mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-06 07:21:36 +01:00
Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
fe40b7cfa1 | ||
|
|
d04a60349d | ||
|
|
94ae3da78b | ||
|
|
3ca54159f7 | ||
|
|
bf5dcda3b5 | ||
|
|
08ca525d3e | ||
|
|
dc7ce0bc4b | ||
|
|
729a1ea849 | ||
|
|
3b5493d78d |
@@ -620,4 +620,6 @@ release:
|
|||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
- "semantic-release"
|
- "semantic-release"
|
||||||
|
needs:
|
||||||
|
- "generate-release-assets"
|
||||||
...
|
...
|
||||||
|
|||||||
29
CHANGELOG.md
29
CHANGELOG.md
@@ -1,3 +1,32 @@
|
|||||||
|
## [0.5.62](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.61...v0.5.62) (2023-12-06)
|
||||||
|
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **nextcloud:** Bump image to 27.1.4 and update Helm chart to configure "Shared_with_me" folder ([d04a603](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/d04a60349dbbff2d64ca2b36b9c44b75526bf859))
|
||||||
|
* **univention-management-stack:** Update optional UMS preview state ([94ae3da](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/94ae3da78bd79c61fd7a22db5a541d473eea6a2e))
|
||||||
|
|
||||||
|
## [0.5.61](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.60...v0.5.61) (2023-12-05)
|
||||||
|
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **services:** Fix port declaration for Postfix ([bf5dcda](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/bf5dcda3b59e1dc98cbee7e67f50a960d344b8e0))
|
||||||
|
|
||||||
|
## [0.5.60](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.59...v0.5.60) (2023-12-05)
|
||||||
|
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **ci:** Ensure release creation with artifacts ([dc7ce0b](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/dc7ce0bc4b9501b63274f68352e6d9e76b5424e8))
|
||||||
|
|
||||||
|
## [0.5.59](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.58...v0.5.59) (2023-12-05)
|
||||||
|
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
|
||||||
|
* **helmfile:** Add configurable objectstore ([3b5493d](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/commit/3b5493d78dc027cd1f3206b26cf347dc6ce6e265))
|
||||||
|
|
||||||
## [0.5.58](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.57...v0.5.58) (2023-12-01)
|
## [0.5.58](https://gitlab.opencode.de/bmi/opendesk/deployment/sovereign-workplace/compare/v0.5.57...v0.5.58) (2023-12-01)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -9,6 +9,7 @@ This document will cover the additional configuration to use external services l
|
|||||||
|
|
||||||
<!-- TOC -->
|
<!-- TOC -->
|
||||||
* [Database](#database)
|
* [Database](#database)
|
||||||
|
* [Objectstore](#objectstore)
|
||||||
* [Cache](#cache)
|
* [Cache](#cache)
|
||||||
<!-- TOC -->
|
<!-- TOC -->
|
||||||
|
|
||||||
@@ -17,53 +18,76 @@ This document will cover the additional configuration to use external services l
|
|||||||
When deploying this suite to production, you need to configure the applications to use your production grade database
|
When deploying this suite to production, you need to configure the applications to use your production grade database
|
||||||
service.
|
service.
|
||||||
|
|
||||||
| Component | Name | Type | Parameter | Key | Default |
|
| Component | Name | Type | Parameter | Key | Default |
|
||||||
|-------------|--------------------|------------|-----------|----------------------------------------|----------------------------|
|
|-------------|--------------------|------------|-----------|------------------------------------------|----------------------------|
|
||||||
| Element | Synapse | PostgreSQL | | | |
|
| Element | Synapse | PostgreSQL | | | |
|
||||||
| | | | Name | `databases.synapse.name` | `matrix` |
|
| | | | Name | `databases.synapse.name` | `matrix` |
|
||||||
| | | | Host | `databases.synapse.host` | `postgresql` |
|
| | | | Host | `databases.synapse.host` | `postgresql` |
|
||||||
| | | | Port | `databases.synapse.port` | `5432` |
|
| | | | Port | `databases.synapse.port` | `5432` |
|
||||||
| | | | Username | `databases.synapse.username` | `matrix_user` |
|
| | | | Username | `databases.synapse.username` | `matrix_user` |
|
||||||
| | | | Password | `databases.synapse.password` | |
|
| | | | Password | `databases.synapse.password` | |
|
||||||
| Keycloak | Keycloak | PostgreSQL | | | |
|
| Keycloak | Keycloak | PostgreSQL | | | |
|
||||||
| | | | Name | `databases.keycloak.name` | `keycloak` |
|
| | | | Name | `databases.keycloak.name` | `keycloak` |
|
||||||
| | | | Host | `databases.keycloak.host` | `postgresql` |
|
| | | | Host | `databases.keycloak.host` | `postgresql` |
|
||||||
| | | | Port | `databases.keycloak.port` | `5432` |
|
| | | | Port | `databases.keycloak.port` | `5432` |
|
||||||
| | | | Username | `databases.keycloak.username` | `keycloak_user` |
|
| | | | Username | `databases.keycloak.username` | `keycloak_user` |
|
||||||
| | | | Password | `databases.keycloak.password` | |
|
| | | | Password | `databases.keycloak.password` | |
|
||||||
| | Keycloak Extension | PostgreSQL | | | |
|
| | Keycloak Extension | PostgreSQL | | | |
|
||||||
| | | | Name | `databases.keycloakExtension.name` | `keycloak_extensions` |
|
| | | | Name | `databases.keycloakExtension.name` | `keycloak_extensions` |
|
||||||
| | | | Host | `databases.keycloakExtension.host` | `postgresql` |
|
| | | | Host | `databases.keycloakExtension.host` | `postgresql` |
|
||||||
| | | | Port | `databases.keycloakExtension.port` | `5432` |
|
| | | | Port | `databases.keycloakExtension.port` | `5432` |
|
||||||
| | | | Username | `databases.keycloakExtension.username` | `keycloak_extensions_user` |
|
| | | | Username | `databases.keycloakExtension.username` | `keycloak_extensions_user` |
|
||||||
| | | | Password | `databases.keycloakExtension.password` | |
|
| | | | Password | `databases.keycloakExtension.password` | |
|
||||||
| UMS | Notifications API | PostgreSQL | | | |
|
| UMS | Notifications API | PostgreSQL | | | |
|
||||||
| | | | Name | `databases.notificationsApi.name` | `notificationsapi` |
|
| | | | Name | `databases.umsNotificationsApi.name` | `notificationsapi` |
|
||||||
| | | | Host | `databases.notificationsApi.host` | `postgresql` |
|
| | | | Host | `databases.umsNotificationsApi.host` | `postgresql` |
|
||||||
| | | | Port | `databases.notificationsApi.port` | `5432` |
|
| | | | Port | `databases.umsNotificationsApi.port` | `5432` |
|
||||||
| | | | Username | `databases.notificationsApi.username` | `notificationsapi_user` |
|
| | | | Username | `databases.umsNotificationsApi.username` | `notificationsapi_user` |
|
||||||
| | | | Password | `databases.notificationsApi.password` | |
|
| | | | Password | `databases.umsNotificationsApi.password` | |
|
||||||
| Nextcloud | Nextcloud | MariaDB | | | |
|
| | Self Service | PostgreSQL | | | |
|
||||||
| | | | Name | `databases.nextcloud.name` | `nextcloud` |
|
| | | | Name | `databases.umsSelfservice.name` | `selfservice` |
|
||||||
| | | | Host | `databases.nextcloud.host` | `mariadb` |
|
| | | | Host | `databases.umsSelfservice.host` | `postgresql` |
|
||||||
| | | | Username | `databases.nextcloud.username` | `nextcloud_user` |
|
| | | | Port | `databases.umsSelfservice.port` | `5432` |
|
||||||
| | | | Password | `databases.nextcloud.password` | |
|
| | | | Username | `databases.umsSelfservice.username` | `selfservice_user` |
|
||||||
| OpenProject | OpenProject | PostgreSQL | | | |
|
| | | | Password | `databases.umsSelfservice.password` | |
|
||||||
| | | | Name | `databases.openproject.name` | `openproject` |
|
| Nextcloud | Nextcloud | MariaDB | | | |
|
||||||
| | | | Host | `databases.openproject.host` | `postgresql` |
|
| | | | Name | `databases.nextcloud.name` | `nextcloud` |
|
||||||
| | | | Port | `databases.openproject.port` | `5432` |
|
| | | | Host | `databases.nextcloud.host` | `mariadb` |
|
||||||
| | | | Username | `databases.openproject.username` | `openproject_user` |
|
| | | | Username | `databases.nextcloud.username` | `nextcloud_user` |
|
||||||
| | | | Password | `databases.openproject.password` | |
|
| | | | Password | `databases.nextcloud.password` | |
|
||||||
| OX Appsuite | OX Appsuite | MariaDB | | | |
|
| OpenProject | OpenProject | PostgreSQL | | | |
|
||||||
| | | | Name | `databases.oxAppsuite.name` | `CONFIGDB` |
|
| | | | Name | `databases.openproject.name` | `openproject` |
|
||||||
| | | | Host | `databases.oxAppsuite.host` | `mariadb` |
|
| | | | Host | `databases.openproject.host` | `postgresql` |
|
||||||
| | | | Username | `databases.oxAppsuite.username` | `root` |
|
| | | | Port | `databases.openproject.port` | `5432` |
|
||||||
| | | | Password | `databases.oxAppsuite.password` | |
|
| | | | Username | `databases.openproject.username` | `openproject_user` |
|
||||||
| XWiki | XWiki | MariaDB | | | |
|
| | | | Password | `databases.openproject.password` | |
|
||||||
| | | | Name | `databases.xwiki.name` | `xwiki` |
|
| OX Appsuite | OX Appsuite | MariaDB | | | |
|
||||||
| | | | Host | `databases.xwiki.host` | `mariadb` |
|
| | | | Name | `databases.oxAppsuite.name` | `CONFIGDB` |
|
||||||
| | | | Username | `databases.xwiki.username` | `xwiki_user` |
|
| | | | Host | `databases.oxAppsuite.host` | `mariadb` |
|
||||||
| | | | Password | `databases.xwiki.password` | |
|
| | | | Username | `databases.oxAppsuite.username` | `root` |
|
||||||
|
| | | | Password | `databases.oxAppsuite.password` | |
|
||||||
|
| XWiki | XWiki | MariaDB | | | |
|
||||||
|
| | | | Name | `databases.xwiki.name` | `xwiki` |
|
||||||
|
| | | | Host | `databases.xwiki.host` | `mariadb` |
|
||||||
|
| | | | Username | `databases.xwiki.username` | `xwiki_user` |
|
||||||
|
| | | | Password | `databases.xwiki.password` | |
|
||||||
|
|
||||||
|
## Objectstore
|
||||||
|
|
||||||
|
When deploying this suite to production, you need to configure the applications to use your production grade objectstore
|
||||||
|
service.
