| Ivan Berezovskiy | b8bdd86 | 2019-02-08 14:48:56 +0400 | [diff] [blame] | 1 | parameters: |
| 2 | kubernetes: |
| 3 | common: |
| 4 | addons: |
| 5 | ingress-nginx: |
| 6 | tcp_data: |
| 7 | 389: drivetrain/openldap:389 |
| 8 | tcp_ports: |
| 9 | - 389 |
| 10 | control: |
| 11 | ingress: |
| 12 | ldap: |
| 13 | annotations: |
| 14 | - name: kubernetes.io/ingress.class |
| 15 | value: nginx |
| 16 | - name: nginx.ingress.kubernetes.io/ssl-redirect |
| 17 | value: false |
| 18 | - name: nginx.ingress.kubernetes.io/add-base-url |
| 19 | value: false |
| 20 | - name: nginx.ingress.kubernetes.io/rewrite-target |
| 21 | value: / |
| 22 | apiVersion: extensions/v1beta1 |
| 23 | cluster: drivetrain |
| 24 | enabled: true |
| 25 | create: true |
| 26 | namespace: drivetrain |
| 27 | rules: |
| 28 | hosts: |
| 29 | - paths: |
| 30 | /ldap: |
| 31 | service: openldap |
| 32 | port: 80 |
| 33 | service: |
| 34 | openldap: |
| 35 | enabled: true |
| 36 | cluster: drivetrain |
| 37 | service: openldap |
| 38 | create: true |
| 39 | namespace: drivetrain |
| 40 | ports: |
| 41 | - port: 389 |
| 42 | name: nonssl |
| 43 | - port: 636 |
| 44 | name: ssl |
| 45 | - port: 80 |
| 46 | name: admin |
| 47 | type: ClusterIP |
| 48 | apiVersion: extensions/v1beta1 |
| 49 | kind: Deployment |
| 50 | replicas: 1 |
| 51 | container: |
| 52 | ldap-server: |
| 53 | image: ${_param:docker_image_openldap} |
| 54 | image_pull_policy: IfNotPresent |
| 55 | variables: |
| 56 | - name: HOSTNAME |
| 57 | value: ldap01.${_param:openldap_domain} |
| 58 | - name: LDAP_ORGANISATION |
| 59 | value: ${_param:openldap_organisation} |
| 60 | - name: LDAP_DOMAIN |
| 61 | value: ${_param:openldap_domain} |
| 62 | - name: LDAP_ADMIN_PASSWORD |
| 63 | value: ${_param:openldap_admin_password} |
| 64 | - name: LDAP_CONFIG_PASSWORD |
| 65 | value: ${_param:openldap_config_password} |
| 66 | - name: LDAP_TLS |
| 67 | value: "'false'" |
| 68 | ports: |
| 69 | - port: 389 |
| 70 | name: nonssl |
| 71 | - port: 636 |
| 72 | name: ssl |
| 73 | volumes: |
| 74 | - name: data |
| 75 | mount: /var/lib/ldap |
| 76 | read_only: false |
| 77 | - name: config |
| 78 | mount: /etc/ldap/slapd.d |
| 79 | read_only: false |
| 80 | ldap-admin: |
| 81 | image: ${_param:docker_image_phpldapadmin} |
| 82 | image_pull_policy: IfNotPresent |
| 83 | variables: |
| 84 | - name: PHPLDAPADMIN_LDAP_HOSTS |
| 85 | value: "#PYTHON2BASH:[{'server': [{'server': [{'tls': False}]},{'login': [{'bind_id': 'cn=admin,${_param:openldap_dn}'},{'bind_pass': '${_param:openldap_admin_password}'}]}]}]" |
| 86 | - name: PHPLDAPADMIN_HTTPS |
| 87 | value: "'false'" |
| 88 | - name: PHPLDAPADMIN_TRUST_PROXY_SSL |
| 89 | value: "'true'" |
| 90 | - name: PHPLDAPADMIN_SERVER_ADMIN |
| 91 | value: ${_param:admin_email} |
| 92 | - name: PHPLDAPADMIN_THEME |
| 93 | value: mirantis |
| 94 | ports: |
| 95 | - port: 80 |
| 96 | name: admin |
| 97 | volume: |
| 98 | config: |
| 99 | type: glusterfs |
| 100 | endpoints: glusterfs |
| 101 | path: openldap-config |
| 102 | read_only: false |
| 103 | data: |
| 104 | type: glusterfs |
| 105 | endpoints: glusterfs |
| 106 | path: openldap-data |
| 107 | read_only: false |