}
|
||||
resources:
|
||||
{{ .Values.resources.umsPortalConsumer | toYaml | nindent 4 }}
|
||||
resourcesWaitForDependency:
|
||||
{{ .Values.resources.umsPortalConsumerDependencies | toYaml | nindent 4 }}
|
||||
persistence:
|
||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||
size: {{ .Values.persistence.size.nubus.portalConsumer | quote }}
|
||||
|
||||
nubusPortalServer:
|
||||
additionalAnnotations:
|
||||
intents.otterize.com/service-name: "ums-portal-server"
|
||||
@@ -109,6 +127,10 @@ nubusLdapNotifier:
|
||||
{{ .Values.resources.umsLdapNotifier | toYaml | nindent 4 }}
|
||||
|
||||
nubusLdapServer:
|
||||
highAvailabilityMode: false
|
||||
replicaCountPrimary: 1
|
||||
replicaCountSecondary: {{ .Values.replicas.umsLdapServerSecondary }}
|
||||
replicaCountProxy: {{ .Values.replicas.umsLdapServerProxy }}
|
||||
additionalAnnotations:
|
||||
intents.otterize.com/service-name: "ums-ldap-server"
|
||||
serviceAccount:
|
||||
@@ -171,15 +193,6 @@ nubusUmcGateway:
|
||||
replicaCount: {{ .Values.replicas.umsUmcGateway }}
|
||||
resources:
|
||||
{{ .Values.resources.umsUmcGateway | toYaml | nindent 4 }}
|
||||
extraVolumes:
|
||||
- name: "entrypoint-swp-patches"
|
||||
configMap:
|
||||
name: "ums-stack-data-swp-umc-gateway-entrypoint"
|
||||
defaultMode: 0555
|
||||
extraVolumeMounts:
|
||||
- name: "entrypoint-swp-patches"
|
||||
mountPath: "/entrypoint.d/90-swp.sh"
|
||||
subPath: "90-swp.sh"
|
||||
|
||||
nubusKeycloakBootstrap:
|
||||
podAnnotations:
|
||||
|
||||
@@ -1,202 +1,193 @@
|
||||
# SPDX-FileCopyrightText: 2024 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
keycloak:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusKeycloak.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusKeycloak.registry | quote }}
|
||||
repository: {{ .Values.images.nubusKeycloak.repository }}
|
||||
tag: {{ .Values.images.nubusKeycloak.tag }}
|
||||
|
||||
nubusKeycloakBootstrap:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusKeycloakBootstrap.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusKeycloakBootstrap.registry | quote }}
|
||||
repository: {{ .Values.images.nubusKeycloakBootstrap.repository }}
|
||||
tag: {{ .Values.images.nubusKeycloakBootstrap.tag }}
|
||||
|
||||
nubusKeycloakExtensions:
|
||||
handler:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusKeycloakExtensionHandler.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusKeycloakExtensionHandler.registry | quote }}
|
||||
repository: {{ .Values.images.nubusKeycloakExtensionHandler.repository }}
|
||||
tag: {{ .Values.images.nubusKeycloakExtensionHandler.tag }}
|
||||
|
||||
proxy:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusKeycloakExtensionProxy.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusKeycloakExtensionProxy.registry | quote }}
|
||||
repository: {{ .Values.images.nubusKeycloakExtensionProxy.repository }}
|
||||
tag: {{ .Values.images.nubusKeycloakExtensionProxy.tag }}
|
||||
|
||||
nubusLdapNotifier:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusLdapNotifier.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusLdapNotifier.registry | quote }}
|
||||
repository: {{ .Values.images.nubusLdapNotifier.repository }}
|
||||
tag: {{ .Values.images.nubusLdapNotifier.tag }}
|
||||
|
||||
nubusLdapServer:
|
||||
ldapServer:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusLdapServer.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusLdapServer.registry | quote }}
|
||||
repository: {{ .Values.images.nubusLdapServer.repository }}
|
||||
tag: {{ .Values.images.nubusLdapServer.tag }}
|
||||
dhInitcontainer:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusLdapServerDhInitContainer.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusLdapServerDhInitContainer.registry | quote }}
|
||||
repository: {{ .Values.images.nubusLdapServerDhInitContainer.repository }}
|
||||
tag: {{ .Values.images.nubusLdapServerDhInitContainer.tag }}
|
||||
waitForDependency:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusWaitForDependency.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }}
|
||||
repository: {{ .Values.images.nubusWaitForDependency.repository }}
|
||||
tag: {{ .Values.images.nubusWaitForDependency.tag }}
|
||||
|
||||
|
||||
nubusPortalConsumer:
|
||||
portalConsumer:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusPortalConsumer.registry }}
|
||||
repository: {{ .Values.images.nubusPortalConsumer.repository }}
|
||||
tag: {{ .Values.images.nubusPortalConsumer.tag }}
|
||||
|
||||
|
||||
nubusNotificationsApi:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusNotificationsApi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusNotificationsApi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusNotificationsApi.repository }}
|
||||
tag: {{ .Values.images.nubusNotificationsApi.tag }}
|
||||
|
||||
nubusPortalFrontend:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusPortalFrontend.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalFrontend.registry | quote }}
|
||||
repository: {{ .Values.images.nubusPortalFrontend.repository }}
|
||||
tag: {{ .Values.images.nubusPortalFrontend.tag }}
|
||||
|
||||
nubusPortalListener:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusPortalListener.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalListener.registry | quote }}
|
||||
repository: {{ .Values.images.nubusPortalListener.repository }}
|
||||
tag: {{ .Values.images.nubusPortalListener.tag }}
|
||||
|
||||
nubusPortalConsumer:
|
||||
portalConsumer:
|
||||
image:
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalConsumer.registry | quote }}
|
||||
repository: {{ .Values.images.nubusPortalConsumer.repository }}
|
||||
tag: {{ .Values.images.nubusPortalConsumer.tag }}
|
||||
waitForDependency:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusWaitForDependency.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }}
|
||||
repository: {{ .Values.images.nubusWaitForDependency.repository }}
|
||||
tag: {{ .Values.images.nubusWaitForDependency.tag }}
|
||||
|
||||
nubusPortalServer:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusPortalServer.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusPortalServer.registry | quote }}
|
||||
repository: {{ .Values.images.nubusPortalServer.repository }}
|
||||
tag: {{ .Values.images.nubusPortalServer.tag }}
|
||||
|
||||
nubusProvisioning:
|
||||
api:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningEventsAndConsumerApi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningEventsAndConsumerApi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningEventsAndConsumerApi.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningEventsAndConsumerApi.tag }}
|
||||
dispatcher:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningDispatcher.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningDispatcher.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningDispatcher.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningDispatcher.tag }}
|
||||
udmTransformer:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningUdmTransformer.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningUdmTransformer.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningUdmTransformer.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningUdmTransformer.tag }}
|
||||
prefill:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningPrefill.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningPrefill.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningPrefill.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningPrefill.tag }}
|
||||
registerConsumers:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusWaitForDependency.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }}
|
||||
