diff --git a/apps/board/openproject-kustomization.yaml b/apps/board/openproject-kustomization.yaml index 0ba25f9..4e7c9b8 100644 --- a/apps/board/openproject-kustomization.yaml +++ b/apps/board/openproject-kustomization.yaml @@ -33,3 +33,6 @@ spec: name: stackspin-openproject-oauth-variables - kind: ConfigMap name: stackspin-single-sign-on-kustomization-variables + # For the admin password + - kind: Secret + name: stackspin-single-sign-on-variables diff --git a/apps/board/openproject-secrets/openproject-variables.yaml b/apps/board/openproject-secrets/openproject-variables.yaml index 2480409..e0a8a7e 100644 --- a/apps/board/openproject-secrets/openproject-variables.yaml +++ b/apps/board/openproject-secrets/openproject-variables.yaml @@ -6,6 +6,6 @@ metadata: namespace: flux-system spec: fields: - - fieldName: admin_password - fieldName: postgresql_password - fieldName: postgresql_postgres_password + - fieldName: admin_password # FIXME delete diff --git a/apps/board/openproject/openproject-values-configmap.yaml b/apps/board/openproject/openproject-values-configmap.yaml index b8edb34..32e6c4d 100644 --- a/apps/board/openproject/openproject-values-configmap.yaml +++ b/apps/board/openproject/openproject-values-configmap.yaml @@ -48,6 +48,7 @@ data: backup.velero.io/backup-volumes: "data" containerSecurityContext: + readOnlyRootFilesystem: false #enabled: true #runAsUser: 1000 #runAsGroup: 1000 @@ -57,12 +58,12 @@ data: # - "ALL" #seccompProfile: # type: "RuntimeDefault" - readOnlyRootFilesystem: false #runAsNonRoot: true openproject: + #useTmpVolumes: false admin_user: - password: "${admin_password}" + password: "${userbackend_admin_password}" password_reset: "false" name: "${org_name} Admin" mail: "${admin_email}" diff --git a/apps/forge/forgejo-kustomization.yaml b/apps/forge/forgejo-kustomization.yaml index 9b56c69..0df7acf 100644 --- a/apps/forge/forgejo-kustomization.yaml +++ b/apps/forge/forgejo-kustomization.yaml @@ -33,4 +33,7 @@ spec: - kind: ConfigMap name: stackspin-single-sign-on-kustomization-variables - kind: ConfigMap - name: stackspin-dashboard-kustomization-variables + name: stackspin-dashboard-kustomization-variables # dashboard domain for icon + # For the admin password + - kind: Secret + name: stackspin-single-sign-on-variables diff --git a/apps/forge/forgejo-secrets/forgejo-variables.yaml b/apps/forge/forgejo-secrets/forgejo-variables.yaml index 5a030fb..cb79062 100644 --- a/apps/forge/forgejo-secrets/forgejo-variables.yaml +++ b/apps/forge/forgejo-secrets/forgejo-variables.yaml @@ -6,7 +6,7 @@ metadata: namespace: flux-system spec: fields: - - fieldName: forgejo_admin_password + - fieldName: forgejo_admin_password # FIXME delete - fieldName: lfs_jwt - fieldName: postgresql_password - fieldName: postgresql_admin_password diff --git a/apps/forge/forgejo/forgejo-values-configmap.yaml b/apps/forge/forgejo/forgejo-values-configmap.yaml index a625f35..2ac64c7 100644 --- a/apps/forge/forgejo/forgejo-values-configmap.yaml +++ b/apps/forge/forgejo/forgejo-values-configmap.yaml @@ -26,7 +26,7 @@ data: admin: username: "forgejo" email: "${admin_email}" - password: "${forgejo_admin_password}" + password: "${userbackend_admin_password}" # https://codeberg.org/forgejo-contrib/forgejo-helm#oauth2-settings oauth: - name: Stackspin diff --git a/apps/kustomization.yaml b/apps/kustomization.yaml index 37a183d..8e71273 100644 --- a/apps/kustomization.yaml +++ b/apps/kustomization.yaml @@ -9,6 +9,8 @@ resources: - meet-kustomization.yaml - status-kustomization.yaml - board-kustomization.yaml - #- design-kustomization.yaml # + - design-kustomization.yaml + #- sign-kustomization.yaml + #- stirling-kustomization.yaml #- sprint-kustomization.yaml #charts outdated #- video-kustomization.yaml #missing storage diff --git a/apps/ninja/invoiceninja-kustomization.yaml b/apps/ninja/invoiceninja-kustomization.yaml index 4c58fb9..347760a 100644 --- a/apps/ninja/invoiceninja-kustomization.yaml +++ b/apps/ninja/invoiceninja-kustomization.yaml @@ -27,9 +27,13 @@ spec: name: stackspin-invoiceninja-kustomization-variables - kind: Secret name: stackspin-invoiceninja-variables + # OIDC + # - kind: Secret + # name: stackspin-invoiceninja-oauth-variables + # optional: true + # - kind: ConfigMap + # name: stackspin-single-sign-on-kustomization-variables + # optional: true + # For the admin password - kind: Secret - name: stackspin-invoiceninja-oauth-variables - optional: true - - kind: ConfigMap - name: stackspin-single-sign-on-kustomization-variables - optional: true + name: stackspin-single-sign-on-variables diff --git a/apps/ninja/invoiceninja-secrets/invoiceninja-variables.yaml b/apps/ninja/invoiceninja-secrets/invoiceninja-variables.yaml index 3043101..97ff628 100644 --- a/apps/ninja/invoiceninja-secrets/invoiceninja-variables.yaml +++ b/apps/ninja/invoiceninja-secrets/invoiceninja-variables.yaml @@ -6,7 +6,7 @@ metadata: spec: fields: - fieldName: app_key - - fieldName: invoiceninja_admin_password - fieldName: redis_password - fieldName: mariadb_password - fieldName: mariadb_root_password + - fieldName: invoiceninja_admin_password # FIXME delete diff --git a/apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml b/apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml index e759858..80fdc73 100644 --- a/apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml +++ b/apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml @@ -49,7 +49,7 @@ data: appKey: "${app_key}" appURL: "https://${invoiceninja_domain}" userEmail: "${admin_email}" - userPassword: "${invoiceninja_admin_password}" + userPassword: "${userbackend_admin_password}" mailer: "smtp" # FIXME use "${outgoing_mail_enabled}" # https://github.com/invoiceninja/invoiceninja/blob/v5-stable/config/mail.php#L36 extraEnvVars: