# Copyright © 2020, Nordix Foundation, Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. global: readinessRepository: oomk8s readinessImage: readiness-check:2.0.1 mariadbGalera: &mariadbGalera #This flag allows EJBCA to instantiate its own mariadb-galera cluster localCluster: false service: mariadb-galera internalPort: 3306 nameOverride: mariadb-galera secrets: - uid: ejbca-db-secret name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret' type: basicAuth externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' login: '{{ .Values.config.db.userName }}' password: '{{ .Values.config.db.userPassword }}' - uid: ejbca-server-ra-iak name: '{{ include "common.release" . }}-ejbca-ra-iak' type: password password: '{{ .Values.config.ejbca.raIak }}' - uid: ejbca-server-client-iak name: '{{ include "common.release" . }}-ejbca-client-iak' type: password password: '{{ .Values.config.ejbca.clientIak }}' # application configuration config: db: userName: ejbca # userPassword: password # userCredentialsExternalSecret: some-secret ejbca: {} # raIak: mypassword # clientIak: mypassword mysqlDatabase: &dbName ejbca ################################################################# # Application configuration defaults. ################################################################# # application configuration replicaCount: 1 ejbca: image: primekey/ejbca-ce:6.15.2.5 pullPolicy: Always mariadb-galera: # '&mariadbConfig' means we "store" the values for later use in the file # with '*mariadbConfig' pointer. config: &mariadbConfig userCredentialsExternalSecret: *ejbca-db-secret mysqlDatabase: *dbName nameOverride: ejbca-galera service: name: ejbca-galera portName: ejbca-galera internalPort: 3306 replicaCount: 1 persistence: enabled: true mountSubPath: ejbca/maria/data mariadb-init: config: *mariadbConfig nameOverride: ejbca-config nodeSelector: {} affinity: {} # probe configuration parameters liveness: path: /ejbca/publicweb/healthcheck/ejbcahealth port: api initialDelaySeconds: 30 periodSeconds: 30 readiness: path: /ejbca/publicweb/healthcheck/ejbcahealth port: api initialDelaySeconds: 30 periodSeconds: 30 service: type: ClusterIP both_tls_and_plain: true ports: - name: api port: 8443 plain_port: 8080 port_protocol: http