repository: {{ .Values.images.nubusWaitForDependency.repository }}
|
||||
tag: {{ .Values.images.nubusWaitForDependency.tag }}
|
||||
nats:
|
||||
nats:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusNats.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.nubusNats.registry | quote }}
|
||||
repository: {{ .Values.images.nubusNats.repository }}
|
||||
tag: {{ .Values.images.nubusNats.tag }}
|
||||
reloader:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusNatsReloader.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.nubusNatsReloader.registry | quote }}
|
||||
repository: {{ .Values.images.nubusNatsReloader.repository }}
|
||||
tag: {{ .Values.images.nubusNatsReloader.tag }}
|
||||
natsBox:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusNatsBox.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.nubusNatsBox.registry | quote }}
|
||||
repository: {{ .Values.images.nubusNatsBox.repository }}
|
||||
tag: {{ .Values.images.nubusNatsBox.tag }}
|
||||
|
||||
nubusProvisioningEventsAndConsumerApi:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningEventsAndConsumerApi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningEventsAndConsumerApi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningEventsAndConsumerApi.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningEventsAndConsumerApi.tag }}
|
||||
|
||||
nubusProvisioningPrefill:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningPrefill.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningPrefill.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningPrefill.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningPrefill.tag }}
|
||||
|
||||
nubusUdmListener:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusProvisioningUdmListener.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusProvisioningUdmListener.registry | quote }}
|
||||
repository: {{ .Values.images.nubusProvisioningUdmListener.repository }}
|
||||
tag: {{ .Values.images.nubusProvisioningUdmListener.tag }}
|
||||
|
||||
nubusSelfServiceListener:
|
||||
selfserviceListener:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusSelfserviceListener.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusSelfserviceListener.registry | quote }}
|
||||
repository: {{ .Values.images.nubusSelfserviceListener.repository }}
|
||||
tag: {{ .Values.images.nubusSelfserviceListener.tag }}
|
||||
|
||||
selfserviceInvitation:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusSelfserviceInvitation.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusSelfserviceInvitation.registry | quote }}
|
||||
repository: {{ .Values.images.nubusSelfserviceInvitation.repository }}
|
||||
tag: {{ .Values.images.nubusSelfserviceInvitation.tag }}
|
||||
waitForDependency:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusWaitForDependency.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }}
|
||||
repository: {{ .Values.images.nubusWaitForDependency.repository }}
|
||||
tag: {{ .Values.images.nubusWaitForDependency.tag }}
|
||||
|
||||
nubusUdmRestApi:
|
||||
# oxPlugin:
|
||||
# image:
|
||||
# registry: \{\{ .Values.images.nubusUdmRestApiOxPlugin.registry }}
|
||||
# repository: \{\{ .Values.images.nubusUdmRestApiOxPlugin.repository }}
|
||||
# tag: \{\{ .Values.images.nubusUdmRestApiOxPlugin.tag }}
|
||||
# portalPlugin:
|
||||
# image:
|
||||
# registry: \{\{ .Values.images.nubusUdmRestApiPortalPlugin.registry }}
|
||||
# repository: \{\{ .Values.images.nubusUdmRestApiPortalPlugin.repository }}
|
||||
# tag: \{\{ .Values.images.nubusUdmRestApiPortalPlugin.tag }}
|
||||
udmRestApi:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusUdmRestApi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusUdmRestApi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusUdmRestApi.repository }}
|
||||
tag: {{ .Values.images.nubusUdmRestApi.tag }}
|
||||
|
||||
nubusUmcGateway:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusUmcGateway.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusUmcGateway.registry | quote }}
|
||||
repository: {{ .Values.images.nubusUmcGateway.repository }}
|
||||
tag: {{ .Values.images.nubusUmcGateway.tag }}
|
||||
|
||||
nubusUmcServer:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusUmcServer.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusUmcServer.registry | quote }}
|
||||
repository: {{ .Values.images.nubusUmcServer.repository }}
|
||||
tag: {{ .Values.images.nubusUmcServer.tag }}
|
||||
|
||||
nubusWaitForDependency:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusWaitForDependency.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusWaitForDependency.registry | quote }}
|
||||
repository: {{ .Values.images.nubusWaitForDependency.repository }}
|
||||
tag: {{ .Values.images.nubusWaitForDependency.tag }}
|
||||
|
||||
@@ -204,38 +195,38 @@ nubusWaitForDependency:
|
||||
nubusGuardian:
|
||||
provisioning:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusGuardianProvisioning.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusGuardianProvisioning.registry | quote }}
|
||||
repository: {{ .Values.images.nubusGuardianProvisioning.repository }}
|
||||
tag: {{ .Values.images.nubusGuardianProvisioning.tag }}
|
||||
authorizationApi:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusGuardianAuthorizationApi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusGuardianAuthorizationApi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusGuardianAuthorizationApi.repository }}
|
||||
tag: {{ .Values.images.nubusGuardianAuthorizationApi.tag }}
|
||||
managementApi:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusGuardianManagementApi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusGuardianManagementApi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusGuardianManagementApi.repository }}
|
||||
tag: {{ .Values.images.nubusGuardianManagementApi.tag }}
|
||||
managementUi:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusGuardianManagementUi.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusGuardianManagementUi.registry | quote }}
|
||||
repository: {{ .Values.images.nubusGuardianManagementUi.repository }}
|
||||
tag: {{ .Values.images.nubusGuardianManagementUi.tag }}
|
||||
openPolicyAgent:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusOpenPolicyAgent.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusOpenPolicyAgent.registry | quote }}
|
||||
repository: {{ .Values.images.nubusOpenPolicyAgent.repository }}
|
||||
tag: {{ .Values.images.nubusOpenPolicyAgent.tag }}
|
||||
|
||||
nubusStackDataUms:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusDataLoader.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusDataLoader.registry | quote }}
|
||||
repository: {{ .Values.images.nubusDataLoader.repository }}
|
||||
tag: {{ .Values.images.nubusDataLoader.tag }}
|
||||
|
||||
nubusStackDataSwp:
|
||||
image:
|
||||
registry: {{ .Values.images.nubusDataLoader.registry }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.nubusDataLoader.registry | quote }}
|
||||
repository: {{ .Values.images.nubusDataLoader.repository }}
|
||||
tag: {{ .Values.images.nubusDataLoader.tag }}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
@@ -11,7 +11,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.opendeskKeycloakBootstrap.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.opendeskKeycloakBootstrap.registry | quote }}
|
||||
repository: {{ .Values.images.opendeskKeycloakBootstrap.repository | quote }}
|
||||
tag: {{ .Values.images.opendeskKeycloakBootstrap.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.dovecot.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.dovecot.registry | quote }}
|
||||
repository: {{ .Values.images.dovecot.repository | quote }}
|
||||
tag: {{ .Values.images.dovecot.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
@@ -8,7 +9,7 @@ cleanup:
|
||||
deletePodsOnSuccessTimeout: {{ .Values.debug.cleanup.deletePodsOnSuccessTimeout }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeBootstrap.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.openxchangeBootstrap.registry | quote }}
|
||||
url: {{ .Values.images.openxchangeBootstrap.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeBootstrap.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
appsuite:
|
||||
core-mw:
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
@@ -19,13 +20,14 @@ global:
|
||||
|
||||
nextcloud-integration-ui:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeNextcloudIntegrationUI.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeNextcloudIntegrationUI.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeNextcloudIntegrationUI.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeNextcloudIntegrationUI.tag | quote }}
|
||||
imagePullSecrets:
|
||||
{{- range .Values.global.imagePullSecrets }}
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
replicaCount: {{ .Values.replicas.openxchangeNextcloudIntegrationUI }}
|
||||
resources:
|
||||
{{ .Values.resources.openxchangeNextcloudIntegrationUI | toYaml | nindent 4 }}
|
||||
securityContext:
|
||||
@@ -46,7 +48,7 @@ nextcloud-integration-ui:
|
||||
|
||||
public-sector-ui:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangePublicSectorUI.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangePublicSectorUI.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangePublicSectorUI.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangePublicSectorUI.tag | quote }}
|
||||
imagePullSecrets:
|
||||
@@ -54,6 +56,7 @@ public-sector-ui:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
replicaCount: {{ .Values.replicas.openxchangePublicSectorUI }}
|
||||
resources:
|
||||
{{ .Values.resources.openxchangePublicSectorUI | toYaml | nindent 4 }}
|
||||
securityContext:
|
||||
@@ -131,9 +134,10 @@ appsuite:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
image:
|
||||
repository: "{{ .Values.global.imageRegistry | default .Values.images.openxchangeGotenberg.registry }}/{{ .Values.images.openxchangeGotenberg.repository }}"
|
||||
repository: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeGotenberg.registry }}/{{ .Values.images.openxchangeGotenberg.repository }}"
|
||||
tag: {{ .Values.images.openxchangeGotenberg.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
replicaCount: {{ .Values.replicas.openxchangeGotenberg }}
|
||||
resources:
|
||||
{{ .Values.resources.openxchangeGotenberg | toYaml | nindent 8 }}
|
||||
securityContext:
|
||||
@@ -341,7 +345,7 @@ appsuite:
|
||||
enabled: true
|
||||
password: {{ .Values.secrets.redis.password | quote }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeCoreMW.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeCoreMW.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeCoreMW.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeCoreMW.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
@@ -356,6 +360,7 @@ appsuite:
|
||||
{{- range .Values.global.imagePullSecrets }}
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
replicas: {{ .Values.replicas.openxchangeCoreMW }}
|
||||
resources:
|
||||
{{ .Values.resources.openxchangeCoreMW | toYaml | nindent 6 }}
|
||||
|
||||
@@ -366,10 +371,11 @@ appsuite:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeCoreUI.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeCoreUI.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeCoreUI.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeCoreUI.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
replicaCount: {{ .Values.replicas.openxchangeCoreUI }}
|
||||
resources:
|
||||
{{ .Values.resources.openxchangeCoreUI | toYaml | nindent 6 }}
|
||||
securityContext:
|
||||
@@ -398,12 +404,13 @@ appsuite:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeCoreUIMiddleware.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeCoreUIMiddleware.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeCoreUIMiddleware.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeCoreUIMiddleware.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
overrides: {}
|
||||
redis: *redisConfiguration
|
||||
replicaCount: {{ .Values.replicas.openxchangeCoreUIMiddleware }}
|
||||
resources:
|
||||
{{ .Values.resources.openxchangeCoreUIMiddleware | toYaml | nindent 6 }}
|
||||
updater:
|
||||
@@ -437,10 +444,11 @@ appsuite:
|
||||
remoteCache:
|
||||
enabled: false
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeDocumentConverter.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeDocumentConverter.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeDocumentConverter.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeDocumentConverter.tag | quote }}
|
||||
redis: *redisConfiguration
|
||||
replicaCount: {{ .Values.replicas.openxchangeCoreDocumentConverter }}
|
||||
resources:
|
||||
{{- .Values.resources.openxchangeCoreDocumentConverter | toYaml | nindent 6 }}
|
||||
securityContext:
|
||||
@@ -482,10 +490,11 @@ appsuite:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeCoreGuidedtours.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeCoreGuidedtours.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeCoreGuidedtours.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeCoreGuidedtours.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
replicaCount: {{ .Values.replicas.openxchangeCoreGuidedtours }}
|
||||
resources:
|
||||
{{- .Values.resources.openxchangeCoreGuidedtours | toYaml | nindent 6 }}
|
||||
securityContext:
|
||||
@@ -510,7 +519,7 @@ appsuite:
|
||||
basicAuthLogin: "oxlogin"
|
||||
basicAuthPassword: {{ .Values.secrets.oxAppsuite.basicAuthPassword | quote }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeImageConverter.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeImageConverter.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeImageConverter.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeImageConverter.tag | quote }}
|
||||
objectCache:
|
||||
@@ -520,6 +529,7 @@ appsuite:
|
||||
accessKey: "."
|
||||
secretKey: "."
|
||||
redis: *redisConfiguration
|
||||
replicaCount: {{ .Values.replicas.openxchangeCoreImageConverter }}
|
||||
resources:
|
||||
{{- .Values.resources.openxchangeCoreImageConverter | toYaml | nindent 6 }}
|
||||
securityContext:
|
||||
@@ -546,10 +556,11 @@ appsuite:
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeGuardUI.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeGuardUI.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeGuardUI.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeGuardUI.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
replicaCount: {{ .Values.replicas.openxchangeGuardUI }}
|
||||
resources:
|
||||
{{- .Values.resources.openxchangeGuardUI | toYaml | nindent 6 }}
|
||||
securityContext:
|
||||
@@ -572,7 +583,7 @@ appsuite:
|
||||
core-user-guide:
|
||||
enabled: true
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openxchangeCoreUserGuide.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openxchangeCoreUserGuide.registry | quote }}
|
||||
repository: {{ .Values.images.openxchangeCoreUserGuide.repository | quote }}
|
||||
tag: {{ .Values.images.openxchangeCoreUserGuide.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
@@ -580,6 +591,7 @@ appsuite:
|
||||
{{- range .Values.global.imagePullSecrets }}
|
||||
- name: {{ . | quote }}
|
||||
{{- end }}
|
||||
replicaCount: {{ .Values.replicas.openxchangeCoreUserGuide }}
|
||||
resources:
|
||||
{{- .Values.resources.openxchangeCoreUserGuide | toYaml | nindent 6 }}
|
||||
securityContext:
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
@@ -42,7 +43,7 @@ containerSecurityContext:
|
||||
{{ .Values.seLinuxOptions.openprojectBootstrap | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openprojectBootstrap.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openprojectBootstrap.registry | quote }}
|
||||
repository: {{ .Values.images.openprojectBootstrap.repository | quote }}
|
||||
tag: {{ .Values.images.openprojectBootstrap.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy |quote }}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
@@ -76,14 +77,14 @@ environment:
|
||||
{{- end }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openproject.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.openproject.registry | quote }}
|
||||
repository: {{ .Values.images.openproject.repository | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.openproject.tag | quote }}
|
||||
|
||||
initdb:
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.openprojectInitDb.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.openprojectInitDb.registry | quote }}
|
||||
repository: {{ .Values.images.openprojectInitDb.repository | quote }}
|
||||
tag: {{ .Values.images.openprojectInitDb.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,8 +1,11 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.oxConnector.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.oxConnector.registry | quote }}
|
||||
repository: {{ .Values.images.oxConnector.repository | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
tag: {{ .Values.images.oxConnector.tag | quote }}
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
clamd:
|
||||
containerSecurityContext:
|
||||
@@ -18,7 +21,7 @@ clamd:
|
||||
seLinuxOptions:
|
||||
{{ .Values.seLinuxOptions.clamd | toYaml | nindent 6 }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.clamd.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.clamd.registry | quote }}
|
||||
repository: {{ .Values.images.clamd.repository | quote }}
|
||||
tag: {{ .Values.images.clamd.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
@@ -62,7 +65,7 @@ freshclam:
|
||||
seLinuxOptions:
|
||||
{{ .Values.seLinuxOptions.freshclam | toYaml | nindent 6 }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.freshclam.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.freshclam.registry | quote }}
|
||||
repository: {{ .Values.images.freshclam.repository | quote }}
|
||||
tag: {{ .Values.images.freshclam.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
@@ -73,7 +76,15 @@ freshclam:
|
||||
replicaCount: {{ .Values.replicas.freshclam }}
|
||||
resources:
|
||||
{{ .Values.resources.freshclam | toYaml | nindent 4 }}
|
||||
|
||||
settings:
|
||||
database:
|
||||
auth:
|
||||
{{ .Values.repositories.clamav.auth | toYaml | nindent 8 }}
|
||||
mirror:
|
||||
scheme: {{ .Values.repositories.clamav.mirror.scheme | quote }}
|
||||
url: {{ .Values.repositories.clamav.mirror.url | quote }}
|
||||
customURLs:
|
||||
{{ .Values.repositories.clamav.customURLs | toYaml | nindent 8 }}
|
||||
global:
|
||||
imagePullSecrets:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
@@ -95,7 +106,7 @@ icap:
|
||||
seLinuxOptions:
|
||||
{{ .Values.seLinuxOptions.icap | toYaml | nindent 6 }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.icap.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.icap.registry | quote }}
|
||||
repository: {{ .Values.images.icap.repository | quote }}
|
||||
tag: {{ .Values.images.icap.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
@@ -124,7 +135,7 @@ milter:
|
||||
seLinuxOptions:
|
||||
{{ .Values.seLinuxOptions.milter | toYaml | nindent 6 }}
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.milter.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.milter.registry | quote }}
|
||||
repository: {{ .Values.images.milter.repository | quote }}
|
||||
tag: {{ .Values.images.milter.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -23,12 +26,12 @@ global:
|
||||
|
||||
image:
|
||||
clamav:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.clamd.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.clamd.registry | quote }}
|
||||
repository: {{ .Values.images.clamd.repository | quote }}
|
||||
tag: {{ .Values.images.clamd.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
icap:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.icap.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.icap.registry | quote }}
|
||||
repository: {{ .Values.images.icap.repository | quote }}
|
||||
tag: {{ .Values.images.icap.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
@@ -47,4 +50,14 @@ replicaCount: {{ .Values.replicas.clamav }}
|
||||
resources:
|
||||
{{ .Values.resources.clamd | toYaml | nindent 4 }}
|
||||
|
||||
settings:
|
||||
freshclam:
|
||||
database:
|
||||
auth:
|
||||
{{ .Values.repositories.clamav.auth | toYaml | nindent 8 }}
|
||||
mirror:
|
||||
scheme: {{ .Values.repositories.clamav.mirror.scheme | quote }}
|
||||
url: {{ .Values.repositories.clamav.mirror.url | quote }}
|
||||
customURLs:
|
||||
{{ .Values.repositories.clamav.customURLs | toYaml | nindent 8 }}
|
||||
...
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
@@ -20,7 +23,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.dkimpy.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.dkimpy.registry | quote }}
|
||||
repository: {{ .Values.images.dkimpy.repository | quote }}
|
||||
tag: {{ .Values.images.dkimpy.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
cleanup:
|
||||
deletePodsOnSuccess: {{ .Values.debug.cleanup.deletePodsOnSuccess }}
|
||||
@@ -26,7 +29,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.mariadb.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.mariadb.registry | quote }}
|
||||
repository: {{ .Values.images.mariadb.repository | quote }}
|
||||
tag: {{ .Values.images.mariadb.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
architecture: {{ if gt .Values.replicas.memcached 1 }}"high-availability"{{ else }}"standalone"{{ end }}
|
||||
|
||||
@@ -24,7 +27,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.memcached.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.memcached.registry | quote }}
|
||||
repository: {{ .Values.images.memcached.repository | quote }}
|
||||
tag: {{ .Values.images.memcached.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
apiIngress:
|
||||
enabled: {{ .Values.ingress.enabled }}
|
||||
@@ -39,7 +42,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.minio.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.minio.registry | quote }}
|
||||
repository: "{{ .Values.images.minio.repository }}"
|
||||
tag: "{{ .Values.images.minio.tag }}"
|
||||
pullPolicy: "{{ .Values.global.imagePullPolicy }}"
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
certificate:
|
||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||
@@ -25,7 +28,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.postfix.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.postfix.registry | quote }}
|
||||
repository: {{ .Values.images.postfix.repository | quote }}
|
||||
tag: {{ .Values.images.postfix.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
cleanup:
|
||||
deletePodsOnSuccess: {{ .Values.debug.cleanup.deletePodsOnSuccess }}
|
||||
@@ -36,7 +39,7 @@ global:
|
||||
{{ .Values.global.imagePullSecrets | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.postgresql.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.postgresql.registry | quote }}
|
||||
repository: {{ .Values.images.postgresql.repository | quote }}
|
||||
tag: {{ .Values.images.postgresql.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
architecture: "standalone"
|
||||
|
||||
@@ -12,7 +15,7 @@ global:
|
||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.redis.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.dockerHub .Values.global.imageRegistry .Values.images.redis.registry | quote }}
