Polygon/stackspout
2
0
Fork 0
Code Issues Pull requests Releases Activity

apps: use backend admin password instead of individual ones

Browse source
This commit is contained in:
xeruf 2025-05-26 10:04:14 +02:00
parent 0fd89ae46e
commit 7fff2fbb74
10 changed files with 27 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
apps/board/openproject-kustomization.yaml
View file

@ -33,3 +33,6 @@ spec:
name: stackspin-openproject-oauth-variables name: stackspin-openproject-oauth-variables
- kind: ConfigMap - kind: ConfigMap
name: stackspin-single-sign-on-kustomization-variables name: stackspin-single-sign-on-kustomization-variables
# For the admin password
- kind: Secret
name: stackspin-single-sign-on-variables

2
apps/board/openproject-secrets/openproject-variables.yaml
View file

@ -6,6 +6,6 @@ metadata:
namespace: flux-system namespace: flux-system
spec: spec:
fields: fields:
- fieldName: admin_password
- fieldName: postgresql_password - fieldName: postgresql_password
- fieldName: postgresql_postgres_password - fieldName: postgresql_postgres_password
- fieldName: admin_password # FIXME delete

5
apps/board/openproject/openproject-values-configmap.yaml
View file

@ -48,6 +48,7 @@ data:
backup.velero.io/backup-volumes: "data" backup.velero.io/backup-volumes: "data"
containerSecurityContext: containerSecurityContext:
readOnlyRootFilesystem: false
#enabled: true #enabled: true
#runAsUser: 1000 #runAsUser: 1000
#runAsGroup: 1000 #runAsGroup: 1000
@ -57,12 +58,12 @@ data:
# - "ALL" # - "ALL"
#seccompProfile: #seccompProfile:
# type: "RuntimeDefault" # type: "RuntimeDefault"
readOnlyRootFilesystem: false
#runAsNonRoot: true #runAsNonRoot: true
openproject: openproject:
#useTmpVolumes: false
admin_user: admin_user:
password: "${admin_password}" password: "${userbackend_admin_password}"
password_reset: "false" password_reset: "false"
name: "${org_name} Admin" name: "${org_name} Admin"
mail: "${admin_email}" mail: "${admin_email}"

5
apps/forge/forgejo-kustomization.yaml
View file

@ -33,4 +33,7 @@ spec:
- kind: ConfigMap - kind: ConfigMap
name: stackspin-single-sign-on-kustomization-variables name: stackspin-single-sign-on-kustomization-variables
- kind: ConfigMap - kind: ConfigMap
name: stackspin-dashboard-kustomization-variables name: stackspin-dashboard-kustomization-variables # dashboard domain for icon
# For the admin password
- kind: Secret
name: stackspin-single-sign-on-variables

2
apps/forge/forgejo-secrets/forgejo-variables.yaml
View file

@ -6,7 +6,7 @@ metadata:
namespace: flux-system namespace: flux-system
spec: spec:
fields: fields:
- fieldName: forgejo_admin_password - fieldName: forgejo_admin_password # FIXME delete
- fieldName: lfs_jwt - fieldName: lfs_jwt
- fieldName: postgresql_password - fieldName: postgresql_password
- fieldName: postgresql_admin_password - fieldName: postgresql_admin_password

2
apps/forge/forgejo/forgejo-values-configmap.yaml
View file

@ -26,7 +26,7 @@ data:
admin: admin:
username: "forgejo" username: "forgejo"
email: "${admin_email}" email: "${admin_email}"
password: "${forgejo_admin_password}" password: "${userbackend_admin_password}"
# https://codeberg.org/forgejo-contrib/forgejo-helm#oauth2-settings # https://codeberg.org/forgejo-contrib/forgejo-helm#oauth2-settings
oauth: oauth:
- name: Stackspin - name: Stackspin

4
apps/kustomization.yaml
View file

@ -9,6 +9,8 @@ resources:
- meet-kustomization.yaml - meet-kustomization.yaml
- status-kustomization.yaml - status-kustomization.yaml
- board-kustomization.yaml - board-kustomization.yaml
#- design-kustomization.yaml # - design-kustomization.yaml
#- sign-kustomization.yaml
#- stirling-kustomization.yaml
#- sprint-kustomization.yaml #charts outdated #- sprint-kustomization.yaml #charts outdated
#- video-kustomization.yaml #missing storage #- video-kustomization.yaml #missing storage

14
apps/ninja/invoiceninja-kustomization.yaml
View file

@ -27,9 +27,13 @@ spec:
name: stackspin-invoiceninja-kustomization-variables name: stackspin-invoiceninja-kustomization-variables
- kind: Secret - kind: Secret
name: stackspin-invoiceninja-variables name: stackspin-invoiceninja-variables
# OIDC
# - kind: Secret
# name: stackspin-invoiceninja-oauth-variables
# optional: true
# - kind: ConfigMap
# name: stackspin-single-sign-on-kustomization-variables
# optional: true
# For the admin password
- kind: Secret - kind: Secret
name: stackspin-invoiceninja-oauth-variables name: stackspin-single-sign-on-variables
optional: true
- kind: ConfigMap
name: stackspin-single-sign-on-kustomization-variables
optional: true

2
apps/ninja/invoiceninja-secrets/invoiceninja-variables.yaml
View file

@ -6,7 +6,7 @@ metadata:
spec: spec:
fields: fields:
- fieldName: app_key - fieldName: app_key
- fieldName: invoiceninja_admin_password
- fieldName: redis_password - fieldName: redis_password
- fieldName: mariadb_password - fieldName: mariadb_password
- fieldName: mariadb_root_password - fieldName: mariadb_root_password
- fieldName: invoiceninja_admin_password # FIXME delete

2
apps/ninja/invoiceninja/invoiceninja-values-configmap.yaml
View file

@ -49,7 +49,7 @@ data:
appKey: "${app_key}" appKey: "${app_key}"
appURL: "https://${invoiceninja_domain}" appURL: "https://${invoiceninja_domain}"
userEmail: "${admin_email}" userEmail: "${admin_email}"
userPassword: "${invoiceninja_admin_password}" userPassword: "${userbackend_admin_password}"
mailer: "smtp" # FIXME use "${outgoing_mail_enabled}" mailer: "smtp" # FIXME use "${outgoing_mail_enabled}"
# https://github.com/invoiceninja/invoiceninja/blob/v5-stable/config/mail.php#L36 # https://github.com/invoiceninja/invoiceninja/blob/v5-stable/config/mail.php#L36
extraEnvVars: extraEnvVars: