Configuration reference

9. Configuration reference#

This section provides a reference for the configuration values of the Helm Chart used to deploy Univention Nubus for Kubernetes. For overwriting default values before installation of the Helm Chart, refer to Customizing the Chart Before Installation.

The build process for this document automatically generates this reference from the Nubus for Kubernetes Helm Chart.

9.1. Aliases#

Throughout the Nubus for Kubernetes documentation you may find Helm Chart values that use their alias names and not the canonical name. The following namespaces use aliases:

Table 9.1 Helm Chart namespace aliases#
Alias	Namespace	Definition
`guardian`	nubusGuardian	`nubusGuardian.nameOverride`
`keycloak-bootstrap`	nubusKeycloakBootstrap	`nubusKeycloakBootstrap.nameOverride`
`keycloak-extensions`	nubusKeycloakExtensions	`nubusKeycloakExtensions.nameOverride`
`ldap-notifier`	nubusLdapNotifier	`nubusLdapNotifier.nameOverride`
`ldap-server`	nubusLdapServer	`nubusLdapServer.nameOverride`
`notifications-api`	nubusNotificationsApi	`nubusNotificationsApi.nameOverride`
`portal-consumer`	nubusPortalConsumer	`nubusPortalConsumer.nameOverride`
`portal-frontend`	nubusPortalFrontend	`nubusPortalFrontend.nameOverride`
`portal-server`	nubusPortalServer	`nubusPortalServer.nameOverride`
`provisioning`	nubusProvisioning	`nubusProvisioning.nameOverride`
`provisioning-listener`	nubusUdmListener	`nubusUdmListener.nameOverride`
`selfservice-listener`	nubusSelfServiceConsumer	`nubusSelfServiceConsumer.nameOverride`
`stack-data-ums`	nubusStackDataUms	`nubusStackDataUms.nameOverride`
`udm-rest-api`	nubusUdmRestApi	`nubusUdmRestApi.nameOverride`
`umc-gateway`	nubusUmcGateway	`nubusUmcGateway.nameOverride`
`umc-server`	nubusUmcServer	`nubusUmcServer.nameOverride`

9.2. Helm Chart reference#

Name:: nubus
Version:: 1.0.0
Description:: Univention Nubus

You find the configuration options for nubus in the following sections.

9.2.1. `global`#

global.nubusDeployment#

Indicates to all subcharts that they are being used as part of a Nubus deployment.

Default value: true

global.nubusMasterPassword#

Master password from which other passwords are derived.

Default value: ""

global.ldap.baseDn#: Default value: ""

global.ldap.domainName#: Default value: ""

global.ldap.auth.cnAdmin.password#: Default value: null

global.domain#: Default value: ""

global.subDomains.portal#: Default value: "portal"

global.subDomains.keycloak#: Default value: "id"

global.ingressClass#: Default value: ""

global.certManagerIssuer#: Default value: ""

global.postgresql.connection.host#: Default value: ""

global.postgresql.connection.port#: Default value: ""

global.objectStorage.bucket#: Default value: "nubus"

global.objectStorage.connection.host#: Default value: ""

global.objectStorage.connection.port#: Default value: ""

global.objectStorage.connection.protocol#: Default value: ""

global.objectStorage.connection.endpoint#: Default value: ""

global.memcached.connection.host#: Default value: ""

global.memcached.auth.username#: Default value: ""

global.keycloak.realm#: Default value: "nubus"

global.enablePlainUmcLogin#

Allow plain UMC login (otherwise only SAML login is possible) Be aware this will expose the UMC login page to the public, which can circumvent 2FA and other security measures placed in the IdP.

Default value: false

global.configMapUcr#

Default value:

"{{ .Release.Name }}-stack-data-ums-ucr"

global.configUcr.umc.module.debug.level#: Default value: 2

global.configUcr.umc.server.debug.level#: Default value: 2

global.configUcr.apache2.loglevel#: Default value: "info"

global.extensions#

Extensions to load. Add entries to load additional extensions into Nubus.

Default value: []

global.systemExtensions#

Allows to configure the system extensions to load. This is intended for internal usage, prefer to use global.extensions for user configured extensions.

Default value:

[{"name": "portal", "image": {"registry": "artifacts.software-univention.de", "repository": "nubus/images/portal-extension", "imagePullPolicy": "IfNotPresent", "tag": "0.44.3@sha256:734efc0adda680526dde09387db964612f9e0ab020382580984488cc993c68f0"}}]

9.2.2. `additionalAnnotations`#

additionalAnnotations#

Additional custom annotations to add to all objects deployed directly by the umbrella chart.

Default value: {}

9.2.3. `additionalLabels`#

additionalLabels#

Additional custom labels to add to all objects deployed directly by the umbrella chart.

Default value: {}

9.2.4. `certificates`#

certificates.enabled#

Enable SAML self-signed certificate generation. This required cert-manager.io

Default value: true

9.2.5. `ingress`#

ingress.enabled#

Enable creation of Ingress.

Default value: true

ingress.host#

Define the Fully Qualified Domain Name (FQDN) where application should be reachable.

Default value: ""

ingress.certManager.enabled#

Enable cert-manager.io annotaion.

Default value: true

ingress.certManager.issuerRef.name#

Name of cert-manager.io Issuer resource.

Default value: ""

ingress.certManager.issuerRef.kind#

Type of Issuer, f.e. “Issuer” or “ClusterIssuer”.

Default value: "ClusterIssuer"

ingress.ingressClassName#

The Ingress controller class name.

Default value: ""

ingress.annotations.nginx.ingress.kubernetes.io/proxy-body-size#: Default value: "128k"

ingress.annotations.nginx.ingress.kubernetes.io/proxy-buffer-size#: Default value: "64k"

ingress.annotations.nginx.ingress.kubernetes.io/proxy-buffers-number#: Default value: "4"

ingress.annotations.nginx.ingress.kubernetes.io/proxy-busy-buffers-size#: Default value: "128k"

ingress.annotations.nginx.ingress.kubernetes.io/proxy-http-version#: Default value: "1.1"

ingress.annotations.nginx.ingress.kubernetes.io/proxy-set-headers#

Default value:

"Host $http_host;\nX-Forwarded-For $proxy_add_x_forwarded_for;\nX-Forwarded-Host $http_x_forwarded_host;\nX-Forwarded-Port $http_x_forwarded_port;\nX-Forwarded-Proto $http_x_forwarded_proto;\n"

ingress.annotations.nginx.ingress.kubernetes.io/use-regex#: Default value: "true"

ingress.tls.enabled#

Enable TLS/SSL/HTTPS for Ingress.

Default value: true

ingress.tls.secretName#

The name of the kubernetes secret which contains a TLS private key and certificate. Hint: This secret is not created by this chart and must be provided.

Default value: ""

9.2.6. `nubusDevelopment`#

nubusDevelopment.resources.limits.cpu#: Default value: 288

nubusDevelopment.resources.limits.memory#: Default value: "1Gi"

nubusDevelopment.resources.requests.cpu#: Default value: "10m"

nubusDevelopment.resources.requests.memory#: Default value: "16Mi"

nubusDevelopment.terminationGracePeriodSeconds#: Default value: 5

9.2.7. `postgresql`#

postgresql.enabled#: Default value: true

postgresql.resources.limits.cpu#: Default value: 288

postgresql.resources.limits.memory#: Default value: "1Gi"

postgresql.resources.requests.cpu#: Default value: "10m"

postgresql.resources.requests.memory#: Default value: "16Mi"

postgresql.auth.existingSecret#

Default value:

"{{ .Release.Name }}-postgresql-credentials"

postgresql.auth.username#: Default value: "nubus"

postgresql.auth.secretKeys.adminPasswordKey#: Default value: "admin_password"

postgresql.auth.secretKeys.userPasswordKey#: Default value: "user_password"

postgresql.auth.secretKeys.replicationPasswordKey#: Default value: "replication_password"

postgresql.tls.enabled#: Default value: false

postgresql.tls.existingSecret#

Default value:

"{{ .Release.Name }}-postgresql-tls"

postgresql.tls.certFilename#: Default value: "tls.crt"

postgresql.tls.certKeyFilename#: Default value: "tls.key"

postgresql.tls.certCaFilename#: Default value: "ca.crt"

postgresql.provisioning.enabled#: Default value: true

postgresql.provisioning.ttlSecondsAfterFinished#: Default value: 30

postgresql.provisioning.image.registry#: Default value: "docker.io"

postgresql.provisioning.image.repository#: Default value: "bitnami/postgresql"

postgresql.provisioning.image.tag#: Default value: "15.4.0-debian-11-r45"

postgresql.provisioning.containerSecurityContext.enabled#: Default value: true

postgresql.provisioning.containerSecurityContext.seLinuxOptions#: Default value: {}

postgresql.provisioning.containerSecurityContext.runAsUser#: Default value: 1001

postgresql.provisioning.containerSecurityContext.runAsGroup#: Default value: 1001

postgresql.provisioning.containerSecurityContext.runAsNonRoot#: Default value: true

postgresql.provisioning.containerSecurityContext.privileged#: Default value: false

postgresql.provisioning.containerSecurityContext.readOnlyRootFilesystem#: Default value: true

postgresql.provisioning.containerSecurityContext.allowPrivilegeEscalation#: Default value: false

postgresql.provisioning.containerSecurityContext.capabilities.drop#: Default value: ["ALL"]

postgresql.provisioning.containerSecurityContext.seccompProfile.type#: Default value: "RuntimeDefault"

postgresql.primary.resources.limits.cpu#: Default value: 288

postgresql.primary.resources.limits.memory#: Default value: "1Gi"

postgresql.primary.resources.requests.cpu#: Default value: "10m"

postgresql.primary.resources.requests.memory#: Default value: "16Mi"

postgresql.primary.terminationGracePeriodSeconds#: Default value: 5

9.2.8. `minio`#

minio.terminationGracePeriodSeconds#: Default value: 5

minio.enabled#: Default value: true

minio.resources.limits.cpu#: Default value: 288

minio.resources.limits.memory#: Default value: "1Gi"

minio.resources.requests.cpu#: Default value: "10m"

minio.resources.requests.memory#: Default value: "16Mi"

minio.networkPolicy.enabled#: Default value: false

minio.networkPolicy.resources.limits.cpu#: Default value: 288

minio.networkPolicy.resources.limits.memory#: Default value: "1Gi"

minio.networkPolicy.resources.requests.cpu#: Default value: "10m"

minio.networkPolicy.resources.requests.memory#: Default value: "16Mi"

minio.auth.rootUser#: Default value: "admin"

minio.auth.existingSecret#

Default value:

"{{ .Release.Name }}-minio-credentials"

minio.tls.enabled#: Default value: false

minio.tls.resources.limits.cpu#: Default value: 288

minio.tls.resources.limits.memory#: Default value: "1Gi"

minio.tls.resources.requests.cpu#: Default value: "10m"

minio.tls.resources.requests.memory#: Default value: "16Mi"

minio.tls.existingSecret#

Default value:

"{{ .Release.Name }}-minio-tls"

minio.defaultBuckets#: Default value: "nubus"

minio.provisioning.enabled#: Default value: true

minio.provisioning.resources.limits.cpu#: Default value: 288

minio.provisioning.resources.limits.memory#: Default value: "1Gi"

minio.provisioning.resources.requests.cpu#: Default value: "10m"

minio.provisioning.resources.requests.memory#: Default value: "16Mi"

minio.provisioning.cleanupAfterFinished.enabled#: Default value: true

minio.provisioning.cleanupAfterFinished.seconds#: Default value: 900

minio.provisioning.cleanupAfterFinished.resources.limits.cpu#: Default value: 288

minio.provisioning.cleanupAfterFinished.resources.limits.memory#: Default value: "1Gi"

minio.provisioning.cleanupAfterFinished.resources.requests.cpu#: Default value: "10m"

minio.provisioning.cleanupAfterFinished.resources.requests.memory#: Default value: "16Mi"

minio.provisioning.extraCommands#

Default value:

["mc anonymous set download provisioning/nubus/portal-assets"]

minio.provisioning.buckets#

Default value:

[{"name": "nubus", "versioning": false, "withLock": false}]

minio.provisioning.policies#

Default value:

[{"name": "nubus-bucket-policy", "statements": [{"resources": ["arn:aws:s3:::nubus"], "effect": "Allow", "actions": ["s3:*"]}, {"resources": ["arn:aws:s3:::nubus/*"], "effect": "Allow", "actions": ["s3:*"]}]}]

minio.provisioning.usersExistingSecrets#: Default value: ["nubus-minio-provisioning"]

9.2.9. `keycloak`#

keycloak.terminationGracePeriodSeconds#: Default value: 5

keycloak.enabled#: Default value: true

keycloak.resources.limits.cpu#: Default value: 288

keycloak.resources.limits.memory#: Default value: "1Gi"

keycloak.resources.requests.cpu#: Default value: "10m"

keycloak.resources.requests.memory#: Default value: "16Mi"

keycloak.replicaCount#: Default value: 1

keycloak.postgresql.connection.host#: Default value: ""

keycloak.postgresql.connection.port#: Default value: ""

keycloak.postgresql.auth.username#: Default value: "keycloak_user"

keycloak.postgresql.auth.database#: Default value: "keycloak"

keycloak.postgresql.auth.credentialSecret.key#: Default value: "password"

keycloak.config.logLevel#: Default value: "INFO"

keycloak.ingress.enabled#: Default value: true

9.2.10. `nubusGuardian`#

nubusGuardian.terminationGracePeriodSeconds#: Default value: 5

nubusGuardian.nameOverride#: Default value: "guardian"

nubusGuardian.enabled#: Default value: false

nubusGuardian.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusGuardian.resources.limits.cpu#: Default value: 288

nubusGuardian.resources.limits.memory#: Default value: "1Gi"

nubusGuardian.resources.requests.cpu#: Default value: "10m"

nubusGuardian.resources.requests.memory#: Default value: "16Mi"

nubusGuardian.postgresql.bundled#: Default value: false

nubusGuardian.postgresql.connection.host#: Default value: ""

nubusGuardian.postgresql.connection.port#: Default value: ""

nubusGuardian.postgresql.auth.database#: Default value: "guardian"

nubusGuardian.postgresql.auth.username#: Default value: "guardian"

nubusGuardian.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusGuardian.provisioning.enabled#: Default value: true

nubusGuardian.provisioning.config.keycloak.username#: Default value: "kcadmin"

nubusGuardian.provisioning.config.keycloak.credentialSecret.key#: Default value: "adminPassword"

nubusGuardian.provisioning.config.managementApi.credentialSecret.key#: Default value: "managementApiClientSecret"

9.2.11. `nubusLdapNotifier`#

nubusLdapNotifier.terminationGracePeriodSeconds#: Default value: 5

nubusLdapNotifier.nameOverride#: Default value: "ldap-notifier"

nubusLdapNotifier.enabled#: Default value: true

nubusLdapNotifier.resources.limits.cpu#: Default value: 288

nubusLdapNotifier.resources.limits.memory#: Default value: "1Gi"

nubusLdapNotifier.resources.requests.cpu#: Default value: "10m"

nubusLdapNotifier.resources.requests.memory#: Default value: "16Mi"

9.2.12. `nubusLdapServer`#

nubusLdapServer.terminationGracePeriodSeconds#: Default value: 5

nubusLdapServer.nameOverride#: Default value: "ldap-server"

nubusLdapServer.enabled#: Default value: true

nubusLdapServer.highAvailabilityMode#: Default value: false

nubusLdapServer.replicaCountPrimary#: Default value: 1

nubusLdapServer.replicaCountSecondary#: Default value: 1

nubusLdapServer.replicaCountProxy#: Default value: 1

nubusLdapServer.resourcesPrimary.limits.cpu#: Default value: 288

nubusLdapServer.resourcesPrimary.limits.memory#: Default value: "1Gi"

nubusLdapServer.resourcesPrimary.requests.cpu#: Default value: "10m"

nubusLdapServer.resourcesPrimary.requests.memory#: Default value: "16Mi"

nubusLdapServer.resourcesSecondary.limits.cpu#: Default value: 288

nubusLdapServer.resourcesSecondary.limits.memory#: Default value: "1Gi"

nubusLdapServer.resourcesSecondary.requests.cpu#: Default value: "10m"

nubusLdapServer.resourcesSecondary.requests.memory#: Default value: "16Mi"

nubusLdapServer.resourcesProxy.limits.cpu#: Default value: 288

nubusLdapServer.resourcesProxy.limits.memory#: Default value: "1Gi"

nubusLdapServer.resourcesProxy.requests.cpu#: Default value: "10m"

nubusLdapServer.resourcesProxy.requests.memory#: Default value: "16Mi"

9.2.13. `nubusNotificationsApi`#

nubusNotificationsApi.terminationGracePeriodSeconds#: Default value: 5

nubusNotificationsApi.nameOverride#: Default value: "notifications-api"

nubusNotificationsApi.enabled#: Default value: true

nubusNotificationsApi.resources.limits.cpu#: Default value: 288

nubusNotificationsApi.resources.limits.memory#: Default value: "1Gi"

nubusNotificationsApi.resources.requests.cpu#: Default value: "10m"

nubusNotificationsApi.resources.requests.memory#: Default value: "16Mi"

nubusNotificationsApi.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusNotificationsApi.postgresql.bundled#: Default value: false

nubusNotificationsApi.postgresql.connection.host#: Default value: ""

nubusNotificationsApi.postgresql.connection.port#: Default value: ""

nubusNotificationsApi.postgresql.auth.username#: Default value: "notificationsapi_user"

nubusNotificationsApi.postgresql.auth.database#: Default value: "notificationsapi"

nubusNotificationsApi.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusNotificationsApi.notificationsApi.logLevel#: Default value: "INFO"

9.2.14. `nubusPortalFrontend`#

nubusPortalFrontend.terminationGracePeriodSeconds#: Default value: 5

nubusPortalFrontend.nameOverride#: Default value: "portal-frontend"

nubusPortalFrontend.enabled#: Default value: true

nubusPortalFrontend.resources.limits.cpu#: Default value: 288

nubusPortalFrontend.resources.limits.memory#: Default value: "1Gi"

nubusPortalFrontend.resources.requests.cpu#: Default value: "10m"

nubusPortalFrontend.resources.requests.memory#: Default value: "16Mi"

nubusPortalFrontend.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusPortalFrontend.portalFrontend.logLevel#: Default value: "INFO"

9.2.15. `nubusPortalConsumer`#

nubusPortalConsumer.terminationGracePeriodSeconds#: Default value: 5

nubusPortalConsumer.nameOverride#: Default value: "portal-consumer"

nubusPortalConsumer.enabled#: Default value: true

nubusPortalConsumer.resources.limits.cpu#: Default value: 288

nubusPortalConsumer.resources.limits.memory#: Default value: "1Gi"

nubusPortalConsumer.resources.requests.cpu#: Default value: "10m"

nubusPortalConsumer.resources.requests.memory#: Default value: "16Mi"

nubusPortalConsumer.objectStorage.auth.accessKey#: Default value: null

nubusPortalConsumer.objectStorage.auth.secretKey#: Default value: null

nubusPortalConsumer.portalConsumer.ldapHost#

Default value:

"{{ .Release.Name }}-ldap-server-primary"

nubusPortalConsumer.portalConsumer.objectStorageBucket#: Default value: "nubus"

nubusPortalConsumer.provisioningApi.auth.username#: Default value: "portal-consumer"

nubusPortalConsumer.provisioningApi.auth.password#: Default value: null

nubusPortalConsumer.provisioningApi.auth.existingSecret.name#: Default value: null

9.2.16. `nubusPortalServer`#

nubusPortalServer.terminationGracePeriodSeconds#: Default value: 5

nubusPortalServer.nameOverride#: Default value: "portal-server"

nubusPortalServer.enabled#: Default value: true

nubusPortalServer.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusPortalServer.objectStorage.auth.accessKey#: Default value: null

nubusPortalServer.objectStorage.auth.secretKey#: Default value: null

nubusPortalServer.resources.limits.cpu#: Default value: 288

nubusPortalServer.resources.limits.memory#: Default value: "1Gi"

nubusPortalServer.resources.requests.cpu#: Default value: "10m"

nubusPortalServer.resources.requests.memory#: Default value: "16Mi"

nubusPortalServer.portalServer.objectStorageBucket#: Default value: "nubus"

nubusPortalServer.portalServer.logLevel#: Default value: "INFO"

9.2.17. `nubusProvisioning`#

nubusProvisioning.terminationGracePeriodSeconds#: Default value: 5

nubusProvisioning.nameOverride#: Default value: "provisioning"

nubusProvisioning.enabled#: Default value: true

nubusProvisioning.resources.dispatcher.limits.cpu#: Default value: 288

nubusProvisioning.resources.dispatcher.limits.memory#: Default value: "1Gi"

nubusProvisioning.resources.dispatcher.requests.cpu#: Default value: "10m"

nubusProvisioning.resources.dispatcher.requests.memory#: Default value: "16Mi"

nubusProvisioning.resources.prefill.limits.cpu#: Default value: 288

nubusProvisioning.resources.prefill.limits.memory#: Default value: "1Gi"

nubusProvisioning.resources.prefill.requests.cpu#: Default value: "10m"

nubusProvisioning.resources.prefill.requests.memory#: Default value: "16Mi"

nubusProvisioning.resources.api.limits.cpu#: Default value: 288

nubusProvisioning.resources.api.limits.memory#: Default value: "1Gi"

nubusProvisioning.resources.api.requests.cpu#: Default value: "10m"

nubusProvisioning.resources.api.requests.memory#: Default value: "16Mi"

nubusProvisioning.nats.config.cluster.replicas#

TODO: Set back to the default of 3 after nats clustering is solved.

Default value: 1

nubusProvisioning.nats.auth.adminPassword#: Default value: null

nubusProvisioning.nats.global.imageRegistry#: Default value: "docker.io"

nubusProvisioning.nats.resources.limits.cpu#: Default value: 288

nubusProvisioning.nats.resources.limits.memory#: Default value: "1Gi"

nubusProvisioning.nats.resources.requests.cpu#: Default value: "10m"

nubusProvisioning.nats.resources.requests.memory#: Default value: "16Mi"

nubusProvisioning.nats.reloader.resources.limits.cpu#: Default value: 288

nubusProvisioning.nats.reloader.resources.limits.memory#: Default value: "1Gi"

nubusProvisioning.nats.reloader.resources.requests.cpu#: Default value: "10m"

nubusProvisioning.nats.reloader.resources.requests.memory#: Default value: "16Mi"

nubusProvisioning.nats.natsBox.resources.limits.cpu#: Default value: 288

nubusProvisioning.nats.natsBox.resources.limits.memory#: Default value: "1Gi"

nubusProvisioning.nats.natsBox.resources.requests.cpu#: Default value: "10m"

nubusProvisioning.nats.natsBox.resources.requests.memory#: Default value: "16Mi"

nubusProvisioning.api.auth.adminPassword#: Default value: null

nubusProvisioning.api.auth.prefillPassword#: Default value: null

nubusProvisioning.api.auth.udmTransformerPassword#: Default value: null

nubusProvisioning.api.nats.connection.host#: Default value: ""

nubusProvisioning.api.nats.connection.port#: Default value: ""

nubusProvisioning.api.nats.connection.username#: Default value: "events_and_consumer_api"

nubusProvisioning.api.nats.connection.password.secretKeyRef.key#: Default value: "password"

nubusProvisioning.api.nats.auth.password#: Default value: null

nubusProvisioning.api.config.LOG_LEVEL#: Default value: "INFO"

nubusProvisioning.dispatcher.nats.connection.host#: Default value: ""

nubusProvisioning.dispatcher.nats.connection.port#: Default value: ""

nubusProvisioning.dispatcher.nats.connection.username#: Default value: "dispatcher"

nubusProvisioning.dispatcher.nats.connection.password.secretKeyRef.key#: Default value: "password"

nubusProvisioning.dispatcher.nats.auth.password#: Default value: null

nubusProvisioning.dispatcher.config.LOG_LEVEL#: Default value: "INFO"

nubusProvisioning.prefill.nats.connection.host#: Default value: ""

nubusProvisioning.prefill.nats.connection.port#: Default value: ""

nubusProvisioning.prefill.nats.connection.username#: Default value: "prefill"

nubusProvisioning.prefill.nats.connection.password.secretKeyRef.key#: Default value: "password"

nubusProvisioning.prefill.nats.auth.password#: Default value: null

nubusProvisioning.prefill.config.LOG_LEVEL#: Default value: "INFO"

nubusProvisioning.udmTransformer.ldap.connection.host#

Default value:

"{{ .Release.Name }}-ldap-server-primary"

nubusProvisioning.udmTransformer.nats.auth.password#: Default value: null

nubusProvisioning.udmTransformer.config.LOG_LEVEL#: Default value: "INFO"

9.2.18. `nubusUdmListener`#

nubusUdmListener.terminationGracePeriodSeconds#: Default value: 5

nubusUdmListener.nameOverride#: Default value: "provisioning-listener"

nubusUdmListener.enabled#: Default value: true

nubusUdmListener.resources.limits.cpu#: Default value: 288

nubusUdmListener.resources.limits.memory#: Default value: "1Gi"

nubusUdmListener.resources.requests.cpu#: Default value: "10m"

nubusUdmListener.resources.requests.memory#: Default value: "16Mi"

nubusUdmListener.ldap.connection.host#: Default value: ""

nubusUdmListener.ldap.connection.port#: Default value: ""

nubusUdmListener.ldap.auth.bindDn#: Default value: "cn=admin,dc=example,dc=org"

nubusUdmListener.ldap.auth.credentialSecret.key#: Default value: "password"

nubusUdmListener.nats.auth.password#: Default value: null

nubusUdmListener.config.ldapHost#

Default value:

"{{ .Release.Name }}-ldap-server-primary"

nubusUdmListener.config.debugLevel#: Default value: "2"

9.2.19. `nubusSelfServiceConsumer`#

nubusSelfServiceConsumer.terminationGracePeriodSeconds#: Default value: 5

nubusSelfServiceConsumer.nameOverride#: Default value: "selfservice-listener"

nubusSelfServiceConsumer.enabled#: Default value: true

nubusSelfServiceConsumer.resources.limits.cpu#: Default value: 288

nubusSelfServiceConsumer.resources.limits.memory#: Default value: "1Gi"

nubusSelfServiceConsumer.resources.requests.cpu#: Default value: "10m"

nubusSelfServiceConsumer.resources.requests.memory#: Default value: "16Mi"

nubusSelfServiceConsumer.nats.auth.password#: Default value: null

nubusSelfServiceConsumer.provisioningApi.auth.username#: Default value: "selfservice"

nubusSelfServiceConsumer.provisioningApi.auth.password#

TODO: This needs another iteration, it shows that we set the password, but we also have the existingSecret. Most likely this does belong in the user provisioning configuration around provisioning.

Default value: null

nubusSelfServiceConsumer.provisioningApi.auth.existingSecret.name#

Default value:

"{{ include \"nubus.provisioning.selfserviceConsumer.auth.existingSecret.name\" . }}"

nubusSelfServiceConsumer.provisioningApi.auth.existingSecret.keyMapping.password#: Default value: "PROVISIONING_API_PASSWORD"

9.2.20. `nubusUdmRestApi`#

nubusUdmRestApi.terminationGracePeriodSeconds#: Default value: 5

nubusUdmRestApi.nameOverride#: Default value: "udm-rest-api"

nubusUdmRestApi.enabled#: Default value: true

nubusUdmRestApi.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusUdmRestApi.resources.limits.cpu#: Default value: 288

nubusUdmRestApi.resources.limits.memory#: Default value: "1Gi"

nubusUdmRestApi.resources.requests.cpu#: Default value: "10m"

nubusUdmRestApi.resources.requests.memory#: Default value: "16Mi"

nubusUdmRestApi.ldap.connection.host#: Default value: ""

nubusUdmRestApi.ldap.connection.port#: Default value: ""

nubusUdmRestApi.ldap.auth.bindDn#: Default value: "cn=admin,dc=example,dc=org"

nubusUdmRestApi.ldap.auth.credentialSecret.key#: Default value: "password"

9.2.21. `nubusUmcGateway`#

nubusUmcGateway.terminationGracePeriodSeconds#: Default value: 5

nubusUmcGateway.nameOverride#: Default value: "umc-gateway"

nubusUmcGateway.enabled#: Default value: true

nubusUmcGateway.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusUmcGateway.resources.limits.cpu#: Default value: 288

nubusUmcGateway.resources.limits.memory#: Default value: "1Gi"

nubusUmcGateway.resources.requests.cpu#: Default value: "10m"

nubusUmcGateway.resources.requests.memory#: Default value: "16Mi"

9.2.22. `nubusUmcServer`#

nubusUmcServer.terminationGracePeriodSeconds#: Default value: 5

nubusUmcServer.nameOverride#: Default value: "umc-server"

nubusUmcServer.replicaCount#: Default value: 1

nubusUmcServer.enabled#: Default value: true

nubusUmcServer.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusUmcServer.resources.limits.cpu#: Default value: 288

nubusUmcServer.resources.limits.memory#: Default value: "1Gi"

nubusUmcServer.resources.requests.cpu#: Default value: "10m"

nubusUmcServer.resources.requests.memory#: Default value: "16Mi"

nubusUmcServer.postgresql.connection.host#: Default value: ""

nubusUmcServer.postgresql.connection.port#: Default value: ""

nubusUmcServer.postgresql.auth.username#: Default value: "selfservice"

nubusUmcServer.postgresql.auth.database#: Default value: "selfservice"

nubusUmcServer.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusUmcServer.global.imageRegistry#: Default value: "docker.io"

nubusUmcServer.image.registry#

Default value:

"artifacts.software-univention.de"

nubusUmcServer.memcached.nameOverride#: Default value: "umc-server-memcached"

nubusUmcServer.memcached.containerSecurityContext.readOnlyRootFilesystem#: Default value: false

nubusUmcServer.memcached.auth.username#: Default value: "selfservice"

nubusUmcServer.memcached.auth.existingPasswordSecret#

Default value:

"{{ printf \"%s-umc-server-memcached-credentials\" .Release.Name }}"

nubusUmcServer.memcached.auth.credentialSecret.key#: Default value: "memcached-password"

nubusUmcServer.memcached.auth.credentialSecret.name#: Default value: ""

nubusUmcServer.memcached.connection.host#: Default value: ""

nubusUmcServer.memcached.connection.port#: Default value: ""

nubusUmcServer.memcached.connection.username#: Default value: "umcserver"

nubusUmcServer.umcServer.certPemFile#: Default value: "/var/secrets/ssl/tls.crt"

nubusUmcServer.umcServer.privateKeyFile#: Default value: "/var/secrets/ssl/tls.key"

nubusUmcServer.proxy.logLevel#: Default value: "INFO"

nubusUmcServer.extraVolumes#

Default value:

[{"name": "certificates", "secret": {"secretName": "{{ .Release.Name }}-saml-tls"}}]

nubusUmcServer.extraVolumeMounts#

Default value:

[{"name": "certificates", "mountPath": "/var/secrets/ssl"}]

9.2.23. `nubusKeycloakBootstrap`#

nubusKeycloakBootstrap.terminationGracePeriodSeconds#: Default value: 5

nubusKeycloakBootstrap.nameOverride#: Default value: "keycloak-bootstrap"

nubusKeycloakBootstrap.enabled#: Default value: true

nubusKeycloakBootstrap.resources.limits.cpu#: Default value: 288

nubusKeycloakBootstrap.resources.limits.memory#: Default value: "1Gi"

nubusKeycloakBootstrap.resources.requests.cpu#: Default value: "10m"

nubusKeycloakBootstrap.resources.requests.memory#: Default value: "16Mi"

9.2.24. `nubusKeycloakExtensions`#

nubusKeycloakExtensions.terminationGracePeriodSeconds#: Default value: 5

nubusKeycloakExtensions.nameOverride#: Default value: "keycloak-extensions"

nubusKeycloakExtensions.enabled#: Default value: false

nubusKeycloakExtensions.resources.limits.cpu#: Default value: 288

nubusKeycloakExtensions.resources.limits.memory#: Default value: "1Gi"

nubusKeycloakExtensions.resources.requests.cpu#: Default value: "10m"

nubusKeycloakExtensions.resources.requests.memory#: Default value: "16Mi"

nubusKeycloakExtensions.smtp.connection.host#: Default value: ""

nubusKeycloakExtensions.smtp.auth.username#: Default value: "keycloak-extensions"

nubusKeycloakExtensions.smtp.auth.credentialSecret.key#: Default value: "password"

nubusKeycloakExtensions.keycloak.connection.host#: Default value: ""

nubusKeycloakExtensions.keycloak.auth.username#: Default value: "kcadmin"

nubusKeycloakExtensions.keycloak.auth.credentialSecret.key#: Default value: "password"

nubusKeycloakExtensions.postgresql.connection.host#: Default value: ""

nubusKeycloakExtensions.postgresql.connection.port#: Default value: ""

nubusKeycloakExtensions.postgresql.auth.database#: Default value: "keycloak_extensions"

nubusKeycloakExtensions.postgresql.auth.username#: Default value: "keycloak_extensions"

nubusKeycloakExtensions.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusKeycloakExtensions.handler.appConfig.logLevel#: Default value: "INFO"

nubusKeycloakExtensions.proxy.appConfig.logLevel#: Default value: "info"

9.2.25. `nubusStackDataUms`#

nubusStackDataUms.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nameOverride#: Default value: "stack-data-ums"

nubusStackDataUms.enabled#: Default value: true

nubusStackDataUms.resources.limits.cpu#: Default value: 288

nubusStackDataUms.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusNotificationsApi.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusNotificationsApi.nameOverride#: Default value: "notifications-api"

nubusStackDataUms.nubusNotificationsApi.enabled#: Default value: true

nubusStackDataUms.nubusNotificationsApi.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusNotificationsApi.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusNotificationsApi.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusNotificationsApi.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusNotificationsApi.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusStackDataUms.nubusNotificationsApi.postgresql.bundled#: Default value: false

nubusStackDataUms.nubusNotificationsApi.postgresql.connection.host#: Default value: ""

nubusStackDataUms.nubusNotificationsApi.postgresql.connection.port#: Default value: ""

nubusStackDataUms.nubusNotificationsApi.postgresql.auth.username#: Default value: "notificationsapi_user"

nubusStackDataUms.nubusNotificationsApi.postgresql.auth.database#: Default value: "notificationsapi"

nubusStackDataUms.nubusNotificationsApi.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.nubusNotificationsApi.notificationsApi.logLevel#: Default value: "INFO"

nubusStackDataUms.nubusUmcServer.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusUmcServer.nameOverride#: Default value: "umc-server"

nubusStackDataUms.nubusUmcServer.replicaCount#: Default value: 1

nubusStackDataUms.nubusUmcServer.enabled#: Default value: true

nubusStackDataUms.nubusUmcServer.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusStackDataUms.nubusUmcServer.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusUmcServer.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusUmcServer.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusUmcServer.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusUmcServer.postgresql.connection.host#: Default value: ""

nubusStackDataUms.nubusUmcServer.postgresql.connection.port#: Default value: ""

nubusStackDataUms.nubusUmcServer.postgresql.auth.username#: Default value: "selfservice"

nubusStackDataUms.nubusUmcServer.postgresql.auth.database#: Default value: "selfservice"

nubusStackDataUms.nubusUmcServer.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.nubusUmcServer.global.imageRegistry#: Default value: "docker.io"

nubusStackDataUms.nubusUmcServer.image.registry#

Default value:

"artifacts.software-univention.de"

nubusStackDataUms.nubusUmcServer.memcached.nameOverride#: Default value: "umc-server-memcached"

nubusStackDataUms.nubusUmcServer.memcached.containerSecurityContext.readOnlyRootFilesystem#: Default value: false

nubusStackDataUms.nubusUmcServer.memcached.auth.username#: Default value: "selfservice"

nubusStackDataUms.nubusUmcServer.memcached.auth.existingPasswordSecret#

Default value:

"{{ printf \"%s-umc-server-memcached-credentials\" .Release.Name }}"

nubusStackDataUms.nubusUmcServer.memcached.auth.credentialSecret.key#: Default value: "memcached-password"

nubusStackDataUms.nubusUmcServer.memcached.auth.credentialSecret.name#: Default value: ""

nubusStackDataUms.nubusUmcServer.memcached.connection.host#: Default value: ""

nubusStackDataUms.nubusUmcServer.memcached.connection.port#: Default value: ""

nubusStackDataUms.nubusUmcServer.memcached.connection.username#: Default value: "umcserver"

nubusStackDataUms.nubusUmcServer.umcServer.certPemFile#: Default value: "/var/secrets/ssl/tls.crt"

nubusStackDataUms.nubusUmcServer.umcServer.privateKeyFile#: Default value: "/var/secrets/ssl/tls.key"

nubusStackDataUms.nubusUmcServer.proxy.logLevel#: Default value: "INFO"

nubusStackDataUms.nubusUmcServer.extraVolumes#

Default value:

[{"name": "certificates", "secret": {"secretName": "{{ .Release.Name }}-saml-tls"}}]

nubusStackDataUms.nubusUmcServer.extraVolumeMounts#

Default value:

[{"name": "certificates", "mountPath": "/var/secrets/ssl"}]

nubusStackDataUms.nubusKeycloakExtensions.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusKeycloakExtensions.nameOverride#: Default value: "keycloak-extensions"

nubusStackDataUms.nubusKeycloakExtensions.enabled#: Default value: false

nubusStackDataUms.nubusKeycloakExtensions.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusKeycloakExtensions.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusKeycloakExtensions.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusKeycloakExtensions.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusKeycloakExtensions.smtp.connection.host#: Default value: ""

nubusStackDataUms.nubusKeycloakExtensions.smtp.auth.username#: Default value: "keycloak-extensions"

nubusStackDataUms.nubusKeycloakExtensions.smtp.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.nubusKeycloakExtensions.keycloak.connection.host#: Default value: ""

nubusStackDataUms.nubusKeycloakExtensions.keycloak.auth.username#: Default value: "kcadmin"

nubusStackDataUms.nubusKeycloakExtensions.keycloak.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.nubusKeycloakExtensions.postgresql.connection.host#: Default value: ""

nubusStackDataUms.nubusKeycloakExtensions.postgresql.connection.port#: Default value: ""

nubusStackDataUms.nubusKeycloakExtensions.postgresql.auth.database#: Default value: "keycloak_extensions"

nubusStackDataUms.nubusKeycloakExtensions.postgresql.auth.username#: Default value: "keycloak_extensions"

nubusStackDataUms.nubusKeycloakExtensions.postgresql.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.nubusKeycloakExtensions.handler.appConfig.logLevel#: Default value: "INFO"

nubusStackDataUms.nubusKeycloakExtensions.proxy.appConfig.logLevel#: Default value: "info"

nubusStackDataUms.nubusKeycloakBootstrap.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusKeycloakBootstrap.nameOverride#: Default value: "keycloak-bootstrap"

nubusStackDataUms.nubusKeycloakBootstrap.enabled#: Default value: true

nubusStackDataUms.nubusKeycloakBootstrap.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusKeycloakBootstrap.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusKeycloakBootstrap.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusKeycloakBootstrap.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusPortalConsumer.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusPortalConsumer.nameOverride#: Default value: "portal-consumer"

nubusStackDataUms.nubusPortalConsumer.enabled#: Default value: true

nubusStackDataUms.nubusPortalConsumer.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusPortalConsumer.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusPortalConsumer.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusPortalConsumer.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusPortalConsumer.objectStorage.auth.accessKey#: Default value: null

nubusStackDataUms.nubusPortalConsumer.objectStorage.auth.secretKey#: Default value: null

nubusStackDataUms.nubusPortalConsumer.portalConsumer.ldapHost#

Default value:

"{{ .Release.Name }}-ldap-server-primary"

nubusStackDataUms.nubusPortalConsumer.portalConsumer.objectStorageBucket#: Default value: "nubus"

nubusStackDataUms.nubusPortalConsumer.provisioningApi.auth.username#: Default value: "portal-consumer"

nubusStackDataUms.nubusPortalConsumer.provisioningApi.auth.password#: Default value: null

nubusStackDataUms.nubusPortalConsumer.provisioningApi.auth.existingSecret.name#: Default value: null

nubusStackDataUms.nubusPortalServer.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusPortalServer.nameOverride#: Default value: "portal-server"

nubusStackDataUms.nubusPortalServer.enabled#: Default value: true

nubusStackDataUms.nubusPortalServer.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusStackDataUms.nubusPortalServer.objectStorage.auth.accessKey#: Default value: null

nubusStackDataUms.nubusPortalServer.objectStorage.auth.secretKey#: Default value: null

nubusStackDataUms.nubusPortalServer.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusPortalServer.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusPortalServer.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusPortalServer.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusPortalServer.portalServer.objectStorageBucket#: Default value: "nubus"

nubusStackDataUms.nubusPortalServer.portalServer.logLevel#: Default value: "INFO"

nubusStackDataUms.nubusProvisioning.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusProvisioning.nameOverride#: Default value: "provisioning"

nubusStackDataUms.nubusProvisioning.enabled#: Default value: true

nubusStackDataUms.nubusProvisioning.resources.dispatcher.limits.cpu#: Default value: 288

nubusStackDataUms.nubusProvisioning.resources.dispatcher.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusProvisioning.resources.dispatcher.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusProvisioning.resources.dispatcher.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusProvisioning.resources.prefill.limits.cpu#: Default value: 288

nubusStackDataUms.nubusProvisioning.resources.prefill.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusProvisioning.resources.prefill.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusProvisioning.resources.prefill.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusProvisioning.resources.api.limits.cpu#: Default value: 288

nubusStackDataUms.nubusProvisioning.resources.api.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusProvisioning.resources.api.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusProvisioning.resources.api.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusProvisioning.nats.config.cluster.replicas#

TODO: Set back to the default of 3 after nats clustering is solved.

Default value: 1

nubusStackDataUms.nubusProvisioning.nats.auth.adminPassword#: Default value: null

nubusStackDataUms.nubusProvisioning.nats.global.imageRegistry#: Default value: "docker.io"

nubusStackDataUms.nubusProvisioning.nats.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusProvisioning.nats.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusProvisioning.nats.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusProvisioning.nats.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusProvisioning.nats.reloader.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusProvisioning.nats.reloader.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusProvisioning.nats.reloader.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusProvisioning.nats.reloader.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusProvisioning.nats.natsBox.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusProvisioning.nats.natsBox.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusProvisioning.nats.natsBox.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusProvisioning.nats.natsBox.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusProvisioning.api.auth.adminPassword#: Default value: null

nubusStackDataUms.nubusProvisioning.api.auth.prefillPassword#: Default value: null

nubusStackDataUms.nubusProvisioning.api.auth.udmTransformerPassword#: Default value: null

nubusStackDataUms.nubusProvisioning.api.nats.connection.host#: Default value: ""

nubusStackDataUms.nubusProvisioning.api.nats.connection.port#: Default value: ""

nubusStackDataUms.nubusProvisioning.api.nats.connection.username#: Default value: "events_and_consumer_api"

nubusStackDataUms.nubusProvisioning.api.nats.connection.password.secretKeyRef.key#: Default value: "password"

nubusStackDataUms.nubusProvisioning.api.nats.auth.password#: Default value: null

nubusStackDataUms.nubusProvisioning.api.config.LOG_LEVEL#: Default value: "INFO"

nubusStackDataUms.nubusProvisioning.dispatcher.nats.connection.host#: Default value: ""

nubusStackDataUms.nubusProvisioning.dispatcher.nats.connection.port#: Default value: ""

nubusStackDataUms.nubusProvisioning.dispatcher.nats.connection.username#: Default value: "dispatcher"

nubusStackDataUms.nubusProvisioning.dispatcher.nats.connection.password.secretKeyRef.key#: Default value: "password"

nubusStackDataUms.nubusProvisioning.dispatcher.nats.auth.password#: Default value: null

nubusStackDataUms.nubusProvisioning.dispatcher.config.LOG_LEVEL#: Default value: "INFO"

nubusStackDataUms.nubusProvisioning.prefill.nats.connection.host#: Default value: ""

nubusStackDataUms.nubusProvisioning.prefill.nats.connection.port#: Default value: ""

nubusStackDataUms.nubusProvisioning.prefill.nats.connection.username#: Default value: "prefill"

nubusStackDataUms.nubusProvisioning.prefill.nats.connection.password.secretKeyRef.key#: Default value: "password"

nubusStackDataUms.nubusProvisioning.prefill.nats.auth.password#: Default value: null

nubusStackDataUms.nubusProvisioning.prefill.config.LOG_LEVEL#: Default value: "INFO"

nubusStackDataUms.nubusProvisioning.udmTransformer.ldap.connection.host#

Default value:

"{{ .Release.Name }}-ldap-server-primary"

nubusStackDataUms.nubusProvisioning.udmTransformer.nats.auth.password#: Default value: null

nubusStackDataUms.nubusProvisioning.udmTransformer.config.LOG_LEVEL#: Default value: "INFO"

nubusStackDataUms.nubusUdmListener.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusUdmListener.nameOverride#: Default value: "provisioning-listener"

nubusStackDataUms.nubusUdmListener.enabled#: Default value: true

nubusStackDataUms.nubusUdmListener.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusUdmListener.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusUdmListener.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusUdmListener.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusUdmListener.ldap.connection.host#: Default value: ""

nubusStackDataUms.nubusUdmListener.ldap.connection.port#: Default value: ""

nubusStackDataUms.nubusUdmListener.ldap.auth.bindDn#: Default value: "cn=admin,dc=example,dc=org"

nubusStackDataUms.nubusUdmListener.ldap.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.nubusUdmListener.nats.auth.password#: Default value: null

nubusStackDataUms.nubusUdmListener.config.ldapHost#

Default value:

"{{ .Release.Name }}-ldap-server-primary"

nubusStackDataUms.nubusUdmListener.config.debugLevel#: Default value: "2"

nubusStackDataUms.nubusSelfServiceConsumer.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusSelfServiceConsumer.nameOverride#: Default value: "selfservice-listener"

nubusStackDataUms.nubusSelfServiceConsumer.enabled#: Default value: true

nubusStackDataUms.nubusSelfServiceConsumer.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusSelfServiceConsumer.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusSelfServiceConsumer.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusSelfServiceConsumer.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusSelfServiceConsumer.nats.auth.password#: Default value: null

nubusStackDataUms.nubusSelfServiceConsumer.provisioningApi.auth.username#: Default value: "selfservice"

nubusStackDataUms.nubusSelfServiceConsumer.provisioningApi.auth.password#

TODO: This needs another iteration, it shows that we set the password, but we also have the existingSecret. Most likely this does belong in the user provisioning configuration around provisioning.

