You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
131 lines
3.5 KiB
131 lines
3.5 KiB
# Default values for openldap.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
replicaCount: 1
|
|
|
|
# Define deployment strategy - IMPORTANT: use rollingUpdate: null when use Recreate strategy.
|
|
# It prevents from merging with existing map keys which are forbidden.
|
|
strategy: {}
|
|
# type: RollingUpdate
|
|
# rollingUpdate:
|
|
# maxSurge: 1
|
|
# maxUnavailable: 0
|
|
#
|
|
# or
|
|
#
|
|
# type: Recreate
|
|
# rollingUpdate: null
|
|
image:
|
|
# From repository https://github.com/osixia/docker-openldap
|
|
repository: osixia/openldap
|
|
tag: 1.2.4
|
|
pullPolicy: IfNotPresent
|
|
|
|
# Spcifies an existing secret to be used for admin and config user passwords
|
|
existingSecret: ""
|
|
|
|
# settings for enabling TLS
|
|
tls:
|
|
enabled: false
|
|
secret: "ldap-sapian-cloud-tls-le" # The name of a kubernetes.io/tls type secret to use for TLS
|
|
CA:
|
|
enabled: false
|
|
secret: "" # The name of a generic secret to use for custom CA certificate (ca.crt)
|
|
## Add additional labels to all resources
|
|
extraLabels: {}
|
|
## Add additional annotations to pods
|
|
podAnnotations: {}
|
|
service:
|
|
annotations: {}
|
|
clusterIP: ""
|
|
|
|
ldapPort: 389
|
|
sslLdapPort: 636 # Only used if tls.enabled is true
|
|
## List of IP addresses at which the service is available
|
|
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
|
|
##
|
|
externalIPs: []
|
|
|
|
loadBalancerIP: ""
|
|
loadBalancerSourceRanges: []
|
|
type: ClusterIP
|
|
|
|
# Default configuration for openldap as environment variables. These get injected directly in the container.
|
|
# Use the env variables from https://github.com/osixia/docker-openldap#beginner-guide
|
|
env:
|
|
LDAP_ORGANISATION: "Sapian"
|
|
LDAP_DOMAIN: "sapian.com.co"
|
|
LDAP_BACKEND: "hdb"
|
|
LDAP_TLS: "false"
|
|
LDAP_TLS_ENFORCE: "false"
|
|
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
|
|
LDAP_READONLY_USER: "true"
|
|
LDAP_READONLY_USER_USERNAME: "ro"
|
|
LDAP_READONLY_USER_PASSWORD: "jichaiT0aecieviem6velaech3pheaze"
|
|
|
|
# Default Passwords to use, stored as a secret. If unset, passwords are auto-generated.
|
|
# You can override these at install time with
|
|
# helm install openldap --set openldap.adminPassword=<passwd>,openldap.configPassword=<passwd>
|
|
adminPassword: fCk5AhIzZP7gG2x8LvCEVCGZznxGTWsX
|
|
configPassword: FaeMooL2idierie9aechokai0Waa5wae
|
|
|
|
# Custom openldap configuration files used to override default settings
|
|
# customLdifFiles:
|
|
# 01-default-users.ldif: |-
|
|
# Predefine users here
|
|
|
|
## Persist data to a persistent volume
|
|
persistence:
|
|
enabled: true
|
|
## database data Persistent Volume Storage Class
|
|
## If defined, storageClassName: <storageClass>
|
|
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
|
## If undefined (the default) or set to null, no storageClassName spec is
|
|
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
|
## GKE, AWS & OpenStack)
|
|
##
|
|
# storageClass: "-"
|
|
accessMode: ReadWriteOnce
|
|
size: 1Gi
|
|
existingClaim: "openldap-pvc"
|
|
# annotations:
|
|
# helm.sh/resource-policy: "keep"
|
|
|
|
resources:
|
|
requests:
|
|
cpu: "100m"
|
|
memory: "128Mi"
|
|
limits:
|
|
cpu: "200m"
|
|
memory: "256Mi"
|
|
|
|
initResources: {}
|
|
# requests:
|
|
# cpu: "100m"
|
|
# memory: "128Mi"
|
|
# limits:
|
|
# cpu: "100m"
|
|
# memory: "128Mi"
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: topology.kubernetes.io/zone
|
|
operator: In
|
|
values:
|
|
- ssdnodes-seattle
|
|
|
|
## test container details
|
|
test:
|
|
enabled: false
|
|
image:
|
|
repository: dduportal/bats
|
|
tag: 0.4.0
|