# Include{groups} questions: # Include{global} # Include{controller} # Include{controllerStatefullset} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - variable: secretEnv group: "Container Configuration" label: "Image Secrets" schema: additional_attrs: true type: dict attrs: - variable: LDAP_READONLY_USER_USERNAME label: "LDAP_READONLY_USER_USERNAME" schema: type: string required: true default: "readonly" - variable: LDAP_READONLY_USER_PASSWORD label: "LDAP_READONLY_USER_PASSWORD" schema: type: string required: true private: true default: "REPLACETHIS" - variable: LDAP_ADMIN_PASSWORD label: "LDAP_ADMIN_PASSWORD" schema: type: string required: true private: true default: "REPLACETHIS" - variable: LDAP_CONFIG_PASSWORD label: "LDAP_CONFIG_PASSWORD" schema: type: string required: true private: true default: "REPLACETHIS" - variable: env group: "App Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: LDAP_LOG_LEVEL label: "LDAP_LOG_LEVEL" schema: type: int required: true default: 256 - variable: LDAP_ORGANISATION label: "LDAP_ORGANISATION" schema: type: string required: true default: "Example Company or Household" - variable: LDAP_DOMAIN label: "LDAP_DOMAIN" schema: type: string required: true default: "example.org" - variable: LDAP_READONLY_USER label: "LDAP_READONLY_USER" schema: type: boolean default: false - variable: LDAP_RFC2307BIS_SCHEMA label: "LDAP_RFC2307BIS_SCHEMA" schema: type: boolean default: false - variable: LDAP_BACKEND label: "LDAP_BACKEND" schema: type: string required: true default: "mdb" - variable: LDAP_TLS label: "LDAP_TLS" schema: type: boolean default: true - variable: LDAP_TLS_ENFORCE label: "LDAP_TLS_ENFORCE" schema: type: boolean default: false - variable: LDAP_TLS_VERIFY_CLIENT label: "LDAP_TLS_VERIFY_CLIENT" schema: type: string required: true default: "never" - variable: LDAP_TLS_PROTOCOL_MIN label: "LDAP_TLS_PROTOCOL_MIN" schema: type: string required: true default: "3.0" - variable: LDAP_TLS_CIPHER_SUITE label: "LDAP_TLS_CIPHER_SUITE" schema: type: string required: true default: "NORMAL" - variable: LDAP_TLS_REQCERT label: "LDAP_TLS_REQCERT" schema: type: string required: true default: "never" - variable: CONTAINER_LOG_LEVEL label: "CONTAINER_LOG_LEVEL" schema: type: int required: true default: 4 - variable: KEEP_EXISTING_CONFIG label: "KEEP_EXISTING_CONFIG" schema: type: boolean default: false - variable: LDAP_REMOVE_CONFIG_AFTER_SETUP label: "LDAP_REMOVE_CONFIG_AFTER_SETUP" schema: type: boolean default: true - variable: LDAP_SSL_HELPER_PREFIX label: "LDAP_SSL_HELPER_PREFIX" schema: type: string required: true default: "ldap" - variable: LDAP_BASE_DN label: "LDAP_BASE_DN" schema: type: string required: true default: "" # Include{containerConfig} # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 389 required: true # Include{advancedPortTCP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 389 - variable: ldaps label: "ldaps Service" description: "The ldaps service" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: ldaps label: "ldaps Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 636 required: true # Include{advancedPortTCP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 636 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{vctRoot} additional_attrs: true type: dict attrs: - variable: data label: "App Data Storage" description: "Stores the Application Data." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} - variable: slapd label: "App slapd Storage" description: "Stores the Application slapd." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: false - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: false # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 0 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 0 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{documentation}