Blame - roles/openstack_helm_keystone/vars/main.yml - atmosphere

blob: a3e15eb224b141485a23973ba136492d86bd91c7 [file] [log] [blame]

Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	1	# Copyright (c) 2022 VEXXHOST, Inc.
				2	#
				3	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				4	# not use this file except in compliance with the License. You may obtain
				5	# a copy of the License at
				6	#
				7	# http://www.apache.org/licenses/LICENSE-2.0
				8	#
				9	# Unless required by applicable law or agreed to in writing, software
				10	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				11	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
				12	# License for the specific language governing permissions and limitations
				13	# under the License.
				14
				15	_openstack_helm_keystone_values:
				16	endpoints: "{{ openstack_helm_endpoints }}"
				17	images:
Mohammed Naser	b9c32bf	2022-09-07 17:06:33 -0400	[diff] [blame]	18	pull_policy: Always
Michiel Piscaer	60d09f9	2023-01-20 18:58:55 +0100	[diff] [blame^]	19	tags: "{{ atmosphere_images \| vexxhost.atmosphere.openstack_helm_image_tags('keystone') }}"
Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	20	pod:
				21	# mounts = {
				22	# keystone_api = {
				23	# keystone_api = {
				24	# volumeMounts = [
				25	# {
				26	# name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name
				27	# mountPath = "/etc/keystone/ldap"
				28	# },
				29	# {
				30	# name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name
				31	# mountPath = "/var/lib/apache2/oidc"
				32	# }
				33	# ],
				34	# volumes = [
				35	# {
				36	# name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name
				37	# configMap = {
				38	# name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name
				39	# }
				40	# },
				41	# {
				42	# name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name
				43	# configMap = {
				44	# name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name
				45	# }
				46	# }
				47	# ]
				48	# }
				49	# }
				50	# },
				51	replicas:
				52	api: 3
				53	conf:
				54	keystone:
				55	DEFAULT:
				56	log_config_append: null
				57	auth:
				58	methods: password,token,openid,application_credential
				59	cors:
				60	allowed_origins: "*"
				61	federation:
				62	assertion_prefix: OIDC-
				63	remote_id_attribute: OIDC-iss
				64	# TODO(mnaser): Lookup using openstack_helm_endpoints
				65	trusted_dashboard: "https://{{ openstack_helm_endpoints_horizon_api_host }}/auth/websso/"
				66	identity:
Mohammed Naser	21edfca	2022-05-03 14:55:37 -0400	[diff] [blame]	67	domain_configurations_from_database: true
ricolin	2d8dd48	2022-07-07 06:55:02 +0800	[diff] [blame]	68	oslo_messaging_notifications:
				69	driver: noop
Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	70	manifests:
				71	job_credential_cleanup: false
				72	ingress_api: false
				73	service_ingress_api: false