mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-06 07:21:36 +01:00
92 lines
3.4 KiB
Go Template
92 lines
3.4 KiB
Go Template
{{/*
|
|
SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
|
|
SPDX-License-Identifier: Apache-2.0
|
|
*/}}
|
|
---
|
|
global:
|
|
keycloak:
|
|
host: "ums-keycloak.{{ .Release.Namespace }}.svc.{{ .Values.cluster.networking.domain }}:8080"
|
|
adminUsername: "kcadmin"
|
|
adminPassword: {{ .Values.secrets.keycloak.adminPassword | quote }}
|
|
adminRealm: "master"
|
|
realm: {{ .Values.platform.realm | quote }}
|
|
postgresql:
|
|
connection:
|
|
host: {{ .Values.databases.keycloakExtension.host | quote }}
|
|
port: {{ .Values.databases.keycloakExtension.port }}
|
|
auth:
|
|
database: {{ .Values.databases.keycloakExtension.name | quote }}
|
|
username: {{ .Values.databases.keycloakExtension.username | quote }}
|
|
password: {{ .Values.databases.keycloakExtension.password | default .Values.secrets.postgresql.keycloakExtensionUser | quote }}
|
|
handler:
|
|
image:
|
|
registry: {{ .Values.global.imageRegistry | default .Values.images.umsKeycloakExtensionHandler.registry | quote }}
|
|
repository: {{ .Values.images.umsKeycloakExtensionHandler.repository | quote }}
|
|
tag: {{ .Values.images.umsKeycloakExtensionHandler.tag | quote }}
|
|
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
imagePullSecrets: {{ .Values.global.imagePullSecrets }}
|
|
appConfig:
|
|
captchaProtectionEnable: false
|
|
smtpPassword: {{ .Values.smtp.password | quote }}
|
|
smtpHost: {{ .Values.smtp.host | quote }}
|
|
smtpPort: {{ .Values.smtp.port | quote }}
|
|
smtpUsername: {{ .Values.smtp.username | quote }}
|
|
mailFrom: "noreply@{{ .Values.global.domain }}"
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- "ALL"
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
readOnlyRootFilesystem: true
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
runAsNonRoot: true
|
|
resources:
|
|
{{ .Values.resources.umsKeycloakExtensionHandler | toYaml | nindent 4 }}
|
|
postgresql:
|
|
enabled: false
|
|
proxy:
|
|
image:
|
|
registry: {{ .Values.global.imageRegistry | default .Values.images.umsKeycloakExtensionProxy.registry | quote }}
|
|
repository: {{ .Values.images.umsKeycloakExtensionProxy.repository | quote }}
|
|
tag: {{ .Values.images.umsKeycloakExtensionProxy.tag | quote }}
|
|
imagePullPolicy: {{ .Values.global.imagePullPolicy | quote }}
|
|
imagePullSecrets: {{ .Values.global.imagePullSecrets }}
|
|
ingress:
|
|
annotations:
|
|
nginx.org/proxy-buffer-size: "8k"
|
|
nginx.ingress.kubernetes.io/proxy-buffer-size: "8k"
|
|
paths:
|
|
{{- if .Values.debug.enabled }}
|
|
- pathType: "Prefix"
|
|
path: "/admin"
|
|
{{- end }}
|
|
- pathType: "Prefix"
|
|
path: "/realms"
|
|
- pathType: "Prefix"
|
|
path: "/resources"
|
|
- pathType: "Prefix"
|
|
path: "/fingerprintjs"
|
|
enabled: {{ .Values.ingress.enabled }}
|
|
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
|
|
host: "{{ .Values.global.hosts.keycloak }}.{{ .Values.global.domain }}"
|
|
tls:
|
|
enabled: {{ .Values.ingress.tls.enabled }}
|
|
secretName: {{ .Values.ingress.tls.secretName | quote }}
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- "ALL"
|
|
seccompProfile:
|
|
type: "RuntimeDefault"
|
|
readOnlyRootFilesystem: true
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
runAsNonRoot: true
|
|
resources:
|
|
{{ .Values.resources.umsKeycloakExtensionProxy | toYaml | nindent 4 }}
|
|
...
|