38 lines
1.3 KiB
YAML
38 lines
1.3 KiB
YAML
apiVersion: v1
|
|
data:
|
|
# Leave as true untill LDAP has been successfuly set up - enables manual login
|
|
admin.enabled: "true"
|
|
dex.config: |
|
|
connectors:
|
|
- type: ldap
|
|
name: LDAP
|
|
id: ldap
|
|
config:
|
|
# Ldap server address (choice of port depends on your set-up, see docs)
|
|
host: "ldap.undercloud.local:389"
|
|
insecureNoSSL: true
|
|
insecureSkipVerify: true
|
|
startTLS: false
|
|
# Variable name stores ldap bindDN in argocd-secret
|
|
bindDN: "cn=argocd,ou=serviceaccounts,ou=users,dc=undercloud,dc=local"
|
|
# Variable name stores ldap bind password in argocd-secret
|
|
bindPW: "$dex.ldap.bindPW"
|
|
usernamePrompt: username
|
|
# Ldap user search attributes
|
|
userSearch:
|
|
baseDN: "cn=users,dc=undercloud,dc=local"
|
|
filter: "(objectClass=inetOrgPerson)"
|
|
username: uid
|
|
idAttr: uid
|
|
emailAttr: mail
|
|
nameAttr: cn
|
|
groupSearch:
|
|
baseDN: "dc=undercloud,dc=local"
|
|
filter: "(objectClass=groupOfUniqueNames)"
|
|
userMatchers:
|
|
- userAttr: uid
|
|
groupAttr: uniqueMember
|
|
# Represents group name.
|
|
nameAttr: name
|
|
# This will prevent ldap login to redirect to itself.
|
|
url: argocd.apps.undercloud.dev |