-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgateway_configmap.yaml
84 lines (76 loc) · 2.41 KB
/
gateway_configmap.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
{{- if .Values.gateway.enabled -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "osrd.fullname" . }}-gateway-config
data:
gateway.toml: |
{{- $config := .Values.gateway.config }}
listen_addr = "0.0.0.0"
port = {{ .Values.gateway.service.targetPort }}
trusted_proxies = [{{ range $index, $proxy := $config.trusted_proxies }}{{ if $index }}, {{ end }}"{{ $proxy }}"{{ end }}]
[static_files]
root_folder = "/srv/front"
redirect_404_to_index = true
{{- if $config.tracing.enabled }}
[telemetry.tracing]
type = "{{ $config.tracing.type }}"
{{- range $key, $value := $config.tracing.config }}
"{{ $key }}" = "{{ $value }}"
{{- end }}
{{- end }}
{{- if .Values.tileServer.enabled }}
[[targets]]
prefix = "/api/layers"
upstream = "{{ .Values.tileServer.internalUrl }}/layers"
require_auth = true
{{- end }}
[[targets]]
prefix = "/api"
upstream = "{{ .Values.editoast.internalUrl }}"
require_auth = true
{{- if $config.auth }}
[auth]
{{- if $config.auth.default_provider }}
default_provider = "{{ $config.auth.default_provider }}"
{{- end }}
{{- range $provider := $config.auth.providers }}
[[auth.providers]]
type = "{{ $provider.type }}"
provider_id = "{{ $provider.provider_id }}"
{{- if eq $provider.type "Mocked" }}
username = "{{ $provider.username }}"
require_login = {{ $provider.require_login }}
{{- else if eq $provider.type "Bearer" }}
[auth.providers.tokens]
{{- range $key, $value := $provider.tokens }}
"{{ $key }}" = "{{ $value }}"
{{- end }}
{{- else if eq $provider.type "Oidc" }}
issuer_url = "{{ $provider.issuer_url }}"
post_login_url = "{{ $provider.post_login_url }}"
callback_url = "{{ $provider.callback_url }}"
client_id = "{{ $provider.client_id }}"
client_secret = "{{ $provider.client_secret }}"
{{- if $provider.username_whitelist }}
username_whitelist = [
{{- range $username := $provider.username_whitelist }}
"{{ $username }}",
{{- end }}
]
{{- end }}
{{- if $provider.profile_scope_override }}
profile_scope_override = "{{ $provider.profile_scope_override }}"
{{- end }}
{{- if $provider.acr }}
acr = "{{ $provider.acr }}"
amr = [
{{- range $provider.amr }}
"{{ . }}",
{{- end }}
]
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}