101 lines
2.5 KiB
YAML
101 lines
2.5 KiB
YAML
image:
|
|
repository: tccr.io/truecharts/openldap
|
|
pullPolicy: IfNotPresent
|
|
tag: v1.5.0@sha256:0260d37c41f0c1207aaa642d7c786851385471a5ddf02bc6efc178241ddd8706
|
|
|
|
securityContext:
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: false
|
|
|
|
podSecurityContext:
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
|
|
controller:
|
|
# -- Set the controller type.
|
|
# Valid options are deployment, daemonset or statefulset
|
|
type: statefulset
|
|
# -- Number of desired pods
|
|
replicas: 1
|
|
# -- Set the controller upgrade strategy
|
|
# For Deployments, valid values are Recreate (default) and RollingUpdate.
|
|
# For StatefulSets, valid values are OnDelete and RollingUpdate (default).
|
|
# DaemonSets ignore this.
|
|
strategy: RollingUpdate
|
|
rollingUpdate:
|
|
# -- Set deployment RollingUpdate max unavailable
|
|
unavailable: 1
|
|
# -- Set deployment RollingUpdate max surge
|
|
surge:
|
|
# -- Set statefulset RollingUpdate partition
|
|
partition:
|
|
# -- ReplicaSet revision history limit
|
|
revisionHistoryLimit: 3
|
|
|
|
persistence:
|
|
varrun:
|
|
enabled: false
|
|
|
|
service:
|
|
main:
|
|
ports:
|
|
main:
|
|
port: 389
|
|
targetPort: 389
|
|
ldaps:
|
|
enabled: true
|
|
ports:
|
|
ldaps:
|
|
enabled: true
|
|
port: 636
|
|
targetPort: 636
|
|
|
|
secretEnv:
|
|
LDAP_ADMIN_PASSWORD: "ldapadmin"
|
|
LDAP_CONFIG_PASSWORD: "changeme"
|
|
LDAP_READONLY_USER_USERNAME: "readonly"
|
|
LDAP_READONLY_USER_PASSWORD: "readonly"
|
|
# Default configuration for openldap as environment variables. These get injected directly in the container.
|
|
# Use the env variables from https://github.com/osixia/docker-openldap#beginner-guide
|
|
env:
|
|
LDAP_LOG_LEVEL: 256
|
|
LDAP_ORGANISATION: "Example Inc."
|
|
LDAP_DOMAIN: "example.org"
|
|
LDAP_READONLY_USER: false
|
|
LDAP_RFC2307BIS_SCHEMA: false
|
|
LDAP_BACKEND: "mdb"
|
|
LDAP_TLS: true
|
|
LDAP_TLS_ENFORCE: false
|
|
LDAP_TLS_VERIFY_CLIENT: "never"
|
|
LDAP_TLS_PROTOCOL_MIN: "3.0"
|
|
LDAP_TLS_CIPHER_SUITE: "NORMAL"
|
|
LDAP_TLS_REQCERT: "never"
|
|
CONTAINER_LOG_LEVEL: 4
|
|
KEEP_EXISTING_CONFIG: false
|
|
LDAP_REMOVE_CONFIG_AFTER_SETUP: true
|
|
LDAP_SSL_HELPER_PREFIX: "ldap"
|
|
LDAP_BASE_DN: ""
|
|
|
|
replication:
|
|
enabled: false
|
|
# Enter the name of your cluster, defaults to "cluster.local"
|
|
clusterName: "cluster.local"
|
|
retry: 60
|
|
timeout: 1
|
|
interval: 00:00:00:10
|
|
starttls: "critical"
|
|
tls_reqcert: "never"
|
|
|
|
envFrom:
|
|
- configMapRef:
|
|
name: openldapconfig
|
|
|
|
# -- Used in conjunction with `controller.type: statefulset` to create individual disks for each instance.
|
|
volumeClaimTemplates:
|
|
data:
|
|
enabled: true
|
|
mountPath: "/var/lib/ldap/"
|
|
slapd:
|
|
enabled: true
|
|
mountPath: "/etc/ldap/slapd.d/"
|