-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathvalues-keyrock.yml
More file actions
141 lines (131 loc) · 4.74 KB
/
values-keyrock.yml
File metadata and controls
141 lines (131 loc) · 4.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
# Values for fiware/keyrock Helm Chart
#
# Chart values file:
# ref: https://github.com/FIWARE/helm-charts/blob/main/charts/keyrock/values.yaml
#
## statefulset specific configuration
statefulset:
## configuration of the image to be used
image:
## keyrock image name
## ref: https://hub.docker.com/r/fiware/idm
repository: fiware/idm
## tag of the image to be used
## For i4Trust related implementation, release >= 8.3.0 is required
tag: 8.3.3
## specification of the image pull policy
pullPolicy: IfNotPresent
## Set either an ingress or openshift route for making Keyrock externally available
##
## openshift specific route definition. Will not work on plain k8s
route:
## -- should the deployment create openshift routes
enabled: false
## ingress configuration
ingress:
## should there be an ingress to connect keyrock with the public internet
enabled: false
## database configuration for keyrock
db:
## host of the database to be used (K8s internal service hostname)
host: mysql.provider.svc.cluster.local
## user for connecting the database
user: root
## password for connecting the database (MySQL root password)
password: <mysql-root-password>
## admin configuration for accessing keyrock
admin:
## username of the initial keyrock admin
user: admin
## password of the initial admin
password: <keyrock-admin-password>
## email address of the admin user
email: my@mail.org
## Theme configuration for Keyrock
# This is optional and showcases how to add a theme for the Keyrock UI. This setup is
# using the Packet Delivery Co. theme of the demo setup.
theme:
## -- Enable theme
enabled: true
## -- Name of the theme
name: i4trust-pdc
## -- Size of PVCs to be created
size: 1Gi
## Image which holds the theme files
image: i4trust/keyrock-theme-pdc:1.0.0
## -- specification of the image pull policy
imagePullPolicy: Always
## Path to the source theme files inside the container
sourceTheme: /themes/i4trust-pdc
## Path to the source image files inside the container
sourceImg: /img/i4trust-pdc
## Optional: Path to the source favicon directory inside the container
sourceFavicon: /favicon
## Mount path for the source theme files
mountTheme: /opt/fiware-idm/themes/i4trust-pdc
## Mount path for the source image files
mountImg: /opt/fiware-idm/public/img/i4trust-pdc
## Mount path for the source favicon
mountFavicon: /opt/fiware-idm/public/favicon.ico
## Configuration of Authorisation Registry (AR)
authorisationRegistry:
# -- Enable usage of authorisation registry
enabled: true
# -- Identifier (EORI) of AR
identifier: "EU.EORI.NL000000004"
# -- URL of AR
# Set to "internal" in the case that the internal AR functionality should be used
url: "https://ar.isharetest.net"
# -- Token endpoint of AR
tokenEndpoint: "https://ar.isharetest.net/connect/token"
# -- Delegation endpoint of AR
delegationEndpoint: "https://ar.isharetest.net/delegation"
## Configuration of iSHARE Satellite
satellite:
# -- Enable usage of satellite
enabled: true
# -- Identifier (EORI) of satellite
identifier: "EU.EORI.NLi4TRUSTSAT"
# -- URL of satellite
url: "https://mw.i4trustsat.ishareworks.nl"
# -- Token endpoint of satellite
tokenEndpoint: "https://mw.i4trustsat.ishareworks.nl/connect/token"
# -- Parties endpoint of satellite
partiesEndpoint: "https://mw.i4trustsat.ishareworks.nl/parties"
## -- Configuration of local key and certificate for validation and generation of tokens
token:
# -- Enable storage of local key and certificate
enabled: true
# -- Identifier (EORI) of local organisation
identifier: "EU.EORI.NLPACKETDEL"
# -- String with private key in PEM format
key: |
-----BEGIN PRIVATE KEY-----
<Put key here>
-----END PRIVATE KEY-----
# -- String with certificate (chain) in PEM format
cert: |
-----BEGIN CERTIFICATE-----
<Put certificates here>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<Put intermediate certificates here>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<Put Root certificate here>
-----END CERTIFICATE-----
## a list of additional env vars to be set, check the keyrock docu for all available options
## ref: https://fiware-idm.readthedocs.io/en/latest/installation_and_administration_guide/environment_variables/index.html
additionalEnvVars:
# Title to be displayed on default theme UI
- name: IDM_TITLE
value: My Company IDP
# Name of the database to be created within the MySQL
- name: IDM_DB_NAME
value: idm
# Initialize and seed database on startup
- name: IDM_DB_SEED
value: "true"
# Maximum header size of internal web server
- name: IDM_SERVER_MAX_HEADER_SIZE
value: "32768"