oc-auth k8s integration
This commit is contained in:
@@ -22,10 +22,12 @@ mongodb:
|
||||
architecture: standalone
|
||||
useStatefulSet: false
|
||||
auth:
|
||||
enabled: true
|
||||
rootUser: root
|
||||
rootPassword: rootpwd
|
||||
usernames: []
|
||||
passwords: []
|
||||
databases: ["DC_myDC"]
|
||||
usernames: ["opencloud"]
|
||||
passwords: ["opencloud"]
|
||||
resourcesPreset: "small"
|
||||
replicaCount: 1
|
||||
persistence:
|
||||
@@ -110,6 +112,13 @@ openldap:
|
||||
description: Records the last UID used to create a Posix account. This prevents the re-use of a UID from a deleted account.
|
||||
cn: lastUID
|
||||
|
||||
dn: cn=everybody,ou=groups,dc=example,dc=com
|
||||
objectClass: top
|
||||
objectClass: posixGroup
|
||||
cn: everybody
|
||||
memberUid: admin
|
||||
gidNumber: 2003
|
||||
|
||||
02-ldapadmin.ldif : |-
|
||||
dn: cn=ldapadmin,ou=groups,dc=example,dc=com
|
||||
objectClass: top
|
||||
@@ -133,6 +142,31 @@ openldap:
|
||||
loginShell: /bin/bash
|
||||
homeDirectory: /home/ldapadmin
|
||||
|
||||
03-opencloudadmin.ldif : |-
|
||||
dn: cn=admin,ou=groups,dc=example,dc=com
|
||||
objectClass: top
|
||||
objectClass: posixGroup
|
||||
cn: admin
|
||||
memberUid: admin
|
||||
gidNumber: 2002
|
||||
|
||||
dn: uid=admin,ou=users,dc=example,dc=com
|
||||
givenName: John
|
||||
sn: Doe
|
||||
uid: admin
|
||||
mail: john.doe@example.com
|
||||
cn: JohnDoe
|
||||
objectClass: person
|
||||
objectClass: inetOrgPerson
|
||||
objectClass: posixAccount
|
||||
userPassword:: e0NSWVBUfSQ2JDdTZ0daU1FXJGw1ZWRTTHVDaDV6a0NvUlllZzFLd3MwUHRKQ
|
||||
jJQL09CQWdoc0RkbWhzTXJPcEpCbzR3b01yNWJQcjlubi8udWdzM25LcHlKQmt2eHVJWFM0eUQ1
|
||||
cnox
|
||||
uidNumber: 2002
|
||||
gidNumber: 2002
|
||||
loginShell: /bin/bash
|
||||
homeDirectory: /home/admin
|
||||
|
||||
# ldap user manager configuration
|
||||
ldapUserManager:
|
||||
enabled: true
|
||||
@@ -189,17 +223,31 @@ hydra:
|
||||
|
||||
keto:
|
||||
enabled: true
|
||||
keto:
|
||||
config:
|
||||
serve:
|
||||
read:
|
||||
port: 4466
|
||||
write:
|
||||
port: 4467
|
||||
metrics:
|
||||
port: 4468
|
||||
namespaces:
|
||||
- id: 0
|
||||
name: open-cloud
|
||||
dsn: memory
|
||||
|
||||
ocAuth:
|
||||
enabled: false
|
||||
image: oc-auth:latest
|
||||
enabled: true
|
||||
image: oc/oc-auth:0.0.1
|
||||
authType: hydra
|
||||
hydra:
|
||||
keto:
|
||||
adminRole: admin
|
||||
hydra:
|
||||
openCloudOauth2ClientSecretName: oc-auth-got-secret
|
||||
ldap:
|
||||
bindDn: "cn=admin,dc=example,dc=com"
|
||||
binPwd: "password"
|
||||
binPwd: "admin@password"
|
||||
baseDn: "dc=example,dc=com"
|
||||
roleBaseDn: "ou=AppRoles,dc=example,dc=com"
|
||||
resources:
|
||||
@@ -209,3 +257,9 @@ ocAuth:
|
||||
requests:
|
||||
cpu: "128m"
|
||||
memory: "256Mi"
|
||||
|
||||
loki:
|
||||
enabled: false
|
||||
|
||||
grafana:
|
||||
enabled: false
|
||||
Reference in New Issue
Block a user