|
||||
repository: {{ .Values.images.redis.repository | quote }}
|
||||
tag: {{ .Values.images.redis.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
{{/*
|
||||
SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||
SPDX-License-Identifier: Apache-2.0
|
||||
*/}}
|
||||
---
|
||||
image:
|
||||
name: "{{ .Values.global.imageRegistry | default .Values.images.xwiki.registry }}/{{ .Values.images.xwiki.repository }}"
|
||||
name: "{{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.xwiki.registry }}/{{ .Values.images.xwiki.repository }}"
|
||||
tag: {{ .Values.images.xwiki.tag | quote }}
|
||||
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
||||
|
||||
|
||||
@@ -24,7 +24,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-clamav"
|
||||
name: "opendesk-clamav"
|
||||
version: "4.0.5"
|
||||
version: "4.0.6"
|
||||
verify: true
|
||||
clamavSimple:
|
||||
# providerCategory: "Platform"
|
||||
@@ -34,7 +34,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-clamav"
|
||||
name: "clamav-simple"
|
||||
version: "4.0.5"
|
||||
version: "4.0.6"
|
||||
verify: true
|
||||
collabora:
|
||||
# providerCategory: "Supplier"
|
||||
@@ -90,7 +90,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-element"
|
||||
name: "opendesk-element"
|
||||
version: "3.3.2"
|
||||
version: "3.4.0"
|
||||
verify: true
|
||||
elementWellKnown:
|
||||
# providerCategory: "Platform"
|
||||
@@ -100,7 +100,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-element"
|
||||
name: "opendesk-well-known"
|
||||
version: "3.3.2"
|
||||
version: "3.4.0"
|
||||
verify: true
|
||||
home:
|
||||
# providerCategory: "Platform"
|
||||
@@ -192,7 +192,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-element"
|
||||
name: "opendesk-matrix-user-verification-service"
|
||||
version: "3.3.2"
|
||||
version: "3.4.0"
|
||||
verify: true
|
||||
memcached:
|
||||
# providerCategory: "Community"
|
||||
@@ -212,7 +212,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-migrations"
|
||||
name: "opendesk-migrations"
|
||||
version: "1.2.2"
|
||||
version: "1.2.3"
|
||||
verify: true
|
||||
minio:
|
||||
# providerCategory: "Community"
|
||||
@@ -232,7 +232,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-nextcloud"
|
||||
name: "opendesk-nextcloud"
|
||||
version: "3.0.0"
|
||||
version: "3.1.0"
|
||||
verify: true
|
||||
nextcloudManagement:
|
||||
# providerCategory: "Platform"
|
||||
@@ -242,7 +242,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-nextcloud"
|
||||
name: "opendesk-nextcloud-management"
|
||||
version: "3.0.0"
|
||||
version: "3.1.0"
|
||||
verify: true
|
||||
nginx:
|
||||
# providerCategory: "Community"
|
||||
@@ -261,10 +261,12 @@ charts:
|
||||
# upstreamRepository: "nubus/charts/nubus"
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ["0", "19", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
||||
# registry: "registry.opencode.de"
|
||||
# repository: "bmi/opendesk/components/supplier/univention/charts-mirror"
|
||||
registry: "artifacts.software-univention.de"
|
||||
repository: "nubus-dev/charts"
|
||||
name: "nubus"
|
||||
version: "0.33.0"
|
||||
version: "0.46.0-pre-jconde-statefulset-keycloak"
|
||||
verify: true
|
||||
opendeskKeycloakBootstrap:
|
||||
# providerCategory: "Platform"
|
||||
@@ -380,7 +382,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-element"
|
||||
name: "opendesk-synapse"
|
||||
version: "3.3.2"
|
||||
version: "3.4.0"
|
||||
verify: true
|
||||
synapseCreateAccount:
|
||||
# providerCategory: "Platform"
|
||||
@@ -390,7 +392,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-element"
|
||||
name: "opendesk-synapse-create-account"
|
||||
version: "3.3.2"
|
||||
version: "3.4.0"
|
||||
verify: true
|
||||
synapseWeb:
|
||||
# providerCategory: "Platform"
|
||||
@@ -400,7 +402,7 @@ charts:
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-element"
|
||||
name: "opendesk-synapse-web"
|
||||
version: "3.3.2"
|
||||
version: "3.4.0"
|
||||
verify: true
|
||||
xwiki:
|
||||
# providerCategory: "Supplier"
|
||||
|
||||
@@ -34,6 +34,13 @@ functional:
|
||||
quota:
|
||||
# Set the default quota for all users in GB
|
||||
default: 1
|
||||
# Options related to file sharing, changing these options might require a restart of the `opendesk-nextcloud-php` Pod(s).
|
||||
sharing:
|
||||
# Enables sharing of files with external participants (create external links, send links by mail and allow external upload in shared folders).
|
||||
# If you disable this option existing external shares stop working, when re-enabling it the old shares are available again.
|
||||
enableExternalSharing: false
|
||||
# Enforces passwords to be used on external shares.
|
||||
enforceSharingPasswords: true
|
||||
# Nextcloud specific configuration
|
||||
nextcloud:
|
||||
retentionObligation:
|
||||
@@ -52,4 +59,17 @@ functional:
|
||||
# Ref.: https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#presence
|
||||
enabled: false
|
||||
|
||||
chat:
|
||||
matrix:
|
||||
profile:
|
||||
# Once connected with a user that user's MatrixID is rarely checked by their communication partners, as the
|
||||
# display name is used to see whom they are communicating with. Not allowing users to change their
|
||||
# own display name reduces the risk of identity fraud.
|
||||
# To get the display name updated from the central identity and access management you have to have the Synapse
|
||||
# enterprise feature "groupsync" configured.
|
||||
allowUsersToUpdateDisplayname: true
|
||||
|
||||
# If the LDAP entryUUID should be used for the localpart of user's MatrixIDs following setting must be `true`.
|
||||
useImmutableIdentifierForLocalpart: false
|
||||
|
||||
...
|
||||
|
||||
@@ -20,7 +20,7 @@ images:
|
||||
# upstreamRepository: "bmi/opendesk/components/supplier/collabora/images/collabora-online-for-opendesk"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/collabora/images/collabora-online-for-opendesk"
|
||||
tag: "24.04.6.1.1@sha256:6237af013065838be27faae69b26feec63de6de8412499285f5379d74fef7387"
|
||||
tag: "24.04.6.2.1@sha256:7de9ac6ce5a256b0f74a56a4654acd851502dc9e3ed4d29949ba5642bacae308"
|
||||
cryptpad:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "XWiki"
|
||||
@@ -213,7 +213,7 @@ images:
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-migrations"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-migrations"
|
||||
tag: "1.2.1@sha256:241561c51dee3ccd4d54cf732020634291f124025946e6be983f850bbf4eb1d3"
|
||||
tag: "1.2.2@sha256:32afdd71c5b8003ed1609e389494ce10c715c5db64d4ed32a74d65b0f0227e64"
|
||||
milter:
|
||||
# providerCategory: "Community"
|
||||
# providerResponsible: "openDesk"
|
||||
@@ -237,7 +237,7 @@ images:
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud-apache2"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud-apache2"
|
||||
tag: "1.1.24@sha256:c9222da8be7af12c9076b41d1a14e019725afc075e1aaa2b727be21c1bf45f10"
|
||||
tag: "1.2.0@sha256:f1c64bc7b9d1993a7c79ca73c1594fdea49ef4adf4ebe4286e01ccc1ad9290c7"
|
||||
nextcloudExporter:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
@@ -253,7 +253,7 @@ images:
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud-management"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud-management"
|
||||
tag: "1.4.4@sha256:b70c159d6a1827748ca1f8fe0b9fd5b011eaed8719172105e1e9c8b8d776cf97"
|
||||
tag: "1.5.3@sha256:19f5354a951b043327906d8670c0466e2a00317ad0dd4b99d0edf882e213d22f"
|
||||
nextcloudPHP:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
@@ -261,7 +261,7 @@ images:
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud-php"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-nextcloud-php"
|
||||
tag: "1.10.3@sha256:e659ab95d0d3a33d4937354449c12fa46fe2669a866bbf432a9d729bed6d54f7"
