From 82c4790bb2a73ade1dd25240a0858defb6b3d9f5 Mon Sep 17 00:00:00 2001 From: thread-koder Date: Sun, 5 Jun 2022 14:48:37 +0300 Subject: [PATCH] [etherpad] add the ldap plugin options to the chart --- charts/etherpad/Chart.yaml | 2 +- charts/etherpad/templates/configmap.yaml | 20 ++++++++++++++++++++ charts/etherpad/templates/deployment.yaml | 7 +++++++ charts/etherpad/values.yaml | 17 +++++++++++++++++ 4 files changed, 45 insertions(+), 1 deletion(-) diff --git a/charts/etherpad/Chart.yaml b/charts/etherpad/Chart.yaml index 5be8f36..730623d 100644 --- a/charts/etherpad/Chart.yaml +++ b/charts/etherpad/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.1.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/etherpad/templates/configmap.yaml b/charts/etherpad/templates/configmap.yaml index 2dac148..36fec64 100644 --- a/charts/etherpad/templates/configmap.yaml +++ b/charts/etherpad/templates/configmap.yaml @@ -11,6 +11,10 @@ data: DEFAULT_PAD_TEXT: {{ .Values.general.defaultPadText }} IP: {{ .Values.general.ip }} PORT: {{ .Values.general.port | quote }} + {{- if not .Values.existingSecret.enabled }} + ADMIN_PASSWORD: {{ .Values.general.adminCredentials.password | quote }} + USER_PASSWORD: {{ .Values.general.userPassword | quote }} + {{- end }} # Database configs DB_TYPE: {{ .Values.database.type }} DB_HOST: {{ .Values.database.host }} @@ -74,6 +78,22 @@ data: IMPORT_EXPORT_RATE_LIMIT_WINDOW: {{ .Values.advanced.limits.rateLimitWindow | quote }} COMMIT_RATE_LIMIT_DURATION: {{ .Values.advanced.limits.rateLimitDuration | quote }} COMMIT_RATE_LIMIT_POINTS: {{ .Values.advanced.limits.rateLimitPoints | quote }} + # ldap configs if enabled + {{- if .Values.ldap.enabled }} + LDAP_URL: {{ .Values.ldap.url }} + LDAP_ACCOUNT_BASE: {{ .Values.ldap.accountBase }} + LDAP_ACCOUNT_PATTERN: {{ .Values.ldap.accountPattern }} + LDAP_DISPLAY_NAME_ATTRIBUTE: {{ .Values.ldap.displayNameAttribute }} + LDAP_SEARCH_DN: {{ .Values.ldap.searchDN }} + {{- if not .Values.existingSecret.enabled }} + LDAP_PASSWORD: {{ .Values.ldap.ldapPassword }} + {{- end }} + LDAP_GROUP_SEARCH_BASE: {{ .Values.ldap.groupSearchBase }} + LDAP_GROUP_ATTRIBUTE: {{ .Values.ldap.groupAttribute }} + LDAP_SEARCH_SCOPE: {{ .Values.ldap.searchScope }} + LDAP_GROUP_SEARCH: {{ .Values.ldap.groupSearch }} + LDAP_ANONYMOUS_READ_ONLY: {{ .Values.ldap.anonymousReadOnly | quote }} + {{- end }} {{- range $key, $value := .Values.env }} {{ $key }}: {{ $value | quote }} {{- end }} \ No newline at end of file diff --git a/charts/etherpad/templates/deployment.yaml b/charts/etherpad/templates/deployment.yaml index 1dfb706..9ce263a 100644 --- a/charts/etherpad/templates/deployment.yaml +++ b/charts/etherpad/templates/deployment.yaml @@ -36,6 +36,13 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if .Values.existingSecret.enabled}} env: + {{- if .Values.ldap.enabled }} + - name: LDAP_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.existingSecret.secretName }} + key: {{ .Values.existingSecret.ldapPasswordKey }} + {{- end }} - name: ADMIN_PASSWORD valueFrom: secretKeyRef: diff --git a/charts/etherpad/values.yaml b/charts/etherpad/values.yaml index 7c1b486..f8f69e0 100644 --- a/charts/etherpad/values.yaml +++ b/charts/etherpad/values.yaml @@ -120,6 +120,23 @@ existingSecret: adminPasswordKey: admin_password userPasswordKey: user_password databasePasswordKey: db_password + ldapPasswordKey: ldap_password + +# if you are using the ldap authentication plugin, you can configure it here +ldap: + enabled: false + url: "" + accountBase: "" + accountPattern: "" + displayNameAttribute: "" + searchDN: "" + ldapPassword: "" + groupSearchBase: "" + groupAttribute: "" + groupAttributeIsDN: "" + searchScope: "" + groupSearch: "" + anonymousReadOnly: false serviceAccount: # Specifies whether a service account should be created