The deckhouse-web module: configuration

Parameters

authobject
Parameters to authenticate and authorize access to the documentation web interface.
- allowedUserGroupsarray of strings
  An array of groups whose users can browse the documentation.
  
  This parameter is used if the user-authn module is enabled or the externalAuthentication parameter is set.
  
  Caution! Note that you must add those groups to the appropriate field in the DexProvider config if this module is used together with the user-authn one.
  
  Default: []
  Examples:
```
allowedUserGroups:
- admin
- users
```
```
allowedUserGroups: []
```
- externalAuthenticationobject
  Parameters to enable external authentication (the Nginx Ingress external-auth mechanism is used that is based on the Nginx auth_request module).
  - authSignInURLstring
    The URL to redirect the user for authentication (if the authentication service returned a non-200 HTTP response.
    
    Default: ""
    Example:
    authSignInURL: https://$host/dex-authenticator/sign_in
  - authURLstring
    The URL of the authentication service.
    
    If the user is authenticated, the service should return an HTTP 200 response code.
    
    Default: ""
    Example:
    authURL: https://deckhouse-web-dex-authenticator.d8-system.svc.cluster.local/dex-authenticator/auth
- passwordstring
  The password for HTTP authorization of the admin user (it is generated automatically, but you can change it).
  
  This parameter is used if the externalAuthentication is not enabled.
  
  Examples:
```
password: qwerty123
```
```
password: foobar
```
httpsobject
What certificate type to use.

This parameter completely overrides the global.modules.https settings.

Examples:
```
https:
  mode: Disabled
```
```
https:
  mode: OnlyInURI
```
```
https:
  mode: CustomCertificate
  customCertificate:
    secretName: foobar
```
```
https:
  mode: CertManager
  certManager:
    clusterIssuerName: letsencrypt
```
- certManagerobject
  Parameters for certmanager.
  - clusterIssuerNamestring
    What ClusterIssuer to use for getting an SSL certificate (currently, letsencrypt, letsencrypt-staging, selfsigned are available; also, you can define your own).
    
    Default: "letsencrypt"
    Examples:
    clusterIssuerName: letsencrypt
    clusterIssuerName: letsencrypt-staging
    clusterIssuerName: selfsigned
- customCertificateobject
  Parameters for custom certificate usage.
  - secretNamestring
    The name of the secret in the d8-system namespace to use with the documentation web UI.
    
    This secret must have the kubernetes.io/tls format.
- modestring
  The HTTPS usage mode:
  - CertManager — the web UI is accessed over HTTPS using a certificate obtained from a clusterIssuer specified in the certManager.clusterIssuerName parameter.
  - CustomCertificate — the web UI is accessed over HTTPS using a certificate from the d8-system namespace.
  - Disabled — in this mode, the documentation web UI can only be accessed over HTTP.
  - OnlyInURI — the documentation web UI will work over HTTP (thinking that there is an external HTTPS load balancer in front of it that terminates HTTPS traffic). All the links in the user-authn will be generated using the HTTPS scheme.
  Default: "CertManager"
  Allowed values: Disabled, CertManager, CustomCertificate, OnlyInURI
ingressClassstring
The class of the Ingress controller of the documentation web UI.

An optional parameter; by default, the modules.ingressClass global value is used.
nodeSelectorobject
The same as in the pods’ spec.nodeSelector parameter in Kubernetes.

If the parameter is omitted or false, it will be determined automatically.

Example:
```
nodeSelector:
  disktype: ssd
```
tolerationsarray of objects
The same as in the pods’ spec.tolerations parameter in Kubernetes;

If the parameter is omitted or false, it will be determined automatically.

Example:
```
tolerations:
- key: key1
  operator: Equal
  value: value1
  effect: NoSchedule
```
- effectstring
- keystring
- operatorstring
- tolerationSecondsinteger
- valuestring