104 lines
2.6 KiB
YAML
104 lines
2.6 KiB
YAML
|
image:
|
||
|
repository: tccr.io/truecharts/openldap
|
||
|
pullPolicy: IfNotPresent
|
||
|
tag: v1.5.0@sha256:e0e2103decf985c6d908ac7d021032f53f3f0827397bbda106f55ed0b844b68b
|
||
|
|
||
|
securityContext:
|
||
|
readOnlyRootFilesystem: false
|
||
|
runAsNonRoot: false
|
||
|
|
||
|
podSecurityContext:
|
||
|
runAsUser: 0
|
||
|
runAsGroup: 0
|
||
|
|
||
|
controller:
|
||
|
# -- Set the controller type.
|
||
|
# Valid options are deployment, daemonset or statefulset
|
||
|
type: statefulset
|
||
|
# -- Number of desired pods
|
||
|
replicas: 1
|
||
|
# -- Set the controller upgrade strategy
|
||
|
# For Deployments, valid values are Recreate (default) and RollingUpdate.
|
||
|
# For StatefulSets, valid values are OnDelete and RollingUpdate (default).
|
||
|
# DaemonSets ignore this.
|
||
|
strategy: RollingUpdate
|
||
|
rollingUpdate:
|
||
|
# -- Set deployment RollingUpdate max unavailable
|
||
|
unavailable: 1
|
||
|
# -- Set deployment RollingUpdate max surge
|
||
|
surge:
|
||
|
# -- Set statefulset RollingUpdate partition
|
||
|
partition:
|
||
|
# -- ReplicaSet revision history limit
|
||
|
revisionHistoryLimit: 3
|
||
|
|
||
|
persistence:
|
||
|
varrun:
|
||
|
enabled: false
|
||
|
|
||
|
service:
|
||
|
main:
|
||
|
ports:
|
||
|
main:
|
||
|
port: 389
|
||
|
targetPort: 389
|
||
|
ldaps:
|
||
|
enabled: true
|
||
|
ports:
|
||
|
ldaps:
|
||
|
enabled: true
|
||
|
port: 636
|
||
|
targetPort: 636
|
||
|
|
||
|
secretEnv:
|
||
|
LDAP_ADMIN_PASSWORD: "ldapadmin"
|
||
|
LDAP_CONFIG_PASSWORD: "changeme"
|
||
|
LDAP_READONLY_USER_USERNAME: "readonly"
|
||
|
LDAP_READONLY_USER_PASSWORD: "readonly"
|
||
|
# Default configuration for openldap as environment variables. These get injected directly in the container.
|
||
|
# Use the env variables from https://github.com/osixia/docker-openldap#beginner-guide
|
||
|
env:
|
||
|
LDAP_LOG_LEVEL: 256
|
||
|
LDAP_ORGANISATION: "Example Inc."
|
||
|
LDAP_DOMAIN: "example.org"
|
||
|
LDAP_READONLY_USER: false
|
||
|
LDAP_RFC2307BIS_SCHEMA: false
|
||
|
LDAP_BACKEND: "mdb"
|
||
|
LDAP_TLS: true
|
||
|
LDAP_TLS_ENFORCE: false
|
||
|
LDAP_TLS_VERIFY_CLIENT: "never"
|
||
|
LDAP_TLS_PROTOCOL_MIN: "3.0"
|
||
|
LDAP_TLS_CIPHER_SUITE: "NORMAL"
|
||
|
LDAP_TLS_REQCERT: "never"
|
||
|
CONTAINER_LOG_LEVEL: 4
|
||
|
KEEP_EXISTING_CONFIG: false
|
||
|
LDAP_REMOVE_CONFIG_AFTER_SETUP: true
|
||
|
LDAP_SSL_HELPER_PREFIX: "ldap"
|
||
|
LDAP_BASE_DN: ""
|
||
|
|
||
|
replication:
|
||
|
enabled: false
|
||
|
# Enter the name of your cluster, defaults to "cluster.local"
|
||
|
clusterName: "cluster.local"
|
||
|
retry: 60
|
||
|
timeout: 1
|
||
|
interval: 00:00:00:10
|
||
|
starttls: "critical"
|
||
|
tls_reqcert: "never"
|
||
|
|
||
|
envFrom:
|
||
|
- configMapRef:
|
||
|
name: openldapconfig
|
||
|
|
||
|
# -- Used in conjunction with `controller.type: statefulset` to create individual disks for each instance.
|
||
|
volumeClaimTemplates:
|
||
|
data:
|
||
|
enabled: true
|
||
|
mountPath: "/var/lib/ldap/"
|
||
|
slapd:
|
||
|
enabled: true
|
||
|
mountPath: "/etc/ldap/slapd.d/"
|
||
|
|
||
|
portal:
|
||
|
enabled: false
|