sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 07:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
a151502ea9f72b9a8f2fe0fbcdf45855cf8b1352
opendesk/helmfile/apps/provisioning/values-oxconnector.yaml.gotmpl
Dominik Kaminski 02d04faa2a fix(helmfile): Add seLinuxOptions for all applications
2024-02-14 11:53:53 +00:00

92 lines
2.5 KiB
Go Template
Raw Blame History

# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS"
# SPDX-License-Identifier: Apache-2.0
---
image:
registry: {{ .Values.global.imageRegistry | default .Values.images.oxConnector.registry | quote }}
repository: {{ .Values.images.oxConnector.repository | quote }}
pullPolicy: {{ .Values.global.imagePullPolicy | quote }}
tag: {{ .Values.images.oxConnector.tag | quote }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . | quote }}
{{- end }}
ingress:
enabled: false
oxConnector:
caCert: "ucctempldapstring"
debugLevel: {{ if .Values.debug.enabled }}"4"{{ else }}"1"{{ end }}
domainName: {{ .Values.global.domain | quote }}
ldapHost: {{ .Values.ldap.host | quote }}
logLevel: {{ if .Values.debug.enabled }}"DEBUG"{{ else }}"INFO"{{ end }}
ldapPassword: {{ .Values.secrets.univentionManagementStack.ldapSecret | quote }}
ldapBaseDn: "dc=swp-ldap,dc=internal"
ldapHostDn: "cn=admin,dc=swp-ldap,dc=internal"
tlsMode: "off"
notifierServer: {{ .Values.ldap.notifierHost | quote }}
oxDefaultContext: "1"
oxImapServer: "imap://127.0.0.1:143"
oxLocalTimezone: "Europe/Berlin"
oxLanguage: "de_DE"
oxMasterAdmin: "admin"
oxMasterPassword: {{ .Values.secrets.oxAppsuite.adminPassword | quote }}
oxSmtpServer: "smtp://127.0.0.1:587"
oxSoapServer: "https://{{ .Values.global.hosts.openxchange }}.{{ .Values.istio.domain }}"
resources:
{{ .Values.resources.oxConnector | toYaml | nindent 2 }}
persistence:
storageClass: {{ .Values.persistence.storageClassNames.RWO | quote }}
## Container deployment probes
probes:
liveness:
enabled: true
initialDelaySeconds: 120
timeoutSeconds: 3
periodSeconds: 30
failureThreshold: 3
successThreshold: 1
readiness:
enabled: true
initialDelaySeconds: 30
timeoutSeconds: 3
periodSeconds: 15
failureThreshold: 30
successThreshold: 1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
add:
- "CHOWN"
- "DAC_OVERRIDE"
- "FOWNER"
- "FSETID"
- "KILL"
- "SETGID"
- "SETUID"
- "SETPCAP"
- "NET_BIND_SERVICE"
- "NET_RAW"
- "SYS_CHROOT"
privileged: false
seccompProfile:
type: "RuntimeDefault"
runAsUser: 0
runAsGroup: 0
runAsNonRoot: false
readOnlyRootFilesystem: false
seLinuxOptions: {{ .Values.seLinuxOptions.oxConnector }}
serviceAccount:
create: true
...
Reference in New Issue View Git Blame Copy Permalink