|
||||||
|
|
||||||
|
| Component | Name | Parameter | Key | Default |
|
||||||
|
|-------------|-------------|-----------------|------------------------------------------|--------------------|
|
||||||
|
| OpenProject | OpenProject | | | |
|
||||||
|
| | | Backend | `objectstores.openproject.backend` | `minio` |
|
||||||
|
| | | Bucket | `objectstores.openproject.bucket` | `openproject` |
|
||||||
|
| | | Endpoint | `objectstores.openproject.endpoint` | |
|
||||||
|
| | | Provider | `objectstores.openproject.provider` | `AWS` |
|
||||||
|
| | | Region | `objectstores.openproject.region` | |
|
||||||
|
| | | Secret | `objectstores.openproject.secret` | |
|
||||||
|
| | | Username | `objectstores.openproject.username` | `openproject_user` |
|
||||||
|
| | | Use IAM profile | `objectstores.openproject.useIAMProfile` | |
|
||||||
|
|
||||||
## Cache
|
## Cache
|
||||||
|
|
||||||
@@ -81,3 +105,6 @@ service.
|
|||||||
| OpenProject | OpenProject | Memcached | | | |
|
| OpenProject | OpenProject | Memcached | | | |
|
||||||
| | | | Host | `cache.openproject.host` | `memcached` |
|
| | | | Host | `cache.openproject.host` | `memcached` |
|
||||||
| | | | Port | `cache.openproject.port` | `11211` |
|
| | | | Port | `cache.openproject.port` | `11211` |
|
||||||
|
| UMS | Self Service | Memcached | | | |
|
||||||
|
| | | | Host | `cache.umsSelfservice.host` | `memcached` |
|
||||||
|
| | | | Port | `cache.umsSelfservice.port` | `11211` |
|
||||||
|
|||||||
@@ -33,7 +33,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "opendesk-nextcloud-bootstrap"
|
- name: "opendesk-nextcloud-bootstrap"
|
||||||
chart: "opendesk-nextcloud-bootstrap-repo/opendesk-nextcloud-bootstrap"
|
chart: "opendesk-nextcloud-bootstrap-repo/opendesk-nextcloud-bootstrap"
|
||||||
version: "3.2.4"
|
version: "3.2.5"
|
||||||
wait: true
|
wait: true
|
||||||
waitForJobs: true
|
waitForJobs: true
|
||||||
values:
|
values:
|
||||||
|
|||||||
@@ -77,9 +77,16 @@ environment:
|
|||||||
OPENPROJECT_MAIL__FROM: "do-not-reply@{{ .Values.global.domain }}"
|
OPENPROJECT_MAIL__FROM: "do-not-reply@{{ .Values.global.domain }}"
|
||||||
# Details: https://www.openproject-edge.com/docs/installation-and-operations/configuration/#seeding-ldap-connections
|
# Details: https://www.openproject-edge.com/docs/installation-and-operations/configuration/#seeding-ldap-connections
|
||||||
OPENPROJECT_SEED_LDAP_OPENDESK_BINDPASSWORD: {{ .Values.secrets.univentionCorporateServer.ldapSearch.openproject | quote }}
|
OPENPROJECT_SEED_LDAP_OPENDESK_BINDPASSWORD: {{ .Values.secrets.univentionCorporateServer.ldapSearch.openproject | quote }}
|
||||||
OPENPROJECT_FOG_CREDENTIALS_HOST: "{{ .Values.global.hosts.minioApi }}.{{ .Values.global.domain }}"
|
{{ if ne .Values.objectstores.openproject.backend "aws" }}
|
||||||
OPENPROJECT_FOG_CREDENTIALS_ENDPOINT: "https://{{ .Values.global.hosts.minioApi }}.{{ .Values.global.domain }}"
|
OPENPROJECT_FOG_CREDENTIALS_ENDPOINT: {{ .Values.objectstores.openproject.endpoint | default (printf "https://%s.%s" .Values.global.hosts.minioApi .Values.global.domain) | quote }}
|
||||||
OPENPROJECT_FOG_CREDENTIALS_AWS__SECRET__ACCESS__KEY: {{ .Values.secrets.minio.openprojectUser | quote }}
|
OPENPROJECT_FOG_CREDENTIALS_PATH__STYLE: "true"
|
||||||
|
{{ end }}
|
||||||
|
OPENPROJECT_FOG_CREDENTIALS_AWS__ACCESS__KEY__ID: {{ .Values.objectstores.openproject.username | quote }}
|
||||||
|
OPENPROJECT_FOG_CREDENTIALS_AWS__SECRET__ACCESS__KEY: {{ .Values.objectstores.openproject.secret | default .Values.secrets.minio.openprojectUser | quote }}
|
||||||
|
OPENPROJECT_FOG_CREDENTIALS_PROVIDER: {{ .Values.objectstores.openproject.provider | default "AWS" | quote }}
|
||||||
|
OPENPROJECT_FOG_CREDENTIALS_REGION: {{ .Values.objectstores.openproject.region | quote }}
|
||||||
|
OPENPROJECT_FOG_DIRECTORY: {{ .Values.objectstores.openproject.bucket | quote }}
|
||||||
|
OPENPROJECT_FOG_CREDENTIALS_USE__IAM__PROFILE : {{ .Values.objectstores.openproject.useIAMProfile | default "false" | quote }}
|
||||||
|
|
||||||
replicaCount: {{ .Values.replicas.openproject }}
|
replicaCount: {{ .Values.replicas.openproject }}
|
||||||
|
|
||||||
|
|||||||
@@ -75,10 +75,7 @@ environment:
|
|||||||
OPENPROJECT_SEED_LDAP_OPENDESK_GROUPFILTER_OPENDESK_GROUP__ATTRIBUTE: "cn"
|
OPENPROJECT_SEED_LDAP_OPENDESK_GROUPFILTER_OPENDESK_GROUP__ATTRIBUTE: "cn"
|
||||||
# Details: https://www.openproject.org/docs/installation-and-operations/configuration/#attachments-storage
|
# Details: https://www.openproject.org/docs/installation-and-operations/configuration/#attachments-storage
|
||||||
OPENPROJECT_ATTACHMENTS__STORAGE: "fog"
|
OPENPROJECT_ATTACHMENTS__STORAGE: "fog"
|
||||||
OPENPROJECT_FOG_DIRECTORY: "openproject"
|
|
||||||
OPENPROJECT_FOG_CREDENTIALS_PROVIDER: "AWS"
|
|
||||||
OPENPROJECT_FOG_CREDENTIALS_PATH__STYLE: "true"
|
OPENPROJECT_FOG_CREDENTIALS_PATH__STYLE: "true"
|
