Gitiles
Code Review Sign In
osm.etsi.org / osm / devops / 009a5d691dba1ec6aa8567bc27eb4d468e5e0db4 / . / installers / charm / keystone / config.yaml
blob: c99d8783bd0d9f4c308685a0cade036ec1e05b7d [file] [log] [blame]
David Garcia009a5d62020-08-27 16:53:44 +0200[diff] [blame^]1# Copyright 2020 Canonical Ltd.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14options:
15 image:
16 type: string
17 default: opensourcemano/keystone:latest
18 description: The docker image to install.
19 image_username:
20 type: string
21 description: |
22 The username for accessing the registry specified in image.
23 default: ""
24 image_password:
25 type: string
26 description: |
27 The password associated with image_username for accessing
28 the registry specified in image.
29 default: ""
30 max_file_size:
31 type: int
32 description: |
33 The maximum file size, in megabytes.
34
35 If there is a reverse proxy in front of Keystone, it may
36 need to be configured to handle the requested size.
37 default: 5
38 ingress_whitelist_source_range:
39 type: string
40 description: |
41 A comma-separated list of CIDRs to store in the
42 ingress.kubernetes.io/whitelist-source-range annotation.
43
44 This can be used to lock down access to
45 Keystone based on source IP address.
46 default: ""
47 tls_secret_name:
48 type: string
49 description: TLS Secret name
50 default: ""
51 site_url:
52 type: string
53 description: Ingress URL
54 default: ""
55 ldap_enabled:
56 type: boolean
57 description: Boolean to enable/disable LDAP authentication
58 default: false
59 region_id:
60 type: string
61 description: Region ID to be created when starting the service
62 default: RegionOne
63 keystone_db_password:
64 type: string
65 description: Keystone DB Password
66 default: admin
67 admin_username:
68 type: string
69 description: Admin username to be created when starting the service
70 default: admin
71 admin_password:
72 type: string
73 description: Admin password to be created when starting the service
74 default: admin
75 admin_project:
76 type: string
77 description: Admin project to be created when starting the service
78 default: admin
79 service_username:
80 type: string
81 description: Service Username to be created when starting the service
82 default: nbi
83 service_password:
84 type: string
85 description: Service Password to be created when starting the service
86 default: nbi
87 service_project:
88 type: string
89 description: Service Project to be created when starting the service
90 default: service
91 user_domain_name:
92 type: string
93 description: User domain name (Hardcoded in the container start.sh script)
94 default: default
95 project_domain_name:
96 type: string
97 description: |
98 Project domain name (Hardcoded in the container start.sh script)
99 default: default
100
101 # ENV LDAP_AUTHENTICATION_DOMAIN_NAME no default
102 # ENV LDAP_URL ldap://localhost
103 # ENV LDAP_BIND_USER no defauslt
104 # ENV LDAP_BIND_PASSWORD no default
105 # ENV LDAP_USER_TREE_DN no default
106 # ENV LDAP_USER_OBJECTCLASS inetOrgPerson
107 # ENV LDAP_USER_ID_ATTRIBUTE cn
108 # ENV LDAP_USER_NAME_ATTRIBUTE sn
109 # ENV LDAP_USER_PASS_ATTRIBUTE userPassword
110 # ENV LDAP_USER_FILTER no default
111 # ENV LDAP_USER_ENABLED_ATTRIBUTE enabled
112 # ENV LDAP_USER_ENABLED_MASK 0
113 # ENV LDAP_USER_ENABLED_DEFAULT true
114 # ENV LDAP_USER_ENABLED_INVERT false
115 # ENV LDAP_USE_STARTTLS false
116 # ENV LDAP_TLS_CACERT_BASE64 no default
117 # ENV LDAP_TLS_REQ_CERT demand