125 lines
8.8 KiB
YAML
125 lines
8.8 KiB
YAML
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# USAGE: to change cluster name, replace all ocurrences of "dex-target-cluster"
|
|
# by new cluster name in this file.
|
|
|
|
apiVersion: airshipit.org/v1alpha1
|
|
kind: VariableCatalogue
|
|
metadata:
|
|
name: dex-catalogue
|
|
labels:
|
|
airshipit.org/deploy-k8s: "false"
|
|
dex:
|
|
site:
|
|
name: Core
|
|
endpoints:
|
|
hostname: dex.core.local
|
|
port:
|
|
https: 5556
|
|
http: 5554
|
|
nodePort:
|
|
https: 31556
|
|
http: 31554
|
|
oidc:
|
|
client_id: core-kubernetes
|
|
client_secret: pUBnBOY80SnXgjibTYM9ZWNzY2xreNGQok
|
|
service:
|
|
type: LoadBalancer
|
|
kubeadm:
|
|
api-server:
|
|
extra-args:
|
|
oidc-issuer-url: https://dex.core.local:5556/dex
|
|
oidc-client-id: core-kubernetes
|
|
oidc-username-claim: email
|
|
oidc-username-prefix: "oidc:"
|
|
oidc-groups-claim: groups
|
|
oidc-ca-file: /etc/kubernetes/certs/dex-cert
|
|
extra-volumes:
|
|
dex:
|
|
{
|
|
"hostPath": "/etc/kubernetes/certs/dex-cert",
|
|
"mountPath": "/etc/kubernetes/certs/dex-cert",
|
|
"name": "dex-cert",
|
|
"readOnly": true
|
|
}
|
|
files:
|
|
dex:
|
|
{
|
|
"contentFrom": {
|
|
"secret": {
|
|
"key": "dex-cert",
|
|
"name": "target-cluster-control-plane-dex-crt"
|
|
}
|
|
},
|
|
"owner": "root:root",
|
|
"path": "/etc/kubernetes/certs/dex-cert",
|
|
"permissions": "0644"
|
|
}
|
|
tls:
|
|
crt: |
|
|
-----BEGIN CERTIFICATE-----
|
|
MIIDFzCCAf+gAwIBAgIUQG5rnXCN1XFVgV5J01OzryKcsYAwDQYJKoZIhvcNAQEL
|
|
BQAwGzEZMBcGA1UEAwwQamFydmlzLWNhLWlzc3VlcjAeFw0yMTAxMjkxNTU2MDZa
|
|
Fw0yMTAyMDgxNTU2MDZaMBsxGTAXBgNVBAMMEGphcnZpcy1jYS1pc3N1ZXIwggEi
|
|
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP+hxPsqvedmLtF0IyJE8U1YYA
|
|
v8p1nWlP1pAqUpLY1Vq9ahdnwuff+jPmtoF+f5ws1164Ac+UlzVyt6WgSvVGtnC0
|
|
Hsrbsi+PvMh3CtVOj3h/vN5a8ESHG+CoZO/hHEpc9k9BB4qRNTGSr+z7BkWNqTus
|
|
lvFYOxnvzvCb8QI5kz5V3KJiREDqSEoow5lYIbVjQoPaj8ofulOZw/CTbhgfwDFx
|
|
6T+Q3C3HcG2IrRtD7yeT684S6jDC06CYgGc9FkiyQhsju27IKqWOt1PGccWKPSnA
|
|
43oNgkT6A00rfi48ICsppEwxBdz8FPPmTkNMoyG11RMcXAYggmBkXeRVDg2vAgMB
|
|
AAGjUzBRMB0GA1UdDgQWBBRHNYlWAAc4zcKHn+MFc4UJRUIOqDAfBgNVHSMEGDAW
|
|
gBRHNYlWAAc4zcKHn+MFc4UJRUIOqDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
|
|
DQEBCwUAA4IBAQAmSszZ4lBTNW88LK7CoeDcU0X/fWxpRtWi3eXmFssqS+/yMS5w
|
|
ys+n4jPPZQDZZbjaGHa0DDYvTWEWx8U9ETqQMd+4dS/2EiwuTiDr3DimnB1NpGbf
|
|
/Di2uFQVXt2RkoEYTbTsFK/Gk3E20l75epaspxrc+UaOtjdIl1g/mLVy3Oa8K39h
|
|
iC3+nWdmokwImCXMJIqLXssJqJK6XEXCsdaQrqfgp9GibM8Pc+0Rbkcmo+ksrPrj
|
|
trq23db6WtKqXVOpa/MTMXblIHjUif7NpzsDpkj470jwNDN9S6IHjEWZaQCMagp8
|
|
JFH7vMItGzKqLDTjquMDfvHtw4/U1vmtjRZY
|
|
-----END CERTIFICATE-----
|
|
key: |
|
|
-----BEGIN RSA PRIVATE KEY-----
|
|
MIIEpAIBAAKCAQEAz/ocT7Kr3nZi7RdCMiRPFNWGAL/KdZ1pT9aQKlKS2NVavWoX
|
|
Z8Ln3/oz5raBfn+cLNdeuAHPlJc1creloEr1RrZwtB7K27Ivj7zIdwrVTo94f7ze
|
|
WvBEhxvgqGTv4RxKXPZPQQeKkTUxkq/s+wZFjak7rJbxWDsZ787wm/ECOZM+Vdyi
|
|
YkRA6khKKMOZWCG1Y0KD2o/KH7pTmcPwk24YH8Axcek/kNwtx3BtiK0bQ+8nk+vO
|
|
EuowwtOgmIBnPRZIskIbI7tuyCqljrdTxnHFij0pwON6DYJE+gNNK34uPCArKaRM
|
|
MQXc/BTz5k5DTKMhtdUTHFwGIIJgZF3kVQ4NrwIDAQABAoIBAEBObYKXFF1s7Zmx
|
|
n14xq+IdQ5nns4o6ad2t0lXDwnQZRD1dGG+U7G1sx6+GrvOWMYwL69Wpea3QM06N
|
|
SkEN7Fk5ABAxlTfpGJuxG6rzRpFL+05D79zefdHo5MYsr59DSBsGbesFkerkL7fT
|
|
fcsAXXE36qOq6GUHoTVtHyiYlL+IILJEc4+XPFX+mOxDrRDKaIT5BiV9Kksi7kOZ
|
|
FBZjcbBXcwuxSg0uxDm4hMiGshdJp+3Enum7pwXeU7OpaiDCF/icFCeNQ/MZaSP3
|
|
TFMNsllQbmTAa/Aej1pU2nA0CucyNkVMvNlRjDi6qpdyp0roBQC62jCZHbG8dDci
|
|
eG4UQgECgYEA9sWNDBv0zvQVcsqpwVXUdjsSRuAmtRWxgkC/U72TefvOwav3GeLM
|
|
WMiepk4Iy2BqwE/SjAruvuVfOxN+U2/TnuAP/4cz5z8btFnjgtRSGHL+ZZpwcMNb
|
|
2mqsaCu86s66tGQrmnrneFmWCVHX0ZOEUQmwH4bV4R4ifd7ETpK4UQ8CgYEA18Ep
|
|
aVmt/ka2Cd1I7HgM2eWRBRuErQneDJdIbo3MxU5gXT0MQC2yoaXSTW5x2NvJ8lcK
|
|
pTKZgJn54oNTkH1db8ZrwZ3tKFOgug64UpVrteVicjin/HKLfSUQ5YqjgsE3aO53
|
|
Wmo9DBJ9qV2eYZVaCnkBvmE7LNs8IiXoOEQlOWECgYEA2b2YZh3o1g8zObWvMcOt
|
|
E6Gtz9IK9W+t0DOXXqmBDnpshiFZiILBMnna2v0x71ok94m3SxB+dvxnGfZqWe7r
|
|
OF2WYC8JUjsyE+HYyODVi3M0G6y5GBaY3tGPTN+C82D0ByX3/3gA9AWASLrphqf2
|
|
cZbty/OqlteDMbM1XetCLWsCgYEAk/ySAwjYJ0kpI6r8kfXmGq8zwWUWo/nYrJo3
|
|
vFzWz57qyglNldfCZs3uad4PiMd4xRie3KDQWT1EAPJDJyBWLozS7IL+YGK8I+Jk
|
|
24BR2Pn1hJMH5khLFROPe2KUtOMCtp6ajxG/vcARIVJtiFGA6R4G7CaVCDd4D5Qg
|
|
