Blame - roles/keystone/vars/main.yml - atmosphere

blob: fc16ccd72a05f33f5127aae242533e22b7080c40 [file] [log] [blame]

Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	1	# Copyright (c) 2022 VEXXHOST, Inc.
				2	#
				3	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				4	# not use this file except in compliance with the License. You may obtain
				5	# a copy of the License at
				6	#
				7	# http://www.apache.org/licenses/LICENSE-2.0
				8	#
				9	# Unless required by applicable law or agreed to in writing, software
				10	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				11	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
				12	# License for the specific language governing permissions and limitations
				13	# under the License.
				14
Mohammed Naser	2145fc3	2023-01-29 23:23:03 +0000	[diff] [blame]	15	_keystone_helm_values:
Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	16	endpoints: "{{ openstack_helm_endpoints }}"
				17	images:
Michiel Piscaer	60d09f9	2023-01-20 18:58:55 +0100	[diff] [blame]	18	tags: "{{ atmosphere_images \| vexxhost.atmosphere.openstack_helm_image_tags('keystone') }}"
Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	19	pod:
				20	# mounts = {
				21	# keystone_api = {
				22	# keystone_api = {
				23	# volumeMounts = [
				24	# {
				25	# name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name
				26	# mountPath = "/etc/keystone/ldap"
				27	# },
				28	# {
				29	# name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name
				30	# mountPath = "/var/lib/apache2/oidc"
				31	# }
				32	# ],
				33	# volumes = [
				34	# {
				35	# name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name
				36	# configMap = {
				37	# name = kubernetes_config_map.keystone_ldap_ca.metadata[0].name
				38	# }
				39	# },
				40	# {
				41	# name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name
				42	# configMap = {
				43	# name = kubernetes_config_map.keystone_openid_connect_metadata.metadata[0].name
				44	# }
				45	# }
				46	# ]
				47	# }
				48	# }
				49	# },
				50	replicas:
				51	api: 3
				52	conf:
				53	keystone:
				54	DEFAULT:
				55	log_config_append: null
				56	auth:
				57	methods: password,token,openid,application_credential
				58	cors:
				59	allowed_origins: "*"
				60	federation:
				61	assertion_prefix: OIDC-
				62	remote_id_attribute: OIDC-iss
				63	# TODO(mnaser): Lookup using openstack_helm_endpoints
				64	trusted_dashboard: "https://{{ openstack_helm_endpoints_horizon_api_host }}/auth/websso/"
				65	identity:
Mohammed Naser	21edfca	2022-05-03 14:55:37 -0400	[diff] [blame]	66	domain_configurations_from_database: true
ricolin	2d8dd48	2022-07-07 06:55:02 +0800	[diff] [blame]	67	oslo_messaging_notifications:
				68	driver: noop
Mohammed Naser	b7b97d6	2022-03-12 16:30:00 -0500	[diff] [blame]	69	manifests:
				70	job_credential_cleanup: false
				71	ingress_api: false
				72	service_ingress_api: false