Default value: null

nubusStackDataUms.nubusSelfServiceConsumer.provisioningApi.auth.existingSecret.name#

Default value:

"{{ include \"nubus.provisioning.selfserviceConsumer.auth.existingSecret.name\" . }}"

nubusStackDataUms.nubusSelfServiceConsumer.provisioningApi.auth.existingSecret.keyMapping.password#: Default value: "PROVISIONING_API_PASSWORD"

nubusStackDataUms.nubusUdmRestApi.terminationGracePeriodSeconds#: Default value: 5

nubusStackDataUms.nubusUdmRestApi.nameOverride#: Default value: "udm-rest-api"

nubusStackDataUms.nubusUdmRestApi.enabled#: Default value: true

nubusStackDataUms.nubusUdmRestApi.ingress.host#

Default value:

"{{ .Values.global.subDomains.portal }}.{{ .Values.global.domain }}"

nubusStackDataUms.nubusUdmRestApi.resources.limits.cpu#: Default value: 288

nubusStackDataUms.nubusUdmRestApi.resources.limits.memory#: Default value: "1Gi"

nubusStackDataUms.nubusUdmRestApi.resources.requests.cpu#: Default value: "10m"

nubusStackDataUms.nubusUdmRestApi.resources.requests.memory#: Default value: "16Mi"

nubusStackDataUms.nubusUdmRestApi.ldap.connection.host#: Default value: ""

nubusStackDataUms.nubusUdmRestApi.ldap.connection.port#: Default value: ""

nubusStackDataUms.nubusUdmRestApi.ldap.auth.bindDn#: Default value: "cn=admin,dc=example,dc=org"

nubusStackDataUms.nubusUdmRestApi.ldap.auth.credentialSecret.key#: Default value: "password"

nubusStackDataUms.stackDataContext.ldapMasterHost#

Default value:

"{{ include \"nubusTemplates.connections.ldap.primary.host\" . }}"

nubusStackDataUms.stackDataContext.ldapHost#

Default value:

"{{ include \"nubusTemplates.connections.ldap.primary.host\" . }}"

nubusStackDataUms.templateContext.initialPasswordAdministrator#

Default value:

"{{ include \"nubusTemplates.credentials.administrator.password\" . }}"

nubusStackDataUms.templateContext.ldapSearchUsers#: Default value: []

nubusStackDataUms.templateContext.ldapSystemUsers#

Default value:

[{"username": "readonly", "lastname": "LDAP-system-User", "password": "{{ include \"nubusTemplates.credentials.ldap.users.readonly.password\" . }}"}]

nubusStackDataUms.templateContext.readonlyUserPassword#

Default value:

"{{ include \"nubusTemplates.credentials.ldap.users.readonly.password\" . }}"

9.2.26. `extraSecrets`#

extraSecrets#

Allows for creation of additional secrets, for example containing credentials for third party services.

Default value: []

Nubus for Kubernetes - Operation Manual 1.0.1

Configuration reference

Contents

9. Configuration reference#

9.1. Aliases#

9.2. Helm Chart reference#

9.2.1. `global`#

9.2.2. `additionalAnnotations`#

9.2.3. `additionalLabels`#

9.2.4. `certificates`#

9.2.5. `ingress`#

9.2.6. `nubusDevelopment`#

9.2.7. `postgresql`#

9.2.8. `minio`#

9.2.9. `keycloak`#

9.2.10. `nubusGuardian`#

9.2.11. `nubusLdapNotifier`#

9.2.12. `nubusLdapServer`#

9.2.13. `nubusNotificationsApi`#

9.2.14. `nubusPortalFrontend`#

9.2.15. `nubusPortalConsumer`#

9.2.16. `nubusPortalServer`#

9.2.17. `nubusProvisioning`#

9.2.18. `nubusUdmListener`#

9.2.19. `nubusSelfServiceConsumer`#

9.2.20. `nubusUdmRestApi`#

9.2.21. `nubusUmcGateway`#

9.2.22. `nubusUmcServer`#

9.2.23. `nubusKeycloakBootstrap`#

9.2.24. `nubusKeycloakExtensions`#

9.2.25. `nubusStackDataUms`#

9.2.26. `extraSecrets`#

Nubus for Kubernetes - Operation Manual 1.0.1

Configuration reference

Contents

9. Configuration reference#

9.1. Aliases#

9.2. Helm Chart reference#

9.2.1. global#

9.2.2. additionalAnnotations#

9.2.3. additionalLabels#

9.2.4. certificates#

9.2.5. ingress#

9.2.6. nubusDevelopment#

9.2.7. postgresql#

9.2.8. minio#

9.2.9. keycloak#

9.2.10. nubusGuardian#

9.2.11. nubusLdapNotifier#

9.2.12. nubusLdapServer#

9.2.13. nubusNotificationsApi#

9.2.14. nubusPortalFrontend#

9.2.15. nubusPortalConsumer#

9.2.16. nubusPortalServer#

9.2.17. nubusProvisioning#

9.2.18. nubusUdmListener#

9.2.19. nubusSelfServiceConsumer#

9.2.20. nubusUdmRestApi#

9.2.21. nubusUmcGateway#

9.2.22. nubusUmcServer#

9.2.23. nubusKeycloakBootstrap#

9.2.24. nubusKeycloakExtensions#

9.2.25. nubusStackDataUms#

9.2.26. extraSecrets#

9.2.1. `global`#

9.2.2. `additionalAnnotations`#

9.2.3. `additionalLabels`#

9.2.4. `certificates`#

9.2.5. `ingress`#

9.2.6. `nubusDevelopment`#

9.2.7. `postgresql`#

9.2.8. `minio`#

9.2.9. `keycloak`#

9.2.10. `nubusGuardian`#

9.2.11. `nubusLdapNotifier`#

9.2.12. `nubusLdapServer`#

9.2.13. `nubusNotificationsApi`#

9.2.14. `nubusPortalFrontend`#

9.2.15. `nubusPortalConsumer`#

9.2.16. `nubusPortalServer`#

9.2.17. `nubusProvisioning`#

9.2.18. `nubusUdmListener`#

9.2.19. `nubusSelfServiceConsumer`#

9.2.20. `nubusUdmRestApi`#

9.2.21. `nubusUmcGateway`#

9.2.22. `nubusUmcServer`#

9.2.23. `nubusKeycloakBootstrap`#

9.2.24. `nubusKeycloakExtensions`#

9.2.25. `nubusStackDataUms`#

9.2.26. `extraSecrets`#