rDdRsQECgYAmZTXsx5BUUDkGaeOXNlLj9ZXTGVQDIro6UZ4t4sZ+cZ8Pk1oEnqGu
|
|
JI4iknkRTX4zlEDY9TmVij+bU+vpVdwjV7ygoDA7WAYuv91dIji7VXPBIKdJnkmV
|
|
UnFZc+n6xY/IkZGhb++ibdy9zj/sR1daCYyHRvy1h4s4+Ho41M598Q==
|
|
-----END RSA PRIVATE KEY-----
|
|
crt-b64: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURGekNDQWYrZ0F3SUJBZ0lVUUc1cm5YQ04xWEZWZ1Y1SjAxT3pyeUtjc1lBd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0d6RVpNQmNHQTFVRUF3d1FhbUZ5ZG1sekxXTmhMV2x6YzNWbGNqQWVGdzB5TVRBeE1qa3hOVFUyTURaYQpGdzB5TVRBeU1EZ3hOVFUyTURaYU1Cc3hHVEFYQmdOVkJBTU1FR3BoY25acGN5MWpZUzFwYzNOMVpYSXdnZ0VpCk1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFAraHhQc3F2ZWRtTHRGMEl5SkU4VTFZWUEKdjhwMW5XbFAxcEFxVXBMWTFWcTlhaGRud3VmZitqUG10b0YrZjV3czExNjRBYytVbHpWeXQ2V2dTdlZHdG5DMApIc3Jic2krUHZNaDNDdFZPajNoL3ZONWE4RVNIRytDb1pPL2hIRXBjOWs5QkI0cVJOVEdTcit6N0JrV05xVHVzCmx2RllPeG52enZDYjhRSTVrejVWM0tKaVJFRHFTRW9vdzVsWUliVmpRb1BhajhvZnVsT1p3L0NUYmhnZndERngKNlQrUTNDM0hjRzJJclJ0RDd5ZVQ2ODRTNmpEQzA2Q1lnR2M5RmtpeVFoc2p1MjdJS3FXT3QxUEdjY1dLUFNuQQo0M29OZ2tUNkEwMHJmaTQ4SUNzcHBFd3hCZHo4RlBQbVRrTk1veUcxMVJNY1hBWWdnbUJrWGVSVkRnMnZBZ01CCkFBR2pVekJSTUIwR0ExVWREZ1FXQkJSSE5ZbFdBQWM0emNLSG4rTUZjNFVKUlVJT3FEQWZCZ05WSFNNRUdEQVcKZ0JSSE5ZbFdBQWM0emNLSG4rTUZjNFVKUlVJT3FEQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liMwpEUUVCQ3dVQUE0SUJBUUFtU3N6WjRsQlROVzg4TEs3Q29lRGNVMFgvZld4cFJ0V2kzZVhtRnNzcVMrL3lNUzV3CnlzK240alBQWlFEWlpiamFHSGEwRERZdlRXRVd4OFU5RVRxUU1kKzRkUy8yRWl3dVRpRHIzRGltbkIxTnBHYmYKL0RpMnVGUVZYdDJSa29FWVRiVHNGSy9HazNFMjBsNzVlcGFzcHhyYytVYU90amRJbDFnL21MVnkzT2E4SzM5aAppQzMrbldkbW9rd0ltQ1hNSklxTFhzc0pxSks2WEVYQ3NkYVFycWZncDlHaWJNOFBjKzBSYmtjbW8ra3NyUHJqCnRycTIzZGI2V3RLcVhWT3BhL01UTVhibElIalVpZjdOcHpzRHBrajQ3MGp3TkROOVM2SUhqRVdaYVFDTWFncDgKSkZIN3ZNSXRHektxTERUanF1TURmdkh0dzQvVTF2bXRqUlpZCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
|
|
