def _make_pod_envconfig(self):
config = self.model.config
- return {
+ envconfig = {
"DB_HOST": self.state.db_host,
"DB_PORT": self.state.db_port,
"ROOT_DB_USER": self.state.db_user,
"SERVICE_PROJECT": config["service_project"],
}
+ if config.get("ldap_enabled"):
+ envconfig["LDAP_AUTHENTICATION_DOMAIN_NAME"] = config[
+ "ldap_authentication_domain_name"
+ ]
+ envconfig["LDAP_URL"] = config["ldap_url"]
+ envconfig["LDAP_USER_OBJECTCLASS"] = config["ldap_user_objectclass"]
+ envconfig["LDAP_USER_ID_ATTRIBUTE"] = config["ldap_user_id_attribute"]
+ envconfig["LDAP_USER_NAME_ATTRIBUTE"] = config["ldap_user_name_attribute"]
+ envconfig["LDAP_USER_PASS_ATTRIBUTE"] = config["ldap_user_pass_attribute"]
+ envconfig["LDAP_USER_ENABLED_MASK"] = config["ldap_user_enabled_mask"]
+ envconfig["LDAP_USER_ENABLED_DEFAULT"] = config["ldap_user_enabled_default"]
+ envconfig["LDAP_USER_ENABLED_INVERT"] = config["ldap_user_enabled_invert"]
+
+ if config["ldap_bind_user"]:
+ envconfig["LDAP_BIND_USER"] = config["ldap_bind_user"]
+
+ if config["ldap_bind_password"]:
+ envconfig["LDAP_BIND_PASSWORD"] = config["ldap_bind_password"]
+
+ if config["ldap_user_tree_dn"]:
+ envconfig["LDAP_USER_TREE_DN"] = config["ldap_user_tree_dn"]
+
+ if config["ldap_user_filter"]:
+ envconfig["LDAP_USER_FILTER"] = config["ldap_user_filter"]
+
+ if config["ldap_user_enabled_attribute"]:
+ envconfig["LDAP_USER_ENABLED_ATTRIBUTE"] = config[
+ "ldap_user_enabled_attribute"
+ ]
+
+ if config["ldap_use_starttls"]:
+ envconfig["LDAP_USE_STARTTLS"] = config["ldap_use_starttls"]
+ envconfig["LDAP_TLS_CACERT_BASE64"] = config["ldap_tls_cacert_base64"]
+ envconfig["LDAP_TLS_REQ_CERT"] = config["ldap_tls_req_cert"]
+
+ return envconfig
+
def _make_pod_ingress_resources(self):
site_url = self.model.config["site_url"]