||||||
OPENPROJECT_FOG_CREDENTIALS_AWS__ACCESS__KEY__ID: "openproject_user"
|
|
||||||
# Define an admin mapping from the claim
|
# Define an admin mapping from the claim
|
||||||
# The attribute mapping cannot currently be defined in the value
|
# The attribute mapping cannot currently be defined in the value
|
||||||
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ATTRIBUTE__MAP_ADMIN: "openproject_admin"
|
OPENPROJECT_OPENID__CONNECT_KEYCLOAK_ATTRIBUTE__MAP_ADMIN: "openproject_admin"
|
||||||
|
|||||||
@@ -91,7 +91,7 @@ releases:
|
|||||||
# dependencyType=service
|
# dependencyType=service
|
||||||
- name: "opendesk-otterize"
|
- name: "opendesk-otterize"
|
||||||
chart: "opendesk-otterize-repo/opendesk-otterize"
|
chart: "opendesk-otterize-repo/opendesk-otterize"
|
||||||
version: "1.1.2"
|
version: "1.1.3"
|
||||||
values:
|
values:
|
||||||
- "values-otterize.gotmpl"
|
- "values-otterize.gotmpl"
|
||||||
installed: {{ .Values.security.otterizeIntents.enabled }}
|
installed: {{ .Values.security.otterizeIntents.enabled }}
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ postfix:
|
|||||||
- fileName: "sasl_passwd.map"
|
- fileName: "sasl_passwd.map"
|
||||||
content:
|
content:
|
||||||
- {{ printf "%s %s:%s" .Values.smtp.host .Values.smtp.username .Values.smtp.password | quote }}
|
- {{ printf "%s %s:%s" .Values.smtp.host .Values.smtp.username .Values.smtp.password | quote }}
|
||||||
relayHost: {{ printf "[%s]:[%d]" .Values.smtp.host .Values.smtp.port | quote }}
|
relayHost: {{ printf "[%s]:%d" .Values.smtp.host .Values.smtp.port | quote }}
|
||||||
relayNets: {{ .Values.cluster.networking.cidr | quote}}
|
relayNets: {{ .Values.cluster.networking.cidr | quote}}
|
||||||
virtualTransport: "lmtps:dovecot:24"
|
virtualTransport: "lmtps:dovecot:24"
|
||||||
smtpdSASLPath: "inet:dovecot:3659"
|
smtpdSASLPath: "inet:dovecot:3659"
|
||||||
|
|||||||
@@ -24,7 +24,9 @@ job:
|
|||||||
- username: "matrix_user"
|
- username: "matrix_user"
|
||||||
password: {{ .Values.secrets.postgresql.matrixUser | quote }}
|
password: {{ .Values.secrets.postgresql.matrixUser | quote }}
|
||||||
- username: "notificationsapi_user"
|
- username: "notificationsapi_user"
|
||||||
password: {{ .Values.secrets.postgresql.notificationsApiUser | quote }}
|
password: {{ .Values.secrets.postgresql.umsNotificationsApiUser | quote }}
|
||||||
|
- username: "selfservice_user"
|
||||||
|
password: {{ .Values.secrets.postgresql.umsSelfserviceUser | quote }}
|
||||||
databases:
|
databases:
|
||||||
- name: "keycloak"
|
- name: "keycloak"
|
||||||
user: "keycloak_user"
|
user: "keycloak_user"
|
||||||
@@ -37,6 +39,8 @@ job:
|
|||||||
additionalParams: "ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0"
|
additionalParams: "ENCODING 'UTF8' LC_COLLATE='C' LC_CTYPE='C' template=template0"
|
||||||
- name: "notificationsapi"
|
- name: "notificationsapi"
|
||||||
user: "notificationsapi_user"
|
user: "notificationsapi_user"
|
||||||
|
- name: "selfservice"
|
||||||
|
user: "selfservice_user"
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-store-dav"
|
- name: "ums-store-dav"
|
||||||
chart: "ums-repo/store-dav"
|
chart: "ums-repo/store-dav"
|
||||||
version: "0.5.2"
|
version: "0.7.0"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
@@ -101,7 +101,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-stack-data-ums"
|
- name: "ums-stack-data-ums"
|
||||||
chart: "ums-repo/stack-data-ums"
|
chart: "ums-repo/stack-data-ums"
|
||||||
version: "0.37.0"
|
version: "0.38.1"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
@@ -116,7 +116,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-stack-data-swp"
|
- name: "ums-stack-data-swp"
|
||||||
chart: "ums-repo/stack-data-swp"
|
chart: "ums-repo/stack-data-swp"
|
||||||
version: "0.37.0"
|
version: "0.38.1"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
@@ -131,7 +131,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-portal-server"
|
- name: "ums-portal-server"
|
||||||
chart: "ums-repo/portal-server"
|
chart: "ums-repo/portal-server"
|
||||||
version: "0.5.0"
|
version: "0.6.1"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
@@ -146,7 +146,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-notifications-api"
|
- name: "ums-notifications-api"
|
||||||
chart: "ums-repo/notifications-api"
|
chart: "ums-repo/notifications-api"
|
||||||
version: "0.5.0"
|
version: "0.6.1"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
@@ -161,7 +161,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-portal-listener"
|
- name: "ums-portal-listener"
|
||||||
chart: "ums-repo/portal-listener"
|
chart: "ums-repo/portal-listener"
|
||||||
version: "0.5.0"
|
version: "0.6.1"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
@@ -176,7 +176,7 @@ releases:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
- name: "ums-portal-frontend"
|
- name: "ums-portal-frontend"
