summaryrefslogtreecommitdiffstats
path: root/kubernetes/contrib/components/ejbca/values.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/contrib/components/ejbca/values.yaml')
-rw-r--r--kubernetes/contrib/components/ejbca/values.yaml105
1 files changed, 105 insertions, 0 deletions
diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml
new file mode 100644
index 0000000000..0db7ca14be
--- /dev/null
+++ b/kubernetes/contrib/components/ejbca/values.yaml
@@ -0,0 +1,105 @@
+# Copyright © 2020, Nordix Foundation, Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+global:
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.1
+ mariadbGalera: &mariadbGalera
+ #This flag allows EJBCA to instantiate its own mariadb-galera cluster
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
+
+secrets:
+ - uid: ejbca-db-secret
+ name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret'
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
+ login: '{{ .Values.config.db.userName }}'
+ password: '{{ .Values.config.db.userPassword }}'
+ - uid: ejbca-server-ra-iak
+ name: '{{ include "common.release" . }}-ejbca-ra-iak'
+ type: password
+ password: '{{ .Values.config.ejbca.raIak }}'
+ - uid: ejbca-server-client-iak
+ name: '{{ include "common.release" . }}-ejbca-client-iak'
+ type: password
+ password: '{{ .Values.config.ejbca.clientIak }}'
+
+# application configuration
+config:
+ db:
+ userName: ejbca
+ # userPassword: password
+ # userCredentialsExternalSecret: some-secret
+ ejbca: {}
+ # raIak: mypassword
+ # clientIak: mypassword
+
+mysqlDatabase: &dbName ejbca
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application configuration
+replicaCount: 1
+
+ejbca:
+ image: primekey/ejbca-ce:6.15.2.5
+pullPolicy: Always
+
+mariadb-galera:
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
+ config: &mariadbConfig
+ userCredentialsExternalSecret: *ejbca-db-secret
+ mysqlDatabase: *dbName
+ nameOverride: ejbca-galera
+ service:
+ name: ejbca-galera
+ portName: ejbca-galera
+ internalPort: 3306
+ replicaCount: 1
+ persistence:
+ enabled: true
+ mountSubPath: ejbca/maria/data
+
+mariadb-init:
+ config: *mariadbConfig
+ nameOverride: ejbca-config
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+ path: /ejbca/publicweb/healthcheck/ejbcahealth
+ port: api
+ initialDelaySeconds: 30
+ periodSeconds: 30
+
+readiness:
+ path: /ejbca/publicweb/healthcheck/ejbcahealth
+ port: api
+ initialDelaySeconds: 30
+ periodSeconds: 30
+
+service:
+ type: ClusterIP
+ ports:
+ - name: api
+ port: 8443
+ plain_port: 8080
+ port_protocol: http