--- onelab: domain: {{ .Values.onelab.domain | quote }} logs: path: "/logs" level: info assets: purge: 1d shared: inputs: path: "./data/shared/inputs" archive_path: "./data/shared/archived" security: cors: '*' auth: token: expiration: 5m key: {{ .Values.onelab.secrets.authTokenKey | quote }} password: expiration: 90d min_length: 8 prevent_reuse: 5 allow_list: [] block_list: [] authentifier: "email" ratelimit: ip: max: 1000 duration: 1d auth: max: 5 duration: 5m delay_after: 2 delay_ms: 1000 devices: cors: '*' monitoring: token: {{ .Values.onelab.secrets.monitoringToken | quote }} params: session: idle: 45m remember_me: true lab: creation_policy: many {{- if .Values.onelab.compliance.enabled }} compliance: require_electronic_signature: {{ .Values.onelab.compliance.requireElectronicSignature }} execution_operator_restriction_policy: {{ .Values.onelab.compliance.executionOperatorRestrictionPolicy | quote }} execution_admin_expert_restriction_policy: {{ .Values.onelab.compliance.executionAdminExpertRestrictionPolicy | quote }} prevent_csv_import: {{ .Values.onelab.compliance.preventCsvImport }} prevent_manual_metadata_edit: {{ .Values.onelab.compliance.preventManualMetadataEdit }} device_restart: {{ .Values.onelab.compliance.deviceRestart }} {{- end }} signup: false {{- if .Values.onelab.intercom.appid }} intercom: appid: {{ .Values.onelab.intercom.appid | quote }} secret: {{ .Values.onelab.intercom.secret | quote }} {{- end }} mailer: noreply: {{ .Values.onelab.mailer.noreply | quote }} queue: scheduling: 15 maxsize: 50 error: maxtries: 3 timeout: 60 ldap: enabled: {{ if or .Values.onelab.ldap.enabled .Values.features.ldapWorker }}true{{ else }}false{{ end }} {{- if or .Values.onelab.ldap.enabled .Values.features.ldapWorker }} {{- if .Values.onelab.ldap.timeout }} timeout: {{ .Values.onelab.ldap.timeout | int }} {{- end }} {{- if .Values.onelab.ldap.encryption }} encryption: {{ .Values.onelab.ldap.encryption | quote }} {{- end }} {{- if .Values.onelab.ldap.policy }} policy: {{ .Values.onelab.ldap.policy | quote }} {{- end }} {{- if kindIs "bool" .Values.onelab.ldap.verifyCertificates }} verify_certificates: {{ .Values.onelab.ldap.verifyCertificates }} {{- end }} {{- if or .Values.onelab.ldap.tlsCaPath .Values.onelab.ldap.tlsCertPath .Values.onelab.ldap.tlsKeyPath .Values.onelab.ldap.tlsCiphers .Values.onelab.ldap.tlsSslVersion }} tls: {{- if .Values.onelab.ldap.tlsCaPath }} ca: {{ .Values.onelab.ldap.tlsCaPath | quote }} {{- end }} {{- if .Values.onelab.ldap.tlsCertPath }} cert: {{ .Values.onelab.ldap.tlsCertPath | quote }} {{- end }} {{- if .Values.onelab.ldap.tlsKeyPath }} key: {{ .Values.onelab.ldap.tlsKeyPath | quote }} {{- end }} {{- if .Values.onelab.ldap.tlsCiphers }} ciphers: {{ .Values.onelab.ldap.tlsCiphers | quote }} {{- end }} {{- if .Values.onelab.ldap.tlsSslVersion }} ssl_version: {{ .Values.onelab.ldap.tlsSslVersion | quote }} {{- end }} {{- end }} {{- end }} services: db: host: db database: postgres username: postgres password: {{ .Values.postgresql.auth.password | quote }} schema: onelab redis: host: redis port: "6379" rabbit: url: rabbitmq port: 5671 token: {{ .Values.onelab.secrets.rabbitToken | quote }} api: replicas: {{ .Values.replicas.api }} apidevice: replicas: {{ .Values.replicas.apidevice }} apirabbit: replicas: {{ .Values.replicas.apirabbit }} devices: replicas: {{ .Values.replicas.devices }} experiments: replicas: {{ .Values.replicas.experiments }} images: replicas: {{ .Values.replicas.images }} manual: replicas: {{ .Values.replicas.manual }} website: ssr: {{ .Values.website.ssr }} ws: replicas: {{ .Values.replicas.ws }}