|
||||||
chart: "ums-repo/portal-frontend"
|
chart: "ums-repo/portal-frontend"
|
||||||
version: "0.5.0"
|
version: "0.6.1"
|
||||||
values:
|
values:
|
||||||
- "values-common.gotmpl"
|
- "values-common.gotmpl"
|
||||||
- "values-common.yaml"
|
- "values-common.yaml"
|
||||||
|
|||||||
@@ -6,12 +6,12 @@ SPDX-License-Identifier: Apache-2.0
|
|||||||
postgresql:
|
postgresql:
|
||||||
bundled: false
|
bundled: false
|
||||||
connection:
|
connection:
|
||||||
host: {{ .Values.databases.notificationsApi.host | quote }}
|
host: {{ .Values.databases.umsNotificationsApi.host | quote }}
|
||||||
port: {{ .Values.databases.notificationsApi.port | quote }}
|
port: {{ .Values.databases.umsNotificationsApi.port | quote }}
|
||||||
auth:
|
auth:
|
||||||
username: {{ .Values.databases.notificationsApi.username | quote }}
|
username: {{ .Values.databases.umsNotificationsApi.username | quote }}
|
||||||
database: {{ .Values.databases.notificationsApi.name | quote }}
|
database: {{ .Values.databases.umsNotificationsApi.name | quote }}
|
||||||
password: {{ .Values.databases.notificationsApi.password | default .Values.secrets.postgresql.notificationsApiUser | quote }}
|
password: {{ .Values.databases.umsNotificationsApi.password | default .Values.secrets.postgresql.umsNotificationsApiUser | quote }}
|
||||||
|
|
||||||
image:
|
image:
|
||||||
registry: {{ .Values.global.imageRegistry }}
|
registry: {{ .Values.global.imageRegistry }}
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ SPDX-License-Identifier: Apache-2.0
|
|||||||
portalListener:
|
portalListener:
|
||||||
adminGroup: {{ printf "%s,%s" "cn=Domain Admins,cn=groups" .Values.ldap.baseDn | quote }}
|
adminGroup: {{ printf "%s,%s" "cn=Domain Admins,cn=groups" .Values.ldap.baseDn | quote }}
|
||||||
assetsRoot: {{ printf "%s%s%s" "http://portal-listener:" .Values.secrets.univentionManagementStack.storeDavUsers.portalListener "@ums-store-dav/portal-assets/" | quote }}
|
assetsRoot: {{ printf "%s%s%s" "http://portal-listener:" .Values.secrets.univentionManagementStack.storeDavUsers.portalListener "@ums-store-dav/portal-assets/" | quote }}
|
||||||
ucsInternalUrl: {{ printf "%s%s%s" "http://portal-listener:" .Values.secrets.univentionManagementStack.storeDavUsers.portalListener "@ums-store-dav/portal-data/" | quote }}
|
ucsInternalUrl: {{ printf "%s%s%s" "http://portal-listener:" .Values.secrets.univentionManagementStack.storeDavUsers.portalListener "@ums-store-dav/portal-data" | quote }}
|
||||||
|
|
||||||
ldapBaseDn: {{ .Values.ldap.baseDn | quote }}
|
ldapBaseDn: {{ .Values.ldap.baseDn | quote }}
|
||||||
ldapHost: {{ .Values.ldap.host | quote }}
|
ldapHost: {{ .Values.ldap.host | quote }}
|
||||||
|
|||||||
@@ -31,6 +31,9 @@ stackDataContext:
|
|||||||
userPassword: {{ .Values.secrets.univentionManagementStack.defaultAccounts.userPassword | quote }}
|
userPassword: {{ .Values.secrets.univentionManagementStack.defaultAccounts.userPassword | quote }}
|
||||||
adminPassword: {{ .Values.secrets.univentionManagementStack.defaultAccounts.adminPassword | quote }}
|
adminPassword: {{ .Values.secrets.univentionManagementStack.defaultAccounts.adminPassword | quote }}
|
||||||
|
|
||||||
|
userPassword: {{ .Values.secrets.univentionManagementStack.defaultAccounts.userPassword | quote }}
|
||||||
|
adminPassword: {{ .Values.secrets.univentionManagementStack.defaultAccounts.adminPassword | quote }}
|
||||||
|
|
||||||
image:
|
image:
|
||||||
registry: {{ .Values.global.imageRegistry | quote }}
|
registry: {{ .Values.global.imageRegistry | quote }}
|
||||||
repository: {{ .Values.images.umsDataLoader.repository | quote }}
|
repository: {{ .Values.images.umsDataLoader.repository | quote }}
|
||||||
|
|||||||
@@ -11,6 +11,19 @@ umcServer:
|
|||||||
|
|
||||||
smtpSecret: {{ .Values.smtp.password | quote }}
|
smtpSecret: {{ .Values.smtp.password | quote }}
|
||||||
|
|
||||||
|
postgresql:
|
||||||
|
connection:
|
||||||
|
host: {{ .Values.databases.umsSelfservice.host | quote }}
|
||||||
|
port: {{ .Values.databases.umsSelfservice.port | quote }}
|
||||||
|
auth:
|
||||||
|
username: {{ .Values.databases.umsSelfservice.username | quote }}
|
||||||
|
database: {{ .Values.databases.umsSelfservice.name | quote }}
|
||||||
|
password: {{ .Values.databases.umsSelfservice.password | default .Values.secrets.postgresql.umsSelfserviceUser | quote }}
|
||||||
|
postgresPassword: {{ .Values.secrets.postgresql.umsSelfserviceUser | quote }}
|
||||||
|
|
||||||
|
memcached:
|
||||||
|
server: {{ .Values.cache.umsSelfservice.host | quote }}
|
||||||
|
|
||||||
image:
|
image:
|
||||||
registry: {{ .Values.global.imageRegistry | quote }}
|
registry: {{ .Values.global.imageRegistry | quote }}
|
||||||
repository: {{ .Values.images.umsUmcServer.repository | quote }}
|
repository: {{ .Values.images.umsUmcServer.repository | quote }}
|
||||||
|
|||||||
@@ -43,11 +43,12 @@ extraVolumeMounts:
|
|||||||
mountPath: "/usr/share/univention-management-console/modules/udm-portals-announcement.xml"
|
mountPath: "/usr/share/univention-management-console/modules/udm-portals-announcement.xml"
|
||||||
subPath: "udm-portals-announcement.xml"
|
subPath: "udm-portals-announcement.xml"
|
||||||
|
|
||||||
|
postgresql:
|
||||||
|
bundled: false
|
||||||
|
|
||||||
memcached:
|
memcached:
|
||||||
bundled: false
|
bundled: false
|
||||||
server: "memcached"
|
|
||||||
auth:
|
auth:
|
||||||
username: null
|
username: null
|
||||||
password: null
|
password: null
|
||||||
|
|
||||||
...
|
...
|
||||||
|
|||||||
@@ -10,3 +10,4 @@ ingress:
|
|||||||
- hosts:
|
- hosts:
|
||||||
- {{ printf "%s.%s" .Values.global.hosts.univentionManagementStack .Values.global.domain | quote }}
|
- {{ printf "%s.%s" .Values.global.hosts.univentionManagementStack .Values.global.domain | quote }}
|
||||||
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
||||||
|
...
|
||||||
|
|||||||
@@ -7,6 +7,8 @@ ingress:
|
|||||||
service:
|
service:
|
||||||
type: "ClusterIP"
|
type: "ClusterIP"
|
||||||
|
|
||||||
|
fullnameOverride: "ums-stack-gateway"
|
||||||
|
|
||||||
# The content of the "serverBlock" does resemble the Ingress configuration of
|
# The content of the "serverBlock" does resemble the Ingress configuration of
|
||||||
# the UMS components. The "location" entries do intentionally reflect precisely
|
# the UMS components. The "location" entries do intentionally reflect precisely
|
||||||
# the respective paths which are configured.
|
# the respective paths which are configured.
|
||||||
@@ -15,7 +17,8 @@ serverBlock: |
|
|||||||
listen 8080;
|
listen 8080;
|
||||||
|
|
||||||
## portal-frontend
|
## portal-frontend
|
||||||
# The frontend does not own "/univention/portal", only these two bits
|
# The frontend does not own "/univention/portal" nor
|
||||||
|
# "/univention/selfservice", only these two bits
|
||||||
location = /univention/portal/ {
|
location = /univention/portal/ {
|
||||||
rewrite ^/univention/portal(/.*)$ $1 break;
|
rewrite ^/univention/portal(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-portal-frontend:80/;
|
proxy_pass http://ums-portal-frontend:80/;
|
||||||
@@ -24,6 +27,10 @@ serverBlock: |
|
|||||||
rewrite ^/univention/portal(/.*)$ $1 break;
|
rewrite ^/univention/portal(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-portal-frontend:80/;
|
proxy_pass http://ums-portal-frontend:80/;
|
||||||
}
|
}
|
||||||
|
location = /univention/selfservice/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80/;
|
||||||
|
}
|
||||||
|
|
||||||
# The following prefixes are owned by the frontend
|
# The following prefixes are owned by the frontend
|
||||||
location /univention/portal/css/ {
|
location /univention/portal/css/ {
|
||||||
@@ -50,6 +57,30 @@ serverBlock: |
|
|||||||
rewrite ^/univention/portal(/.*)$ $1 break;
|
rewrite ^/univention/portal(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-portal-frontend:80;
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
}
|
}
|
||||||
|
location /univention/selfservice/css/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
|
}
|
||||||
|
location /univention/selfservice/fonts/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
|
}
|
||||||
|
location /univention/selfservice/i18n/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
|
}
|
||||||
|
location /univention/selfservice/media/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
|
}
|
||||||
|
location /univention/selfservice/js/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
|
}
|
||||||
|
location /univention/selfservice/oidc/ {
|
||||||
|
rewrite ^/univention/selfservice(/.*)$ $1 break;
|
||||||
|
proxy_pass http://ums-portal-frontend:80;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
## frontend redirects
|
## frontend redirects
|
||||||
@@ -69,12 +100,19 @@ serverBlock: |
|
|||||||
absolute_redirect off;
|
absolute_redirect off;
|
||||||
return 302 /univention/portal/;
|
return 302 /univention/portal/;
|
||||||
}
|
}
|
||||||
|
location = /univention/selfservice {
|
||||||
|
absolute_redirect off;
|
||||||
|
return 302 /univention/selfservice/;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
## portal-server
|
## portal-server
|
||||||
location = /univention/portal/portal.json {
|
location = /univention/portal/portal.json {
|
||||||
proxy_pass http://ums-portal-server:80;
|
proxy_pass http://ums-portal-server:80;
|
||||||
}
|
}
|
||||||
|
location = /univention/selfservice/portal.json {
|
||||||
|
proxy_pass http://ums-portal-server:80;
|
||||||
|
}
|
||||||
location = /univention/portal/navigation.json {
|
location = /univention/portal/navigation.json {
|
||||||
proxy_pass http://ums-portal-server:80;
|
proxy_pass http://ums-portal-server:80;
|
||||||
}
|
}
|
||||||
@@ -89,6 +127,14 @@ serverBlock: |
|
|||||||
