Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code
TrueChartsClone/charts/stable/guacamole-client/values.yaml

289 lines
8.2 KiB
YAML
Raw Blame History

image:
repository: tccr.io/truecharts/guacamole-client
pullPolicy: IfNotPresent
tag: v1.4.0@sha256:43f7b0575173f509b5215a89170dfea80ea07f0b2bfed405882a4bc7ec9dfa52
podSecurityContext:
runAsUser: 1001
runAsGroup: 1001
securityContext:
readOnlyRootFilesystem: false
service:
main:
ports:
main:
port: 9998
targetPort: 8080
env:
POSTGRES_DATABASE: "{{ .Values.postgresql.postgresqlDatabase }}"
POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}"
POSTGRES_PORT: 5432
GUACD_HOSTNAME: "localhost"
GUACD_PORT: 4822
envFrom:
- configMapRef:
name: guacamole-client-env
totp:
TOTP_ENABLED: false
# TOTP_ISSUER: "Apache Guacamole"
# TOTP_DIGITS: "6"
# TOTP_PERIOD: "30"
# TOTP_MODE: "sha1"
header:
HEADER_ENABLED: false
# HTTP_AUTH_HEADER: "REMOTE_USER"
api: {}
# API_SESSION_TIMEOUT: "60"
general: {}
# EXTENSION_PRIORITY: "openid"
json: {}
# JSON_SECRET_KEY: "random32charkey"
# JSON_TRUSTED_NETWORKS: "127.0.0.0/8, 10.0.0.0/8"
duo: {}
# DUO_API_HOSTNAME: "api-XXXXXXXX.duosecurity.com"
# DUO_INTEGRATION_KEY: "exactly20charkey"
# DUO_SECRET_KEY: "exactly40charkey"
# DUO_APPLICATION_KEY: "atleast40charkey"
cas: {}
# CAS_AUTHORIZATION_ENDPOINT: ""
# CAS_REDIRECT_URI: ""
# CAS_CLEARPASS_KEY: ""
# CAS_GROUP_ATTRIBUTE: ""
# CAS_GROUP_FORMAT: "plain"
# CAS_GROUP_LDAP_BASE_DN: ""
# CAS_GROUP_LDAP_ATTRIBUTE: ""
openid: {}
# OPENID_AUTHORIZATION_ENDPOINT: ""
# OPENID_JWKS_ENDPOINT: ""
# OPENID_ISSUER: ""
# OPENID_CLIENT_ID: ""
# OPENID_REDIRECT_URI: ""
# OPENID_USERNAME_CLAIM_TYPE: "email"
# OPENID_GROUPS_CLAIM_TYPE: "groups"
# OPENID_MAX_TOKEN_VALIDITY: "300"
radius: {}
# RADIUS_HOSTNAME: "localhost"
# RADIUS_AUTH_PORT: "1812"
# RADIUS_SHARED_SECRET: ""
# RADIUS_AUTH_PROTOCOL: "eap-tls"
# RADIUS_KEY_FILE: ""
# RADIUS_KEY_TYPE: "pkcs12"
# RADIUS_KEY_PASSWORD: ""
# RADIUS_CA_FILE: ""
# RADIUS_CA_TYPE: "pem"
# RADIUS_CA_PASSWORD: ""
# RADIUS_TRUST_ALL: "false"
# RADIUS_RETRIES: "5"
# RADIUS_TIMEOUT: "60"
# RADIUS_EAP_TTLS_INNER_PROTOCOL: "eap-tls"
ldap: {}
# LDAP_HOSTNAME: "localhost"
# LDAP_USER_BASE_DN: ""
# LDAP_PORT: "389"
# LDAP_ENCRYPTION_METHOD: "none"
# LDAP_MAX_SEARCH_RESULTS: "1000"
# LDAP_SEARCH_BIND_DN: ""
# LDAP_USER_ATTRIBUTES: ""
# LDAP_SEARCH_BIND_PASSWORD: ""
# LDAP_USERNAME_ATTRIBUTE: ""
# LDAP_MEMBER_ATTRIBUTE: ""
# LDAP_USER_SEARCH_FILTER: "(objectClass=*)"
# LDAP_CONFIG_BASE_DN: ""
# LDAP_GROUP_BASE_DN: ""
# LDAP_GROUP_SEARCH_FILTER: "(objectClass=*)"
# LDAP_MEMBER_ATTRIBUTE_TYPE: "dn"
# LDAP_GROUP_NAME_ATTRIBUTE: "cn"
# LDAP_DEREFERENCE_ALIASES: "never"
# LDAP_FOLLOW_REFERRALS: "false"
# LDAP_MAX_REFERRAL_HOPS: "5"
# LDAP_OPERATION_TIMEOUT: "30"
saml: {}
# SAML_IDP_METADATA_URL: ""
# SAML_IDP_URL:
# SAML_ENTITY_ID:
# SAML_CALLBACK_URL:
# SAML_STRICT:
# SAML_DEBUG:
# SAML_COMPRESS_REQUEST:
# SAML_COMPRESS_RESPONSE:
# SAML_GROUP_ATTRIBUTE:
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: guacamole
postgresqlDatabase: guacamole
envValueFrom:
POSTGRES_HOSTNAME:
secretKeyRef:
name: dbcreds
key: plainhost
POSTGRES_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
probes:
liveness:
path: "/guacamole"
readiness:
path: "/guacamole"
startup:
path: "/guacamole"
persistence:
initdbdata:
enabled: true
mountPath: "/initdbdata"
# Both temphack and temphackalso will be removed on the next image release
temphack:
enabled: true
mountPath: "/opt/guacamole/postgresql-hack"
temphackalso:
enabled: true
mountPath: "/opt/guacamole/postgresql"
