From 31db3dcb258266acfe2cc8788937b36dd7f4f754 Mon Sep 17 00:00:00 2001 From: dbf Date: Thu, 28 Oct 2021 16:21:24 +0200 Subject: [PATCH] fix team-container video LDAP auth --- team-video/templates/deploy_jicofo.yaml | 6 ++- team-video/templates/deploy_prosody.yaml | 52 +++++++++++++++++++++++- values-video.yaml | 3 ++ 3 files changed, 59 insertions(+), 2 deletions(-) diff --git a/team-video/templates/deploy_jicofo.yaml b/team-video/templates/deploy_jicofo.yaml index cfb7420..3470551 100644 --- a/team-video/templates/deploy_jicofo.yaml +++ b/team-video/templates/deploy_jicofo.yaml @@ -26,6 +26,10 @@ spec: {{ if eq .Values.auth.type "ldap" }} - name: ENABLE_LDAP_AUTH value: "true" + - name: ENABLE_AUTH + value: "true" + - name: AUTH_TYPE + value: {{ .Values.auth.ldapjicofoauth }} {{else}} - name: ENABLE_AUTH value: "true" @@ -54,4 +58,4 @@ spec: - name: XMPP_INTERNAL_MUC_DOMAIN value: internal-muc.{{ .Values.app.name }}.{{ .Values.app.domain }} - name: TZ - value: Europe/Paris \ No newline at end of file + value: Europe/Paris diff --git a/team-video/templates/deploy_prosody.yaml b/team-video/templates/deploy_prosody.yaml index 69da902..e1e4bb5 100644 --- a/team-video/templates/deploy_prosody.yaml +++ b/team-video/templates/deploy_prosody.yaml @@ -43,6 +43,54 @@ spec: {{end}} - name: AUTH_TYPE value: {{ .Values.auth.type }} + {{ if .Values.auth.ldapauthmethod}} + - name: LDAP_AUTH_METHOD + value: {{ .Values.auth.ldapauthmethod}} + {{end}} + {{ if .Values.auth.ldapurl }} + - name: LDAP_URL + value: {{ .Values.auth.ldapurl }} + {{end}} + {{ if .Values.auth.ldapusetls }} + - name: LDAP_USE_TLS + value: {{ .Values.auth.ldapusetls }} + {{end}} + {{ if .Values.auth.ldapstarttls }} + - name: LDAP_START_TLS + value: {{ .Values.auth.ldapstarttls }} + {{end}} + {{ if .Values.auth.ldaptlscacertfile }} + - name: LDAP_TLS_CACERT_FILE + value: {{ .Values.auth.ldaptlscacertfile }} + {{end}} + {{ if .Values.auth.ldaptlscacertdir }} + - name: LDAP_TLS_CACERT_DIR + value: {{ .Values.auth.ldaptlscacertdir }} + {{end}} + {{ if .Values.auth.ldapcheckpeer }} + - name: LDAP_TLS_CHECK_PEER + value: {{ .Values.auth.ldapcheckpeer }} + {{end}} + {{ if .Values.auth.ldapbase }} + - name: LDAP_BASE + value: {{ .Values.auth.ldapbase }} + {{end}} + {{ if .Values.auth.ldapbinddn }} + - name: LDAP_BINDDN + value: {{ .Values.auth.ldapbinddn }} + {{end}} + {{ if .Values.auth.ldapbindpw }} + - name: LDAP_BINDPW + value: {{ .Values.auth.ldapbindpw }} + {{end}} + {{ if .Values.auth.ldapfilter }} + - name: LDAP_FILTER + value: {{ .Values.auth.ldapfilter }} + {{end}} + {{ if .Values.auth.ldapversion }} + - name: LDAP_VERSION + value: {{ .Values.auth.ldapversion }} + {{end}} {{end}} - name: XMPP_DOMAIN value: {{ .Values.app.name }}.{{ .Values.app.domain }} @@ -71,4 +119,6 @@ spec: - name: XMPP_INTERNAL_MUC_DOMAIN value: internal-muc.{{ .Values.app.name }}.{{ .Values.app.domain }} - name: TZ - value: Europe/Paris \ No newline at end of file + value: Europe/Paris + - name: PUBLIC_URL + value: "https://{{ .Values.app.name }}.{{ .Values.app.domain }}" diff --git a/values-video.yaml b/values-video.yaml index df3691a..4090d48 100644 --- a/values-video.yaml +++ b/values-video.yaml @@ -25,6 +25,9 @@ auth: #ldapbindpw: VerySecretPassword #ldapfilter: (&(&(|(objectclass=person)))(|(samaccountname=%uid)(|(mailPrimaryAddress=%uid)(mail=%uid)))) #ldapversion: 3 # can break helm upgrade + # jicofo needs this, if (and only if) LDAP auth is used + #ldapjicofoauth: XMPP + logLevel: "info" hideWelcomePage: true