|
||||
tag: "1.11.3@sha256:c88af69971e2b2b1ead90db69d6af3355be5309d6c91b2b6a18fac2c6781b760"
|
||||
nubusDataLoader:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -269,9 +269,11 @@ images:
|
||||
# upstreamRepository: "nubus/images/data-loader"
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ["0", "41", "5"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/data-loader"
|
||||
tag: "0.60.0@sha256:9b43a66c32f4f66143db00b71cc62966df6ed809ec023a0d573a015f5d15305a"
|
||||
# registry: "registry.opencode.de"
|
||||
# repository: "bmi/opendesk/components/supplier/univention/images-mirror/data-loader"
|
||||
registry: "artifacts.software-univention.de"
|
||||
repository: "nubus/images/data-loader"
|
||||
tag: "0.65.0@sha256:5bdadb9387575c56779354514865e6a41142113f8302bfa565060d5215c0e860"
|
||||
nubusGuardianAuthorizationApi:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -311,7 +313,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "3", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/guardian-init"
|
||||
tag: "0.9.1@sha256:6006fb1c2779b906e7725df524f2587b2a610cc442793bf8f16b2b4b8c0494fb"
|
||||
tag: "0.13.0@sha256:0b0a4e4ab60a3d0f5e4872c9ed6d7b7db35e967007dd9b8ee7473daa5f6774f5"
|
||||
nubusKeycloak:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -321,7 +323,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["22", "0", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-keycloak"
|
||||
tag: "24.0.3-ucs1@sha256:cc66a1730abdd5abe88ac5cf045b6558f289bf1ae8d077ee884a42d785742f8b"
|
||||
tag: "25.0.1-ucs1@sha256:61cb3e703672f6d8806af41bec8056ca84e295bbeb546fdb5349322d1174a43d"
|
||||
nubusKeycloakBootstrap:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -331,7 +333,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "1", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-bootstrap"
|
||||
tag: "0.1.0@sha256:351097e9e7b469f2fc149fe612ec6ad515d5e6b081d7e2785bd926a1d77209d2"
|
||||
tag: "0.1.2@sha256:ea462e3e40843215814bddae0668dc56102864d99127ad3c8d9816d741886ac0"
|
||||
nubusKeycloakExtensionHandler:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -341,7 +343,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "0", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-handler"
|
||||
tag: "0.9.4@sha256:247182a965cc56fe2a891d42a7cfe84205804a9e58dd8f0a8191726a68cb9db1"
|
||||
tag: "0.10.0@sha256:7aa5bac4821c9226fd74c6a2883f7c24d214b4610d516574866cf933ee1be080"
|
||||
nubusKeycloakExtensionProxy:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -351,7 +353,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "0", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/keycloak-proxy"
|
||||
tag: "0.9.4@sha256:a572fe076a2ef5966433fec478c92cffade816e71f2b4661bd8dbcb9e60c8c2f"
|
||||
tag: "0.10.0@sha256:a5f6ae65732f7fb9d7ceae11f1c412b109d230e197075d8a8e1d989c87a0309d"
|
||||
nubusLdapNotifier:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -361,7 +363,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "8", "2"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-notifier"
|
||||
tag: "0.15.2@sha256:1f2a9d2136c8e87a4c4a59a94a2235d00e969c98bd7bfe75707a299918f271b5"
|
||||
tag: "0.23.0@sha256:1dbfb5d3b19d10c4092964cb63ad7000fa78f894315e9b35038bce2cc01e0c3e"
|
||||
nubusLdapServer:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -370,8 +372,8 @@ images:
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ["0", "8", "2"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/platform-development/images/temp-nubus-ldap-2.5-upgrade"
|
||||
tag: "1.1.20@sha256:90f46b8817fa05e6e3ac3b2f053911198675805fb82db8240bfa41239d7e7c61"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ldap-server"
|
||||
tag: "0.23.0@sha256:8fae15fb6e67ed62c2d371d6815f2a1e604992de2a190ac99ad87643d2d53feb"
|
||||
nubusLdapServerDhInitContainer:
|
||||
# providerCategory: 'Community'
|
||||
# providerResponsible: 'Univention'
|
||||
@@ -411,9 +413,21 @@ images:
|
||||
# upstreamRepository: "nubus/images/notifications-api"
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||
# registry: "registry.opencode.de"
|
||||
# repository: "bmi/opendesk/components/supplier/univention/images-mirror/notifications-api"
|
||||
registry: "artifacts.software-univention.de"
|
||||
repository: "nubus/images/notifications-api"
|
||||
tag: "0.35.1@sha256:f0b838e08976e0b651d75b2b92ce8f9c28c695483591ea2cc514ee76dfd8d34a"
|
||||
nubusOpendeskExtension:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
# upstreamRegistry: "https://registry.opencode.de"
|
||||
# upstreamRepository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/notifications-api"
|
||||
tag: "0.27.0@sha256:d99173199f20c701b29b8a3c1a46465085a873b37f413882e7d2e106e258c35a"
|
||||
repository: "bmi/opendesk/components/platform-development/images/opendesk-nubus"
|
||||
# TODO: Replace with released version once available
|
||||
# See: https://gitlab.opencode.de/bmi/opendesk/components/platform-development/images/opendesk-nubus/-/merge_requests/7
|
||||
tag: "1.2.1-jtorres-fixup-icon@sha256:aa10b93e6e9d68a52add2e39bee4ceecc86c9571754db0bc505f00543673b12d"
|
||||
nubusOpenPolicyAgent:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -433,7 +447,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "10", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/ox-extension"
|
||||
tag: "0.10.0@sha256:f6f32ce0486594eca9c8682b10f60e9d174a526d5acd2ba4d0abcb8f522539b9"
|
||||
tag: "0.11.0@sha256:2cb5a9683b6ff81b995a5c71da52c2ff8177b662bb0be8f11e9cd0c6b48d8a11"
|
||||
nubusPortalConsumer:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -443,7 +457,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "27", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-consumer"
|
||||
tag: "0.27.0@sha256:e86bf827d1e93b61473a0730492f48f8dbf0d056b79dd9ecde7af1612696b144"
|
||||
tag: "0.32.0@sha256:7f38a8db34bfe67c9ad0711c0a2c615e278b20a1a7b66b77bd28faa339eaf897"
|
||||
nubusPortalExtension:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -461,9 +475,11 @@ images:
|
||||
# upstreamRepository: "nubus/images/portal-frontend"
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-frontend"
|
||||
tag: "0.29.0@sha256:3af3d5d24f690557b4a644d5720113dca0c802465b0e43466b49db27acd37939"
|
||||
# registry: "registry.opencode.de"
|
||||
# repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-frontend"
|
||||
registry: "artifacts.software-univention.de"
|
||||
repository: "nubus/images/portal-frontend"
|
||||
tag: "0.35.1@sha256:0a77fb1fff899304b813d70f07a0b569fb7cefa5449d135b65dab7ccd30c57fd"
|
||||
nubusPortalListener:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -481,9 +497,11 @@ images:
|
||||
# upstreamRepository: "nubus/images/portal-server"
|
||||
# upstreamMirrorTagFilterRegEx: '^(\d+)\.(\d+)\.(\d+)$'
|
||||
# upstreamMirrorStartFrom: ["0", "9", "4"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-server"
|
||||
tag: "0.27.0@sha256:e1ad659feb4a1948d07e6e7d99b94b6bdbd4525d96f4cf9a010b75189f0082fc"
|
||||
# registry: "registry.opencode.de"
|
||||
# repository: "bmi/opendesk/components/supplier/univention/images-mirror/portal-server"
|
||||
registry: "artifacts.software-univention.de"
|
||||
repository: "nubus/images/portal-server"
|
||||
tag: "0.35.1@sha256:72b3a780d516e12d432043a4bdfbb2f4a8aae11240b032dba73e16cb4b55f51a"
|
||||
nubusProvisioningDispatcher:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -493,7 +511,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-dispatcher"
|
||||
tag: "0.28.3@sha256:79c81b0143e78c7cabb1efd63d47530eac686fba11db57c173abd8ebdd396778"
|
||||
tag: "0.38.0@sha256:d583151b108164374bd11dc74626c62aace0ff4ddc5997b08553b559d7c0bf91"
|
||||
nubusProvisioningEventsAndConsumerApi:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -503,7 +521,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-events-and-consumer-api"
