[osm/devops.git] / installers / charm / keystone / config.yaml

# Copyright 2020 Canonical Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
#     Unless required by applicable law or agreed to in writing, software
#     distributed under the License is distributed on an "AS IS" BASIS,
#     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#     See the License for the specific language governing permissions and
#     limitations under the License.
options:
  image:
    type: string
    default: opensourcemano/keystone:latest
    description: The docker image to install.
  image_username:
    type: string
    description: |
      The username for accessing the registry specified in image.
    default: ""
  image_password:
    type: string
    description: |
      The password associated with image_username for accessing
      the registry specified in image.
    default: ""
  max_file_size:
    type: int
    description: |
      The maximum file size, in megabytes.

      If there is a reverse proxy in front of Keystone, it may
      need to be configured to handle the requested size.
    default: 5
  ingress_whitelist_source_range:
    type: string
    description: |
      A comma-separated list of CIDRs to store in the
      ingress.kubernetes.io/whitelist-source-range annotation.

      This can be used to lock down access to
      Keystone based on source IP address.
    default: ""
  tls_secret_name:
    type: string
    description: TLS Secret name
    default: ""
  site_url:
    type: string
    description: Ingress URL
    default: ""
  ldap_enabled:
    type: boolean
    description: Boolean to enable/disable LDAP authentication
    default: false
  region_id:
    type: string
    description: Region ID to be created when starting the service
    default: RegionOne
  keystone_db_password:
    type: string
    description: Keystone DB Password
    default: admin
  admin_username:
    type: string
    description: Admin username to be created when starting the service
    default: admin
  admin_password:
    type: string
    description: Admin password to be created when starting the service
    default: admin
  admin_project:
    type: string
    description: Admin project to be created when starting the service
    default: admin
  service_username:
    type: string
    description: Service Username to be created when starting the service
    default: nbi
  service_password:
    type: string
    description: Service Password to be created when starting the service
    default: nbi
  service_project:
    type: string
    description: Service Project to be created when starting the service
    default: service
  user_domain_name:
    type: string
    description: User domain name (Hardcoded in the container start.sh script)
    default: default
  project_domain_name:
    type: string
    description: |
      Project domain name (Hardcoded in the container start.sh script)
    default: default

    # ENV LDAP_AUTHENTICATION_DOMAIN_NAME     no default
    # ENV LDAP_URL                            ldap://localhost
    # ENV LDAP_BIND_USER                      no defauslt
    # ENV LDAP_BIND_PASSWORD                  no default
    # ENV LDAP_USER_TREE_DN                   no default
    # ENV LDAP_USER_OBJECTCLASS               inetOrgPerson
    # ENV LDAP_USER_ID_ATTRIBUTE              cn
    # ENV LDAP_USER_NAME_ATTRIBUTE            sn
    # ENV LDAP_USER_PASS_ATTRIBUTE            userPassword
    # ENV LDAP_USER_FILTER                    no default
    # ENV LDAP_USER_ENABLED_ATTRIBUTE         enabled
    # ENV LDAP_USER_ENABLED_MASK              0
    # ENV LDAP_USER_ENABLED_DEFAULT           true
    # ENV LDAP_USER_ENABLED_INVERT            false
    # ENV LDAP_USE_STARTTLS                   false
    # ENV LDAP_TLS_CACERT_BASE64              no default
    # ENV LDAP_TLS_REQ_CERT                   demand