rewrite ^/univention/portal(/icons/logos/.*)$ /portal-assets$1 break;
|
rewrite ^/univention/portal(/icons/logos/.*)$ /portal-assets$1 break;
|
||||||
proxy_pass http://ums-store-dav:80;
|
proxy_pass http://ums-store-dav:80;
|
||||||
}
|
}
|
||||||
|
location /univention/selfservice/icons/entries/ {
|
||||||
|
rewrite ^/univention/selfservice(/icons/entries/.*)$ /portal-assets$1 break;
|
||||||
|
proxy_pass http://ums-store-dav:80;
|
||||||
|
}
|
||||||
|
location /univention/selfservice/icons/logos/ {
|
||||||
|
rewrite ^/univention/selfservice(/icons/logos/.*)$ /portal-assets$1 break;
|
||||||
|
proxy_pass http://ums-store-dav:80;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
## udm-rest-api
|
## udm-rest-api
|
||||||
@@ -128,27 +174,27 @@ serverBlock: |
|
|||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
location /univention/logout/ {
|
location /univention/logout {
|
||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
location /univention/saml/ {
|
location /univention/saml {
|
||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
location /univention/get/ {
|
location /univention/get {
|
||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
location /univention/set/ {
|
location /univention/set {
|
||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
location /univention/command/ {
|
location /univention/command {
|
||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
location /univention/upload/ {
|
location /univention/upload {
|
||||||
rewrite ^/univention(/.*)$ $1 break;
|
rewrite ^/univention(/.*)$ $1 break;
|
||||||
proxy_pass http://ums-umc-server:80;
|
proxy_pass http://ums-umc-server:80;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -13,4 +13,7 @@ cache:
|
|||||||
openproject:
|
openproject:
|
||||||
host: "memcached"
|
host: "memcached"
|
||||||
port: 11211
|
port: 11211
|
||||||
|
umsSelfservice:
|
||||||
|
host: "memcached"
|
||||||
|
port: 11211
|
||||||
...
|
...
|
||||||
|
|||||||
@@ -19,12 +19,6 @@ databases:
|
|||||||
host: "mariadb"
|
host: "mariadb"
|
||||||
username: "nextcloud_user"
|
username: "nextcloud_user"
|
||||||
password: ""
|
password: ""
|
||||||
notificationsApi:
|
|
||||||
name: "notificationsapi"
|
|
||||||
host: "postgresql"
|
|
||||||
port: 5432
|
|
||||||
username: "notificationsapi_user"
|
|
||||||
password: ""
|
|
||||||
openproject:
|
openproject:
|
||||||
name: "openproject"
|
name: "openproject"
|
||||||
host: "postgresql"
|
host: "postgresql"
|
||||||
@@ -42,6 +36,18 @@ databases:
|
|||||||
username: "matrix_user"
|
username: "matrix_user"
|
||||||
password: ""
|
password: ""
|
||||||
port: 5432
|
port: 5432
|
||||||
|
umsNotificationsApi:
|
||||||
|
name: "notificationsapi"
|
||||||
|
host: "postgresql"
|
||||||
|
port: 5432
|
||||||
|
username: "notificationsapi_user"
|
||||||
|
password: ""
|
||||||
|
umsSelfservice:
|
||||||
|
name: "selfservice"
|
||||||
|
host: "postgresql"
|
||||||
|
port: 5432
|
||||||
|
username: "selfservice_user"
|
||||||
|
password: ""
|
||||||
xwiki:
|
xwiki:
|
||||||
name: "xwiki"
|
name: "xwiki"
|
||||||
host: "mariadb"
|
host: "mariadb"
|
||||||
|
|||||||
@@ -205,7 +205,7 @@ images:
|
|||||||
# registryUrl=https://docker.io
|
# registryUrl=https://docker.io
|
||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
repository: "nextcloud"
|
repository: "nextcloud"
|
||||||
tag: "27.1.3-apache@sha256:ec46e99164ee7fa5d49e84784833e022be47f9f54f401bcb5a2d789f8c0bc149"
|
tag: "27.1.4-apache@sha256:bd277bec9a8cf7cc009865e15410c05e0f66ccb6269ed96841cc95dd37c214fe"
|
||||||
# @supplier: "Nextcloud Community"
|
# @supplier: "Nextcloud Community"
|
||||||
nextcloudExporter:
|
nextcloudExporter:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -396,7 +396,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/config-htpasswd"
|
repository: "souvap/tooling/images/univention/config-htpasswd"
|
||||||
tag: "0.5.2@sha256:c8627e0b73ee1d92f74d2ae8b06e4593ac93b6bbde55d56d0497f3510912924c"
|
tag: "0.7.0@sha256:8ffa8ce61fc55f67cdf740b3cd30e21d979506a1796028f5c6329da344b2e5db"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsDataLoader:
|
umsDataLoader:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -404,7 +404,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/data-loader"
|
repository: "souvap/tooling/images/univention/data-loader"
|
||||||
tag: "0.36.0@sha256:045e0e524cbdc93e174ce803a12e67dbb341211f3abbc0029200ee638a0a1eb7"
|
tag: "0.38.1@sha256:cef20b0224571eeda29f19e78340ab7d943e46b02275f9b9497605357be70e61"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsLdapNotifier:
|
umsLdapNotifier:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -428,7 +428,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/notifications-api"
|
repository: "souvap/tooling/images/univention/notifications-api"
|
||||||
tag: "0.5.2@sha256:192f0ebb77ec6191d1df1edb2427739c4a69a3733c7d423f55045db5b9209c64"
|