|
||||
tag: "0.28.3@sha256:5b0a2c52d715fde613ecfedb3a3f5e47b9eb73cdcf4c373a9cc58248a919f2bf"
|
||||
tag: "0.38.0@sha256:b459c3a9bfd51692691736f0afeb0c7ba2d75efe30a5b1e2a8b51c5c48f08ac4"
|
||||
nubusProvisioningPrefill:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -513,7 +531,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-prefill"
|
||||
tag: "0.28.3@sha256:a98bce46144a6ff943b0432b66277393b7b476b8969b221b9069c708d3380f5d"
|
||||
tag: "0.38.0@sha256:7fe6dfe75c3131ebf9bb9a36210adf4bd0bead06d6214985427d59eb4b420b40"
|
||||
nubusProvisioningUdmListener:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -523,7 +541,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-listener"
|
||||
tag: "0.28.3@sha256:b9c452e55e6716f93309bef0af7d401e218cd1e6ea9ad3d2819fb10dd631aecd"
|
||||
tag: "0.38.0@sha256:99a7fdc23650c5bcbf58c38ffea86b5fe779b12a834824ae5e206fc5f2c0301a"
|
||||
nubusProvisioningUdmTransformer:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -533,7 +551,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "14", "0"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/provisioning-udm-transformer"
|
||||
tag: "0.29.0@sha256:68e27eb9560d2729e9065da3573f28073c5e53fedabac4d19562c4b8c6c1d1f3"
|
||||
tag: "0.38.0@sha256:e40b33188f11d82f669532e1f085ba5e1758fd6099f679a759f6ae2b1d0ee3ef"
|
||||
nubusSelfserviceInvitation:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -543,7 +561,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "3", "2"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/selfservice-invitation"
|
||||
tag: "0.6.4@sha256:3fcc56c2e039a5a503183ec272fea334083079ceb83c8af7283f9be9b4334d71"
|
||||
tag: "0.6.5@sha256:5630c9df3da4134789d2ebafad7de9062375d21547a2074827b680debd7a909e"
|
||||
nubusSelfserviceListener:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -553,15 +571,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "3", "2"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/selfservice-listener"
|
||||
tag: "0.6.4@sha256:9605072b60d832ba165d8b7f9b1b7195693e7d5744479af321e4cf242f9ea500"
|
||||
nubusStackGateway:
|
||||
# providerCategory: "Community"
|
||||
# providerResponsible: "Univention"
|
||||
# upstreamRegistry: "https://registry-1.docker.io"
|
||||
# upstreamRepository: "bitnami/nginx"
|
||||
registry: "registry-1.docker.io"
|
||||
repository: "bitnami/nginx"
|
||||
tag: "1.25.4@sha256:dd352b597f4c38ae24abec411710f4249fb5c793293c7ed04737db6b41d32d24"
|
||||
tag: "0.6.5@sha256:a9724fd41cb89a9bdf231ea8699126d2d3503dc894fe9510a1e080ab8408838d"
|
||||
nubusUdmRestApi:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -571,7 +581,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "9", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/udm-rest-api"
|
||||
tag: "0.19.0@sha256:41482c459655afa36eaf9ec21354ff8417e4da5e3a787ec2f865730952f6bb61"
|
||||
tag: "0.22.0@sha256:f52929b6f5492e0a24eab4d9ee62247f9f9dd02a2c1f30eb9968867fae958093"
|
||||
nubusUmcGateway:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -581,7 +591,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "7", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-gateway"
|
||||
tag: "0.22.2@sha256:fe4d2c148946da6f5e92201f398ebd0d5a72795c50648993bd220ea1e228658d"
|
||||
tag: "0.28.0@sha256:d00013af4dc1d72480a072269e4131b199eb9b6fe5f98fc798a1a33644729401"
|
||||
nubusUmcServer:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -591,7 +601,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["0", "7", "3"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/univention/images-mirror/umc-server"
|
||||
tag: "0.22.2@sha256:474497f561c3532b37b7d5e77ec36bd1fefc4fbeaab9747b481533b0da086586"
|
||||
tag: "0.28.0@sha256:540680a42c62b1a3d760bb4a9040f5126c5ccbb8ffe23aad7dabd7494c89467d"
|
||||
nubusWaitForDependency:
|
||||
# providerCategory: "Supplier"
|
||||
# providerResponsible: "Univention"
|
||||
@@ -619,7 +629,7 @@ images:
|
||||
# upstreamMirrorStartFrom: ["13", "1", "1"]
|
||||
registry: "registry.opencode.de"
|
||||
repository: "bmi/opendesk/components/supplier/openproject/images-mirror/open_desk"
|
||||
tag: "14.4.0@sha256:0c1ee5467b5c7888f38eae88a712c2eec6c96995b85f09e0c27705c09f450a70"
|
||||
tag: "14.4.1@sha256:40a2ff3f3a75b9792f93da07e80a730941f783abc7ae3c1a988c7904cbc1f2a4"
|
||||
openprojectBootstrap:
|
||||
# providerCategory: "Platform"
|
||||
# providerResponsible: "openDesk"
|
||||
|
||||
@@ -20,6 +20,7 @@ persistence:
|
||||
ldapServerData: "1Gi"
|
||||
ldapServerShared: "1Gi"
|
||||
portalListener: "1Gi"
|
||||
portalConsumer: "1Gi"
|
||||
selfserviceListener: "1Gi"
|
||||
xwiki: "1Gi"
|
||||
...
|
||||
|
||||
@@ -67,6 +67,14 @@ replicas:
|
||||
# -- scalable: false
|
||||
# -- comment: Will be removed soon.
|
||||
oxConnector: 1
|
||||
# -- scalable: tbd
|
||||
umsGuardianAuthorizationApi: 1
|
||||
# -- scalable: tbd
|
||||
umsGuardianManagementApi: 1
|
||||
# -- scalable: tbd
|
||||
umsGuardianManagementUi: 1
|
||||
# -- scalable: tbd
|
||||
umsGuardianOpenPolicyAgent: 1
|
||||
# -- scalable: false
|
||||
# -- comment: Should not be scaled, is an async process.
|
||||
umsKeycloakExtensionsHandler: 1
|
||||
@@ -74,14 +82,21 @@ replicas:
|
||||
umsKeycloakExtensionsProxy: 1
|
||||
# -- scalable: tbd
|
||||
umsLdapNotifier: 1
|
||||
# -- scalable: tbd
|
||||
umsLdapServer: 1
|
||||
# -- scalable: false
|
||||
# -- comment: Experimental feature and not supported.
|
||||
umsLdapServerPrimary: 1
|
||||
# -- scalable: true
|
||||
umsLdapServerSecondary: 1
|
||||
# -- scalable: true
|
||||
umsLdapServerProxy: 1
|
||||
# -- scalable: tbd
|
||||
umsNotificationsApi: 1
|
||||
# -- scalable: true
|
||||
umsPortalFrontend: 1
|
||||
# -- scalable: tbd
|
||||
umsPortalListener: 1
|
||||
# -- scalable: tbd
|
||||
umsPortalConsumer: 1
|
||||
# -- scalable: true
|
||||
umsPortalServer: 1
|
||||
# -- scalable: tbd
|
||||
@@ -130,10 +145,34 @@ replicas:
|
||||
# -- component: Project management (OpenProject)
|
||||
# -- scalable: true
|
||||
openprojectWeb: 1
|
||||
# -- scalable: tdb
|
||||
# -- comment: Async process that usually has no need for scaling
|
||||
# -- scalable: true
|
||||
# -- comment: Async service working on processing queue content. Can work on queues in parallel (when needed). See [upstream Helm chart documentation](https://www.openproject.org/docs/installation-and-operations/installation/helm-chart/) for details, as e.g. dedicated workers to specific queues are in general possible with OpenProject as well.Share
|
||||
openprojectWorker: 1
|
||||
|
||||
# -- component: Groupware (OX Appsuite)
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreDocumentConverter: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreGuidedtours: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreImageConverter: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreMW: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreUI: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreUIMiddleware: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeCoreUserGuide: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeGotenberg: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeGuardUI: 1
|
||||
# -- scalable: tbd
|
||||
openxchangeNextcloudIntegrationUI: 1
|
||||
# -- scalable: tbd
|
||||
openxchangePublicSectorUI: 1
|
||||
|
||||
# -- component: Knowledge management (XWiki)
|
||||
# -- scalable: false
|
||||
xwiki: 1
|
||||
|
||||
93
helmfile/environments/default/repositories.yaml
Normal file
93
helmfile/environments/default/repositories.yaml
Normal file
@@ -0,0 +1,93 @@
|
||||
# SPDX-FileCopyrightText: 2024 Zentrum für Digitale Souveränität der Öffentlichen Verwaltung (ZenDiS) GmbH
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
---
|
||||
repositories:
