{{/*
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
SPDX-License-Identifier: Apache-2.0
*/}}
---
image:
  name: "{{ .Values.global.imageRegistry }}/{{ .Values.images.xwiki.repository }}"
  tag: "{{ .Values.images.xwiki.tag }}"
  pullPolicy: "{{ .Values.global.imagePullPolicy }}"

externalDB:
  password: {{ .Values.databases.xwiki.password | default .Values.secrets.mariadb.rootPassword | quote }}
  database: "{{ .Values.databases.xwiki.name }}"
  user: "{{ .Values.databases.xwiki.username }}"
  host: "{{ .Values.databases.xwiki.host }}"

customConfigs:
  "xwiki.cfg":
    "xwiki.superadminpassword": "{{ .Values.secrets.xwiki.superadminpassword }}"
    ## LDAP Server configuration
    # "xwiki.authentication.ldap.server": "univention-corporate-container"
    # xwiki.authentication.ldap.port: 389
    ## Authentication to the LDAP server
    # xwiki.authentication.ldap.bind_DN: "uid=ldapsearch_xwiki,cn=users,dc=swp-ldap,dc=internal"
    # xwiki.authentication.ldap.bind_pass: "{{ .Values.secrets.univentionCorporateServer.ldapSearch.xwiki }}"
    ## Base DN used for searching for users
    # xwiki.authentication.ldap.base_DN: "dc=swp-ldap,dc=internal"

  "xwiki.properties":
    "oidc.endpoint.authorization": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/auth"
    "oidc.endpoint.token": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/token"
    "oidc.endpoint.userinfo": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/userinfo"
    "oidc.endpoint.logout": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap/protocol/openid-connect/logout"
    "oidc.secret": {{ .Values.secrets.keycloak.clientSecret.xwiki }}
    "url.trustedDomains": "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}"
    "workplaceServices.navigationEndpoint": "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}/univention/portal/navigation.json"
    "workplaceServices.base": "https://{{ .Values.global.hosts.univentionCorporateServer }}.{{ .Values.global.domain }}"
    "workplaceServices.portalSecret": "{{ .Values.secrets.centralnavigation.apiKey }}"

properties:
  "attachment:xwiki:FlamingoThemes.Iceberg@logo.svg": "data:image/svg+xml;base64,{{ .Values.theme.imagery.logoHeaderSvg | b64enc }}"
  "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.brand-primary": "{{ .Values.theme.colors.primary }}"
  "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-bg": "{{ .Values.theme.colors.white }}"
  "property:xwiki:FlamingoThemes.Iceberg^FlamingoThemesCode.ThemeClass.navbar-default-link-hover-bg": "{{ .Values.theme.colors.secondaryGreyLight }}"
  ## Link LDAP users and users authenticated through OIDC
  # "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.addOIDCObject": 1
  # "property:xwiki:LDAPUserImport.WebHome^LDAPUserImport.LDAPUserImportConfigClass.OIDCIssuer": "https://{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}/realms/souvap"

ingress:
  enabled: {{ .Values.ingress.enabled }}
  className: "{{ .Values.ingress.ingressClassName }}"
  annotations:
    haproxy-ingress.github.io/headers: "X-Forwarded-Host {{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
  hosts:
    - host: "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"
      paths:
        - path: /
          pathType: "ImplementationSpecific"
  tls:
    - secretName: "{{ .Values.ingress.tls.secretName }}"
      hosts:
        - "{{ .Values.global.hosts.xwiki }}.{{ .Values.global.domain }}"

persistence:
  size: "{{ .Values.persistence.size.xwiki }}"
  storageClass: "{{ .Values.persistence.storageClassNames.RWO }}"

replicaCount: {{ .Values.replicas.xwiki }}

resources:
  {{ .Values.resources.xwiki | toYaml | nindent 2 }}
...