tag: "0.6.1@sha256:bdf0c5ba8b15c2e7f4daaf470254b13837bdc5fbaa98d9f441f33abd565acfc3"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsPortalListener:
|
umsPortalListener:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -436,7 +436,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/portal-listener"
|
repository: "souvap/tooling/images/univention/portal-listener"
|
||||||
tag: "0.5.2@sha256:a1834a98cf4f4686a74077cb6c2b094429a49875d05801745de7ee13eee38a07"
|
tag: "0.6.1@sha256:c418be054dfb2c6fe0e2e8870553c3b27269ae77b88a59cd6d790201cf7c3d17"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsPortalFrontend:
|
umsPortalFrontend:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -444,7 +444,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/portal-frontend"
|
repository: "souvap/tooling/images/univention/portal-frontend"
|
||||||
tag: "0.5.2@sha256:aca1d481e23cbba7a33d5f261be6196690a6b7f1e593f7ff96fc6f22edab2c6b"
|
tag: "0.6.1@sha256:0a4dc8ed47fd86eedd7bfd826b4538564194fe951000cff016eaa271382ed822"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsPortalServer:
|
umsPortalServer:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -452,7 +452,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/portal-server"
|
repository: "souvap/tooling/images/univention/portal-server"
|
||||||
tag: "0.5.2@sha256:ed982e41ac5b0b81946272acf00f76463901da4f4b3ad50282ec4c73fd4b5833"
|
tag: "0.6.1@sha256:dd9431c8a82e6fca89ef871de90947db2f594a349d634f0b1aa9669d0b3d5715"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsWaitForDependency:
|
umsWaitForDependency:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -460,7 +460,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/wait-for-dependency"
|
repository: "souvap/tooling/images/univention/wait-for-dependency"
|
||||||
tag: "0.5.0@sha256:78cfcc52b81f620374c4b827f0055be5339a7dd469d9b8df67e3bed547abd6bc"
|
tag: "0.6.1@sha256:e83fe2d7535167d1d1effe443fca0be431aa551ab31f172a84073b7d9ffec54b"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsStoreDav:
|
umsStoreDav:
|
||||||
# renovate:
|
# renovate:
|
||||||
@@ -468,7 +468,7 @@ images:
|
|||||||
# dependencyType=vendor
|
# dependencyType=vendor
|
||||||
# This is a preview and not part of the standard deployment.
|
# This is a preview and not part of the standard deployment.
|
||||||
repository: "souvap/tooling/images/univention/store-dav"
|
repository: "souvap/tooling/images/univention/store-dav"
|
||||||
tag: "0.5.2@sha256:1bc01b883a5ccd2612925e123da10f9d216389701d743f1cea4050633770639f"
|
tag: "0.7.0@sha256:732b0d2fdf320209de04403753d3bc80f9c73a46b237202a95305a332805f305"
|
||||||
# @supplier: "Univention"
|
# @supplier: "Univention"
|
||||||
umsUdmRestApi:
|
umsUdmRestApi:
|
||||||
# renovate:
|
# renovate:
|
||||||
|
|||||||
16
helmfile/environments/default/objectstore.gotmpl
Normal file
16
helmfile/environments/default/objectstore.gotmpl
Normal file
@@ -0,0 +1,16 @@
|
|||||||
|
{{/*
|
||||||
|
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
||||||
|
SPDX-License-Identifier: Apache-2.0
|
||||||
|
*/}}
|
||||||
|
---
|
||||||
|
objectstores:
|
||||||
|
openproject:
|
||||||
|
backend: "minio"
|
||||||
|
bucket: "openproject"
|
||||||
|
endpoint: ""
|
||||||
|
provider: "AWS"
|
||||||
|
region: ""
|
||||||
|
secret: ""
|
||||||
|
username: "openproject_user"
|
||||||
|
useIAMProfile: ""
|
||||||
|
...
|
||||||
@@ -38,7 +38,8 @@ secrets:
|
|||||||
keycloakExtensionUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_extensions_user" | sha1sum | quote }}
|
keycloakExtensionUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_extensions_user" | sha1sum | quote }}
|
||||||
matrixUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "matrix_user" | sha1sum | quote }}
|
matrixUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "matrix_user" | sha1sum | quote }}
|
||||||
openprojectUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "openproject_user" | sha1sum | quote }}
|
openprojectUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "openproject_user" | sha1sum | quote }}
|
||||||
notificationsApiUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "notificationsapi_user" | sha1sum | quote }}
|
umsNotificationsApiUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "notificationsapi_user" | sha1sum | quote }}
|
||||||
|
umsSelfserviceUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "selfservice_user" | sha1sum | quote }}
|
||||||
mariadb:
|
mariadb:
|
||||||
rootPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "root_password" | sha1sum | quote }}
|
rootPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "root_password" | sha1sum | quote }}
|
||||||
xwikiUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "xwiki_user" | sha1sum | quote }}
|
xwikiUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "mariadb" "xwiki_user" | sha1sum | quote }}
|
||||||
|
|||||||
Reference in New Issue
Block a user