|
||||
# Fine-granular registry settings, useful when you can't use virtual (Artifactory) or group (Nexus) repositories.
|
||||
# Higher precedence than `global.imageRegistry`
|
||||
image:
|
||||
dockerHub: ""
|
||||
registryOpencodeDe: ""
|
||||
# Fine-granular registry settings, useful when you can't use virtual (Artifactory) or group (Nexus) repositories.
|
||||
# Higher precedence than `global.imageRegistry`
|
||||
helm:
|
||||
registryOpencodeDe: ""
|
||||
# ClamAV registry settings
|
||||
clamav:
|
||||
auth: {}
|
||||
# username: ""
|
||||
# password: ""
|
||||
mirror:
|
||||
scheme: "https"
|
||||
url: "clamavdb.c3sl.ufpr.br"
|
||||
customURLs:
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/badmacro.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/blurl.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/bofhland_cracked_URL.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/bofhland_malware_attach.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/bofhland_malware_URL.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/bofhland_phishing_URL.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/foxhole_filename.cdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/foxhole_generic.cdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/foxhole_js.cdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/foxhole_js.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/hackingteam.hsb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/junk.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/jurlbl.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/jurlbla.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/lott.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/malwarehash.hsb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/phish.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/phishtank.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/porcupine.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/rogue.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/scam.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/shelter.ldb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/spamattach.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/spamimg.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/spear.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/spearl.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow.attachments.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_bad_cw.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_extended_malware.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_extended_malware_links.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_malware.hdb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_malware_links.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_phish_complete_url.ndb"
|
||||
- scheme: "https"
|
||||
url: "ftp.swin.edu.au/sanesecurity/winnow_spam_complete.ndb"
|
||||
- scheme: "https"
|
||||
url: "urlhaus.abuse.ch/downloads/urlhaus.ndb"
|
||||
...
|
||||
@@ -485,6 +485,20 @@ resources:
|
||||
requests:
|
||||
cpu: 0.1
|
||||
memory: "256Mi"
|
||||
umsPortalConsumer:
|
||||
limits:
|
||||
cpu: 99
|
||||
memory: "1Gi"
|
||||
requests:
|
||||
cpu: 0.1
|
||||
memory: "256Mi"
|
||||
umsPortalConsumerDependencies:
|
||||
limits:
|
||||
cpu: 99
|
||||
memory: "1Gi"
|
||||
requests:
|
||||
cpu: 0.1
|
||||
memory: "256Mi"
|
||||
umsPortalServer:
|
||||
limits:
|
||||
cpu: 99
|
||||
@@ -586,7 +600,7 @@ resources:
|
||||
umsUmcServer:
|
||||
limits:
|
||||
cpu: 99
|
||||
memory: "1Gi"
|
||||
memory: "2Gi"
|
||||
requests:
|
||||
cpu: 0.1
|
||||
memory: "256Mi"
|
||||
|
||||
@@ -37,6 +37,7 @@ secrets:
|
||||
storeDavUsers:
|
||||
portalServer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-server" "store-dav" | sha1sum | quote }}
|
||||
portalListener: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-listener" "store-dav" | sha1sum | quote }}
|
||||
portalConsumer: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "portal-consumer" "store-dav" | sha1sum | quote }}
|
||||
provisioning:
|
||||
apiNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "api" "nats" | sha1sum | quote }}
|
||||
apiAdminNatsPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "apiAdmin" "nats" | sha1sum | quote }}
|
||||
|
||||
@@ -78,6 +78,7 @@ seLinuxOptions:
|
||||
umsOpenPolicyAgent: ~
|
||||
umsPortalFrontend: ~
|
||||
umsPortalListener: ~
|
||||
umsPortalConsumer: ~
|
||||
umsPortalServer: ~
|
||||
umsProvisioningDispatcher: ~
|
||||
umsProvisioningEventsAndConsumerApi: ~
|
||||
|
||||
@@ -22,6 +22,7 @@ persistence:
|
||||
ldapServerData: "42Gi"
|
||||
ldapServerShared: "42Gi"
|
||||
portalListener: "42Gi"
|
||||
portalConsumer: "42Gi"
|
||||
selfserviceListener: "42Gi"
|
||||
postfix: "42Gi"
|
||||
postgresql: "42Gi"
|
||||
@@ -64,12 +65,27 @@ replicas:
|
||||
nextcloudPHP: 42
|
||||
openprojectWeb: 42
|
||||
openprojectWorker: 42
|
||||
openxchangeCoreGuidedtours: 42
|
||||
openxchangeCoreMW: 42
|
||||
openxchangeCoreUI: 42
|
||||
openxchangeCoreUIMiddleware: 42
|
||||
openxchangeCoreUserGuide: 42
|
||||
openxchangeDocumentConverter: 42
|
||||
openxchangeGotenberg: 42
|
||||
openxchangeGuardUI: 42
|
||||
openxchangeImageConverter: 42
|
||||
openxchangeNextcloudIntegrationUI: 42
|
||||
openxchangePublicSectorUI: 42
|
||||
oxConnector: 42
|
||||
postfix: 42
|
||||
postgres: 42
|
||||
redis: 42
|
||||
synapse: 42
|
||||
synapseWeb: 42
|
||||
umsGuardianAuthorizationApi: 42
|
||||
umsGuardianManagementApi: 42
|
||||
umsGuardianManagementUi: 42
|
||||
umsGuardianOpenPolicyAgent: 42
|
||||
umsKeycloakExtensionsHandler: 42
|
||||
umsKeycloakExtensionsProxy: 42
|
||||
umsLdapNotifier: 42
|
||||
@@ -77,6 +93,7 @@ replicas:
|
||||
umsNotificationsApi: 42
|
||||
umsPortalFrontend: 42
|
||||
umsPortalListener: 42
|
||||
umsPortalConsumer: 42
|
||||
umsPortalServer: 42
|
||||
umsSelfserviceListener: 42
|
||||
umsStackGateway: 42
|
||||
|
||||
@@ -40,7 +40,7 @@ containerSecurityContext:
|
||||
{{ .Values.seLinuxOptions.migrations | toYaml | nindent 4 }}
|
||||
|
||||
image:
|
||||
registry: {{ .Values.global.imageRegistry | default .Values.images.migrations.registry | quote }}
|
||||
registry: {{ coalesce .Values.repositories.image.registryOpencodeDe .Values.global.imageRegistry .Values.images.migrations.registry | quote }}
|
||||
repository: {{ .Values.images.migrations.repository | quote }}
|
||||
tag: {{ .Values.images.migrations.tag | quote }}
|
||||
imagePullPolicy: {{ .Values.global.imagePullPolicy |quote }}
|
||||
|
||||
Reference in New Issue
Block a user