Telecominfraproject/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2026-01-27 10:23:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d0d2be0870060fa5f2a94deec6e5e1bb0ce07e7a
wlan-cloud-ucentralsec/helm/values.yaml
Dmitry Dunaev d0d2be0870 Chg: helm image in values to new release candidate
2021-11-22 14:57:54 +03:00

288 lines
7.8 KiB
YAML
Raw Blame History

# System
replicaCount: 1
strategyType: Recreate
nameOverride: ""
fullnameOverride: ""
images:
owsec:
repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owsec
tag: v2.4.0-RC2
pullPolicy: Always
# regcred:
# registry: tip-tip-wlan-cloud-ucentral.jfrog.io
# username: username
# password: password
services:
owsec:
type: LoadBalancer
ports:
restapi:
servicePort: 16001
targetPort: 16001
protocol: TCP
restapiinternal:
servicePort: 17001
targetPort: 17001
protocol: TCP
checks:
owsec:
liveness:
httpGet:
path: /
port: 16101
readiness:
exec:
command:
- /readiness_check
failureThreshold: 1
ingresses:
restapi:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- restapi.chart-example.local
paths:
- path: /
serviceName: owsec
servicePort: restapi
volumes:
owsec:
- name: config
mountPath: /owsec-data/owsec.properties
subPath: owsec.properties
# Template below will be rendered in template
volumeDefinition: |
secret:
secretName: {{ include "owsec.fullname" . }}-config
- name: certs
mountPath: /owsec-data/certs
volumeDefinition: |
secret:
secretName: {{ include "owsec.fullname" . }}-certs
# Change this if you want to use another volume type
- name: persist
mountPath: /owsec-data/persist
volumeDefinition: |
persistentVolumeClaim:
claimName: {{ template "owsec.fullname" . }}-pvc
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# requests:
# cpu: 100m
# memory: 128Mi
# limits:
# cpu: 100m
# memory: 128Mi
securityContext:
fsGroup: 101
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
persistence:
enabled: true
# storageClassName: "-"
accessModes:
- ReadWriteOnce
size: 10Gi
annotations: {}
# Application
public_env_variables:
OWSEC_ROOT: /owsec-data
OWSEC_CONFIG: /owsec-data
# Environment variables required for the readiness checks using script
FLAGS: "-s --connect-timeout 3"
# NOTE in order for readiness check to use system info you need to set READINESS_METHOD to "systeminfo" and set OWSEC to the OWSEC's REST API endpoint
#READINESS_METHOD: systeminfo
secret_env_variables:
OWSEC_USERNAME: tip@ucentral.com
OWSEC_PASSWORD: openwifi
configProperties:
# -> Public part
# REST API
openwifi.restapi.host.0.backlog: 100
openwifi.restapi.host.0.security: relaxed
openwifi.restapi.host.0.rootca: $OWSEC_ROOT/certs/restapi-ca.pem
openwifi.restapi.host.0.address: "*"
openwifi.restapi.host.0.port: 16001
openwifi.restapi.host.0.cert: $OWSEC_ROOT/certs/restapi-cert.pem
openwifi.restapi.host.0.key: $OWSEC_ROOT/certs/restapi-key.pem
openwifi.restapi.wwwassets: $OWSEC_ROOT/persist/wwwassets
openwifi.internal.restapi.host.0.backlog: 100
openwifi.internal.restapi.host.0.security: relaxed
openwifi.internal.restapi.host.0.rootca: $OWSEC_ROOT/certs/restapi-ca.pem
openwifi.internal.restapi.host.0.address: "*"
openwifi.internal.restapi.host.0.port: 17001
openwifi.internal.restapi.host.0.cert: $OWSEC_ROOT/certs/restapi-cert.pem
openwifi.internal.restapi.host.0.key: $OWSEC_ROOT/certs/restapi-key.pem
# Authentication
authentication.enabled: true
authentication.default.access: master
authentication.service.type: internal
# Mailer
mailer.hostname: smtp.gmail.com
mailer.sender: OpenWIFI
mailer.loginmethod: login
mailer.port: 587
mailer.templates: $OWSEC_ROOT/persist/templates
# ALB
alb.enable: "true"
alb.port: 16101
