diff --git a/addons/apecloud-mysql/config/mysql-scale-vtgate-config.tpl b/addons/apecloud-mysql/config/mysql-scale-vtgate-config.tpl index 7ca579cbb..489e5c4a8 100644 --- a/addons/apecloud-mysql/config/mysql-scale-vtgate-config.tpl +++ b/addons/apecloud-mysql/config/mysql-scale-vtgate-config.tpl @@ -24,7 +24,7 @@ enable_display_sql_execution_vttablets=false enable_read_write_split_for_read_only_txn=false enable_interception_for_dml_without_where=true -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} mysql_server_ssl_ca=/etc/pki/tls/ca.pem mysql_server_ssl_cert=/etc/pki/tls/cert.pem mysql_server_ssl_key=/etc/pki/tls/key.pem diff --git a/addons/apecloud-mysql/config/mysql8-config.tpl b/addons/apecloud-mysql/config/mysql8-config.tpl index 2637224ed..a992b0c4e 100644 --- a/addons/apecloud-mysql/config/mysql8-config.tpl +++ b/addons/apecloud-mysql/config/mysql8-config.tpl @@ -195,7 +195,7 @@ relay_log_index=relay-bin.index pid_file=/var/run/mysqld/mysqld.pid socket=/var/run/mysqld/mysqld.sock -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} # tls # require_secure_transport=ON ssl_ca=/etc/pki/tls/ca.pem diff --git a/addons/apecloud-postgresql/config/pg14-config.tpl b/addons/apecloud-postgresql/config/pg14-config.tpl index 7bc1f13c9..e19e26fe1 100644 --- a/addons/apecloud-postgresql/config/pg14-config.tpl +++ b/addons/apecloud-postgresql/config/pg14-config.tpl @@ -215,7 +215,7 @@ session_replication_role = 'origin' sql_firewall.firewall = 'disable' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' # shared_preload_libraries = 'pg_stat_statements,auto_explain,bg_mon,pgextwlist,pg_auth_mon,set_user,pg_cron,pg_stat_kcache' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/clickhouse/configs/00_default_overrides.xml.tpl b/addons/clickhouse/configs/00_default_overrides.xml.tpl index 2ff4a6b0e..680583f86 100644 --- a/addons/clickhouse/configs/00_default_overrides.xml.tpl +++ b/addons/clickhouse/configs/00_default_overrides.xml.tpl @@ -2,7 +2,7 @@ {{- $namespace := $.cluster.metadata.namespace }} 0.0.0.0 - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} @@ -31,7 +31,7 @@ {{- range $_, $host := splitList "," .CLICKHOUSE_POD_FQDN_LIST }} {{ $host }} - {{- if and (index $ "TLS_ENABLED") (eq (index $ "TLS_ENABLED") "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} 1 {{- else }} @@ -48,7 +48,7 @@ {{- range $_, $host := splitList "," .CH_KEEPER_POD_FQDN_LIST }} {{ $host }} - {{- if and (index $ "TLS_ENABLED") (eq (index $ "TLS_ENABLED") "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} 1 {{- else }} @@ -67,7 +67,7 @@ true - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") -}} + {{- if eq (index $ "TLS_ENABLED") "true" -}} {{- $CA_FILE := /etc/pki/tls/ca.pem -}} {{- $CERT_FILE := /etc/pki/tls/cert.pem -}} {{- $KEY_FILE := /etc/pki/tls/key.pem }} diff --git a/addons/clickhouse/configs/ch_keeper_00_default_overrides.xml.tpl b/addons/clickhouse/configs/ch_keeper_00_default_overrides.xml.tpl index 66c090c17..1ac45d3a7 100644 --- a/addons/clickhouse/configs/ch_keeper_00_default_overrides.xml.tpl +++ b/addons/clickhouse/configs/ch_keeper_00_default_overrides.xml.tpl @@ -2,7 +2,7 @@ {{- $namespace := $.cluster.metadata.namespace }} 0.0.0.0 - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} @@ -15,7 +15,7 @@ {{- end }} - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} 1 {{- else }} @@ -30,14 +30,14 @@ warning - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} true {{- end }} {{- range $id, $host := splitList "," .CH_KEEPER_POD_FQDN_LIST }} {{ $id }} {{ $host }} - {{- if and (index $ "TLS_ENABLED") (eq (index $ "TLS_ENABLED") "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} {{- else }} @@ -55,7 +55,7 @@ true - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") -}} + {{- if eq (index $ "TLS_ENABLED") "true" -}} {{- $CA_FILE := /etc/pki/tls/ca.pem -}} {{- $CERT_FILE := /etc/pki/tls/cert.pem -}} {{- $KEY_FILE := /etc/pki/tls/key.pem -}} diff --git a/addons/clickhouse/configs/client.xml.tpl b/addons/clickhouse/configs/client.xml.tpl index 7acc0379c..492df57c4 100644 --- a/addons/clickhouse/configs/client.xml.tpl +++ b/addons/clickhouse/configs/client.xml.tpl @@ -1,7 +1,7 @@ admin - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") -}} + {{- if eq (index $ "TLS_ENABLED") "true" -}} {{- $CA_FILE := /etc/pki/tls/ca.pem -}} {{- $CERT_FILE := /etc/pki/tls/cert.pem -}} {{- $KEY_FILE := /etc/pki/tls/key.pem }} diff --git a/addons/etcd/config/etcd.conf.yaml.tpl b/addons/etcd/config/etcd.conf.yaml.tpl index afc146a03..2acddf6be 100644 --- a/addons/etcd/config/etcd.conf.yaml.tpl +++ b/addons/etcd/config/etcd.conf.yaml.tpl @@ -3,10 +3,10 @@ {{- $peer_protocol := "http" }} {{- $client_protocol := "http" }} -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") (eq .PEER_TLS "true") }} +{{- if and (eq (index $ "TLS_ENABLED") "true") (eq .PEER_TLS "true") }} {{- $peer_protocol = "https" }} {{- end }} -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") (eq .CLIENT_TLS "true") }} +{{- if and (eq (index $ "TLS_ENABLED") "true") (eq .CLIENT_TLS "true") }} {{- $client_protocol = "https" }} {{- end }} @@ -69,7 +69,7 @@ discovery-srv: {{- define "init_peers" }} {{- $peer_protocol := "http" }} - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") (eq .PEER_TLS "true") }} + {{- if and (eq (index $ "TLS_ENABLED") "true") (eq .PEER_TLS "true") }} {{- $peer_protocol = "https" }} {{- end }} {{- if (index . "PEER_ENDPOINT") }} @@ -128,7 +128,7 @@ proxy-write-timeout: 5000 # Time (in milliseconds) for a read to timeout. proxy-read-timeout: 0 -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} {{- if eq $client_protocol "https" }} client-transport-security: # Path to the client server TLS cert file. diff --git a/addons/orioledb/config/orioledb-config.tpl b/addons/orioledb/config/orioledb-config.tpl index 6a3172f67..8c9026065 100644 --- a/addons/orioledb/config/orioledb-config.tpl +++ b/addons/orioledb/config/orioledb-config.tpl @@ -206,7 +206,7 @@ session_replication_role = 'origin' sql_firewall.firewall = 'disable' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'orioledb,pg_stat_statements,auto_explain' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/postgresql/config/pg12-config.tpl b/addons/postgresql/config/pg12-config.tpl index 4b786a72e..36e7edbc7 100644 --- a/addons/postgresql/config/pg12-config.tpl +++ b/addons/postgresql/config/pg12-config.tpl @@ -217,7 +217,7 @@ session_replication_role = 'origin' sql_firewall.firewall = 'disable' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain,bg_mon,pgextwlist,pg_auth_mon,set_user,pg_cron,pg_stat_kcache,timescaledb,pgaudit' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/postgresql/config/pg14-config.tpl b/addons/postgresql/config/pg14-config.tpl index 9cd76ca67..82e64bc5d 100644 --- a/addons/postgresql/config/pg14-config.tpl +++ b/addons/postgresql/config/pg14-config.tpl @@ -217,7 +217,7 @@ session_replication_role = 'origin' sql_firewall.firewall = 'disable' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain,bg_mon,pgextwlist,pg_auth_mon,set_user,pg_cron,pg_stat_kcache,timescaledb,pgaudit' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/postgresql/config/pg15-config.tpl b/addons/postgresql/config/pg15-config.tpl index 9cd76ca67..82e64bc5d 100644 --- a/addons/postgresql/config/pg15-config.tpl +++ b/addons/postgresql/config/pg15-config.tpl @@ -217,7 +217,7 @@ session_replication_role = 'origin' sql_firewall.firewall = 'disable' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain,bg_mon,pgextwlist,pg_auth_mon,set_user,pg_cron,pg_stat_kcache,timescaledb,pgaudit' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/postgresql/config/pg16-config.tpl b/addons/postgresql/config/pg16-config.tpl index f8f139ead..04570b9a0 100644 --- a/addons/postgresql/config/pg16-config.tpl +++ b/addons/postgresql/config/pg16-config.tpl @@ -216,7 +216,7 @@ sql_firewall.firewall = 'disable' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain,bg_mon,pgextwlist,pg_auth_mon,set_user,pg_cron,pg_stat_kcache,timescaledb,pgaudit' - {{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} + {{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/vanilla-postgresql/config/pg12-config.tpl b/addons/vanilla-postgresql/config/pg12-config.tpl index d05f99fd2..01ac68287 100644 --- a/addons/vanilla-postgresql/config/pg12-config.tpl +++ b/addons/vanilla-postgresql/config/pg12-config.tpl @@ -195,7 +195,7 @@ row_security = 'True' session_replication_role = 'origin' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/vanilla-postgresql/config/pg14-config.tpl b/addons/vanilla-postgresql/config/pg14-config.tpl index cd502571d..621d34294 100644 --- a/addons/vanilla-postgresql/config/pg14-config.tpl +++ b/addons/vanilla-postgresql/config/pg14-config.tpl @@ -195,7 +195,7 @@ row_security = 'True' session_replication_role = 'origin' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem' diff --git a/addons/vanilla-postgresql/config/pg15-config.tpl b/addons/vanilla-postgresql/config/pg15-config.tpl index 4d6171fe5..7f370fc9c 100644 --- a/addons/vanilla-postgresql/config/pg15-config.tpl +++ b/addons/vanilla-postgresql/config/pg15-config.tpl @@ -195,7 +195,7 @@ row_security = 'True' session_replication_role = 'origin' shared_buffers = '{{ printf "%d%s" $shared_buffers $buffer_unit }}' shared_preload_libraries = 'pg_stat_statements,auto_explain' -{{- if and (index . "TLS_ENABLED") (eq .TLS_ENABLED "true") }} +{{- if eq (index $ "TLS_ENABLED") "true" }} ssl = 'True' ssl_ca_file = '/etc/pki/tls/ca.pem' ssl_cert_file = '/etc/pki/tls/cert.pem'