Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-16 06:47:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
07dc9f7c9d80b9b8c9203caa515dfda8990aca03
charts/bitnami/owncloud/templates/_certificates.tpl
Carlos Rodríguez Hernández 8cad18aed9 [bitnami/several] Adapt templating format (#8562) 
Signed-off-by: Carlos Rodriguez Hernandez <carlosrh@vmware.com>
2022-01-05 18:10:31 +01:00

124 lines
4.2 KiB
Smarty
Raw Blame History

{{/* Templates for certificates injection */}}
{{/*
Return the proper image name used for setting up Certificates
*/}}
{{- define "certificates.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.certificates.image "global" .Values.global) }}
{{- end -}}
{{- define "certificates.initContainer" -}}
{{- if .Values.certificates.customCAs }}
- name: certificates
image: {{ include "certificates.image" . }}
imagePullPolicy: {{ .Values.certificates.image.pullPolicy }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range (default .Values.image.pullSecrets .Values.certificates.image.pullSecrets) }}
- name: {{ . }}
{{- end }}
{{- end }}
command:
{{- if .Values.certificates.command }}
{{- include "common.tplvalues.render" (dict "value" .Values.certificates.command "context" $) | nindent 4 }}
{{- else if .Values.certificates.customCertificate.certificateSecret }}
- sh
- -c
- install_packages ca-certificates openssl
{{- else }}
- sh
- -c
- install_packages ca-certificates openssl
&& openssl req -new -x509 -days 3650 -nodes -sha256
-subj "/CN=$(hostname)" -addext "subjectAltName = DNS:$(hostname)"
-out {{ .Values.certificates.customCertificate.certificateLocation }}
-keyout {{ .Values.certificates.customCertificate.keyLocation }} -extensions v3_req
{{- end }}
{{- if .Values.certificates.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.certificates.args "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.certificates.extraEnvVars }}
env: {{- include "common.tplvalues.render" (dict "value" .Values.certificates.extraEnvVars "context" $) | nindent 4 }}
{{- end }}
envFrom:
{{- if .Values.certificates.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.certificates.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.certificates.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.certificates.extraEnvVarsSecret "context" $) }}
{{- end }}
volumeMounts:
- name: etc-ssl-certs
mountPath: /etc/ssl/certs
readOnly: false
- name: etc-ssl-private
mountPath: /etc/ssl/private
readOnly: false
- name: custom-ca-certificates
mountPath: /usr/local/share/ca-certificates
readOnly: true
{{- end }}
{{- end }}
{{- define "certificates.volumes" -}}
{{- if .Values.certificates.customCAs }}
- name: etc-ssl-certs
emptyDir:
medium: "Memory"
- name: etc-ssl-private
emptyDir:
medium: "Memory"
- name: custom-ca-certificates
projected:
defaultMode: 0400
sources:
{{- range $index, $customCA := .Values.certificates.customCAs }}
- secret:
name: {{ $customCA.secret }}
# items not specified, will mount all keys
{{- end }}
{{- end -}}
{{- if .Values.certificates.customCertificate.certificateSecret }}
- name: custom-certificate
secret:
secretName: {{ .Values.certificates.customCertificate.certificateSecret }}
{{- if .Values.certificates.customCertificate.chainSecret }}
- name: custom-certificate-chain
secret:
secretName: {{ .Values.certificates.customCertificate.chainSecret.name }}
{{- end -}}
{{- end -}}
{{- end -}}
{{- define "certificates.volumeMounts" -}}
{{- if .Values.certificates.customCAs }}
- name: etc-ssl-certs
mountPath: /etc/ssl/certs/
readOnly: false
- name: etc-ssl-private
mountPath: /etc/ssl/private/
readOnly: false
- name: custom-ca-certificates
mountPath: /usr/local/share/ca-certificates
readOnly: true
{{- end -}}
{{- if .Values.certificates.customCertificate.certificateSecret }}
- name: custom-certificate
mountPath: {{ .Values.certificates.customCertificate.certificateLocation }}
subPath: tls.crt
readOnly: true
- name: custom-certificate
mountPath: {{ .Values.certificates.customCertificate.keyLocation }}
subPath: tls.key
readOnly: true
{{- if .Values.certificates.customCertificate.chainSecret }}
- name: custom-certificate-chain
mountPath: {{ .Values.certificates.customCertificate.chainLocation }}
subPath: {{ .Values.certificates.customCertificate.chainSecret.key }}
readOnly: true
{{- end }}
{{- end -}}
{{- end -}}
Reference in New Issue View Git Blame Copy Permalink