# Kafka
openwifi.kafka.enable: "false"
openwifi.kafka.group.id: security
openwifi.kafka.client.id: security1
openwifi.kafka.brokerlist: localhost:9092
openwifi.kafka.auto.commit: false
openwifi.kafka.queue.buffering.max.ms: 50
# Storage
storage.type: sqlite # (sqlite|postgresql|mysql|odbc)
## SQLite
storage.type.sqlite.db: devices.db
storage.type.sqlite.idletime: 120
storage.type.sqlite.maxsessions: 128
## PostgreSQL
storage.type.postgresql.maxsessions: 64
storage.type.postgresql.idletime: 60
storage.type.postgresql.host: localhost
storage.type.postgresql.database: owsec
storage.type.postgresql.port: 5432
storage.type.postgresql.connectiontimeout: 60
## MySQL
storage.type.mysql.maxsessions: 64
storage.type.mysql.idletime: 60
storage.type.mysql.host: localhost
storage.type.mysql.database: owsec
storage.type.mysql.port: 3306
storage.type.mysql.connectiontimeout: 60
# System
openwifi.service.key: $OWSEC_ROOT/certs/restapi-key.pem
openwifi.system.data: $OWSEC_ROOT/persist
openwifi.system.debug: "true"
openwifi.system.uri.private: https://localhost:17001
openwifi.system.uri.public: https://localhost:16001
openwifi.system.uri.ui: https://localhost
openwifi.system.commandchannel: /tmp/app_owsec
# Logging
logging.formatters.f1.class: PatternFormatter
logging.formatters.f1.pattern: "%Y-%m-%d %H:%M:%S %s: [%p] %t"
logging.formatters.f1.times: UTC
logging.channels.c1.class: ConsoleChannel
logging.channels.c1.formatter: f1
logging.channels.c2.class: FileChannel
logging.channels.c2.path: /tmp/log_owsec
logging.channels.c2.formatter.class: PatternFormatter
logging.channels.c2.formatter.pattern: "%Y-%m-%d %H:%M:%S %s: [%p] %t"
logging.channels.c2.rotation: "20 M"
logging.channels.c2.archive: timestamp
logging.channels.c2.purgeCount: 20
logging.channels.c3.class: ConsoleChannel
logging.channels.c3.pattern: "%s: [%p] %t"
logging.loggers.root.channel: c1
logging.loggers.root.level: debug
# -> Secret part
# REST API
openwifi.restapi.host.0.key.password: mypassword
openwifi.internal.restapi.host.0.key.password: mypassword
# Authentication
authentication.default.username: tip@ucentral.com
authentication.default.password: 13268b7daa751240369d125e79c873bd8dd3bef7981bdfd38ea03dbb1fbe7dcf
# Mailer
mailer.username: no-reply@arilia.com
mailer.password: "**************************"
# Storage
## PostgreSQL
storage.type.postgresql.username: stephb
storage.type.postgresql.password: snoopy99
## MySQL
storage.type.mysql.username: stephb
storage.type.mysql.password: snoopy99
certs:
# restapi-ca.pem: ""
# restapi-cert.pem: ""
# restapi-key.pem: ""
# PostgreSQL (https://github.com/bitnami/charts/tree/master/bitnami/postgresql)
postgresql:
enabled: false
image:
registry: docker.io
repository: bitnami/postgresql
tag: 11.13.0-debian-10-r0
postgresqlPostgresPassword: "rootPassword"
postgresqlUsername: stephb
postgresqlPassword: snoopy99
postgresqlDatabase: owgw
persistence:
enabled: true
storageClass: ""
size: 8Gi
# MySQL (https://github.com/bitnami/charts/tree/master/bitnami/mysql)
mysql:
enabled: false
image:
registry: docker.io
repository: bitnami/mysql
tag: 8.0.26-debian-10-r10
auth:
rootPassword: rootPassword
database: owgw
username: stephb
password: snoopy99
primary:
persistence:
enabled: true
storageClass: ""
size: 8Gi
# MariaDB (https://github.com/bitnami/charts/tree/master/bitnami/mariadb)
mariadb:
enabled: false
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.5.12-debian-10-r0
auth:
rootPassword: rootPassword
database: owgw
username: stephb
password: snoopy99
primary:
persistence:
enabled: true
storageClass: ""
size: 8Gi
Reference in New Issue View Git Blame Copy Permalink