initContainers:
1-creat-initdb-file:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
volumeMounts:
- name: initdbdata
mountPath: "/initdbdata"
command: ["/bin/sh", "-c"]
args:
- >
echo "Creating initdb.sql file...";
/opt/guacamole/bin/initdb.sh --postgres > /initdbdata/initdb.sql;
if [ -e /initdbdata/initdb.sql ];
then
echo "Init file created successfully!";
exit 0;
else
echo "Init file failed to create.";
exit 1;
fi;
2-initdb:
image: "{{ .Values.postgresqlImage.repository }}:{{ .Values.postgresqlImage.tag }}"
env:
- name: POSTGRES_DATABASE
value: "{{ .Values.postgresql.postgresqlDatabase }}"
- name: POSTGRES_USER
value: "{{ .Values.postgresql.postgresqlUsername }}"
- name: POSTGRES_PORT
value: "5432"
- name: POSTGRES_HOSTNAME
valueFrom:
secretKeyRef:
name: dbcreds
key: plainhost
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: dbcreds
key: postgresql-password
volumeMounts:
- name: initdbdata
mountPath: "/initdbdata"
command: ["/bin/sh", "-c"]
args:
- >
psql -h $POSTGRES_HOSTNAME -d $POSTGRES_DATABASE -U $POSTGRES_USER -p $POSTGRES_PORT -o '/dev/null' -c 'SELECT * FROM public.guacamole_user';
if [ $? -eq 0 ];
then
echo "DB already initialized. Skipping...";
else
echo "Initializing DB's schema...";
psql -h $POSTGRES_HOSTNAME -d $POSTGRES_DATABASE -U $POSTGRES_USER -p $POSTGRES_PORT -a -w -f /initdbdata/initdb.sql;
if [ $? -eq 0 ];
then
echo "DB's schema initialized successfully!";
exit 0;
else
echo "DB's schema failed to initialize.";
exit 1;
fi;
fi;
# Until they release an image with the updated driver, we need to manually replace it.
# https://issues.apache.org/jira/browse/GUACAMOLE-1433
# https://github.com/apache/guacamole-client/pull/655
# Both 3-temp-hach and 4-temp-hack will be removed on the next image release
3-temp-hack:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
securityContext:
runAsUser: 1001
runAsGroup: 1001
volumeMounts:
- name: temphack
mountPath: "/opt/guacamole/postgresql-hack"
command: ["/bin/sh", "-c"]
args:
- >
echo "Checing postgresql driver version...";
if [ -e /opt/guacamole/postgresql/postgresql-42.2.24.jre7.jar ];
then
echo "Version found is correct.";
exit 0;
else
echo "Old version found. Will try to download a known-to-work version.";
echo "Downloading (postgresql-42.2.24.jre7.jar)...";
curl -L "https://jdbc.postgresql.org/download/postgresql-42.2.24.jre7.jar" > "/opt/guacamole/postgresql-hack/postgresql-42.2.24.jre7.jar";
if [ -e /opt/guacamole/postgresql-hack/postgresql-42.2.24.jre7.jar ];
then
echo "Downloaded successfully!";
cp -r /opt/guacamole/postgresql/* /opt/guacamole/postgresql-hack/;
if [ -e /opt/guacamole/postgresql-hack/postgresql-9.4-1201.jdbc41.jar ];
then
echo "Removing old version... (postgresql-9.4-1201.jdbc41.jar)";
rm "/opt/guacamole/postgresql-hack/postgresql-9.4-1201.jdbc41.jar";
if [ $? -eq 0 ];
then
echo "Removed successfully!";
else
echo "Failed to remove.";
exit 1;
fi;
fi;
else
echo "Failed to download.";
exit 1;
fi;
fi;
4-temp-hack:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
securityContext:
runAsUser: 1001
runAsGroup: 1001
volumeMounts:
- name: temphack
mountPath: "/opt/guacamole/postgresql-hack"
- name: temphackalso
mountPath: "/opt/guacamole/postgresql"
command: ["/bin/sh", "-c"]
args:
- >
echo "Copying postgres driver into the final destination.";
cp -r /opt/guacamole/postgresql-hack/* /opt/guacamole/postgresql/;
if [ -e /opt/guacamole/postgresql/postgresql-42.2.24.jre7.jar ];
then
echo "Driver copied successfully!";
else
echo "Failed to copy the driver";
fi;
View Git Blame Copy Permalink