key-b64: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBei9vY1Q3S3IzblppN1JkQ01pUlBGTldHQUwvS2RaMXBUOWFRS2xLUzJOVmF2V29YClo4TG4zL296NXJhQmZuK2NMTmRldUFIUGxKYzFjcmVsb0VyMVJyWnd0QjdLMjdJdmo3eklkd3JWVG85NGY3emUKV3ZCRWh4dmdxR1R2NFJ4S1hQWlBRUWVLa1RVeGtxL3Mrd1pGamFrN3JKYnhXRHNaNzg3d20vRUNPWk0rVmR5aQpZa1JBNmtoS0tNT1pXQ0cxWTBLRDJvL0tIN3BUbWNQd2syNFlIOEF4Y2VrL2tOd3R4M0J0aUswYlErOG5rK3ZPCkV1b3d3dE9nbUlCblBSWklza0liSTd0dXlDcWxqcmRUeG5IRmlqMHB3T042RFlKRStnTk5LMzR1UENBckthUk0KTVFYYy9CVHo1azVEVEtNaHRkVVRIRndHSUlKZ1pGM2tWUTROcndJREFRQUJBb0lCQUVCT2JZS1hGRjFzN1pteApuMTR4cStJZFE1bm5zNG82YWQydDBsWER3blFaUkQxZEdHK1U3RzFzeDYrR3J2T1dNWXdMNjlXcGVhM1FNMDZOClNrRU43Rms1QUJBeGxUZnBHSnV4RzZyelJwRkwrMDVENzl6ZWZkSG81TVlzcjU5RFNCc0diZXNGa2Vya0w3ZlQKZmNzQVhYRTM2cU9xNkdVSG9UVnRIeWlZbEwrSUlMSkVjNCtYUEZYK21PeERyUkRLYUlUNUJpVjlLa3NpN2tPWgpGQlpqY2JCWGN3dXhTZzB1eERtNGhNaUdzaGRKcCszRW51bTdwd1hlVTdPcGFpRENGL2ljRkNlTlEvTVphU1AzClRGTU5zbGxRYm1UQWEvQWVqMXBVMm5BMEN1Y3lOa1ZNdk5sUmpEaTZxcGR5cDByb0JRQzYyakNaSGJHOGREY2kKZUc0VVFnRUNnWUVBOXNXTkRCdjB6dlFWY3NxcHdWWFVkanNTUnVBbXRSV3hna0MvVTcyVGVmdk93YXYzR2VMTQpXTWllcGs0SXkyQnF3RS9TakFydXZ1VmZPeE4rVTIvVG51QVAvNGN6NXo4YnRGbmpndFJTR0hMK1pacHdjTU5iCjJtcXNhQ3U4NnM2NnRHUXJtbnJuZUZtV0NWSFgwWk9FVVFtd0g0YlY0UjRpZmQ3RVRwSzRVUThDZ1lFQTE4RXAKYVZtdC9rYTJDZDFJN0hnTTJlV1JCUnVFclFuZURKZElibzNNeFU1Z1hUME1RQzJ5b2FYU1RXNXgyTnZKOGxjSwpwVEtaZ0puNTRvTlRrSDFkYjhacndaM3RLRk9ndWc2NFVwVnJ0ZVZpY2ppbi9IS0xmU1VRNVlxamdzRTNhTzUzCldtbzlEQko5cVYyZVlaVmFDbmtCdm1FN0xOczhJaVhvT0VRbE9XRUNnWUVBMmIyWVpoM28xZzh6T2JXdk1jT3QKRTZHdHo5SUs5Vyt0MERPWFhxbUJEbnBzaGlGWmlJTEJNbm5hMnYweDcxb2s5NG0zU3hCK2R2eG5HZlpxV2U3cgpPRjJXWUM4SlVqc3lFK0hZeU9EVmkzTTBHNnk1R0JhWTN0R1BUTitDODJEMEJ5WDMvM2dBOUFXQVNMcnBocWYyCmNaYnR5L09xbHRlRE1iTTFYZXRDTFdzQ2dZRUFrL3lTQXdqWUowa3BJNnI4a2ZYbUdxOHp3V1VXby9uWXJKbzMKdkZ6V3o1N3F5Z2xObGRmQ1pzM3VhZDRQaU1kNHhSaWUzS0RRV1QxRUFQSkRKeUJXTG96UzdJTCtZR0s4SStKawoyNEJSMlBuMWhKTUg1a2hMRlJPUGUyS1V0T01DdHA2YWp4Ry92Y0FSSVZKdGlGR0E2UjRHN0NhVkNEZDRENVFnCnJEZFJzUUVDZ1lBbVpUWHN4NUJVVURrR2FlT1hObExqOVpYVEdWUURJcm82VVo0dDRzWitjWjhQazFvRW5xR3UKSkk0aWtua1JUWDR6bEVEWTlUbVZpaitiVSt2cFZkd2pWN3lnb0RBN1dBWXV2OTFkSWppN1ZYUEJJS2RKbmttVgpVbkZaYytuNnhZL0lrWkdoYisraWJkeTl6ai9zUjFkYUNZeUhSdnkxaDRzNCtIbzQxTTU5OFE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
|
|
yaml:
|
|
connector:
|
|
connectors:
|
|
- type: <your connector type, e.g., 'ldap'>
|
|
id: <your connector id, e.g., 'ldap'>
|
|
name: <your connector name, e.g., 'LDAP'>
|