diff --git a/basic/apps/stackspout/dev/gitea-oauth-client.yaml b/basic/apps/stackspout/dev/gitea-oauth-client.yaml new file mode 100644 index 0000000..8e953da --- /dev/null +++ b/basic/apps/stackspout/dev/gitea-oauth-client.yaml @@ -0,0 +1,21 @@ +apiVersion: hydra.ory.sh/v1alpha1 +kind: OAuth2Client +metadata: + name: gitea-oauth-client + # Has to live in the same namespace as the stackspin-wordpress-oauth-variables secret + namespace: flux-system +spec: + # TODO copied from wekan: https://github.com/wekan/wekan/wiki/Keycloak + grantTypes: + - authorization_code + - refresh_token + - client_credentials + - implicit + responseTypes: + - id_token + - code + scope: "openid profile email stackspin_roles" + secretName: stackspin-gitea-oauth-variables + #redirectUris: + # - https://dev.${domain}/oauth/openid/ + #tokenEndpointAuthMethod: client_secret_post diff --git a/basic/apps/stackspout/dev/gitea-release.yaml b/basic/apps/stackspout/dev/gitea-release.yaml index 1184836..f33c054 100644 --- a/basic/apps/stackspout/dev/gitea-release.yaml +++ b/basic/apps/stackspout/dev/gitea-release.yaml @@ -14,15 +14,14 @@ spec: name: gitea namespace: stackspout interval: 10m - values: - ingress: - enabled: true - hosts: - - host: dev.ftt.gmbh - paths: - - path: / - pathType: Prefix - tls: - - secretName: gitea - hosts: - - dev.ftt.gmbh + valuesFrom: + - kind: ConfigMap + name: stackspin-gitea-values + optional: false + # Allow overriding values by ConfigMap or Secret + - kind: ConfigMap + name: stackspin-gitea-override + optional: true + - kind: Secret + name: stackspin-gitea-override + optional: true diff --git a/basic/apps/stackspout/dev/gitea-values-configmap.yaml b/basic/apps/stackspout/dev/gitea-values-configmap.yaml new file mode 100644 index 0000000..8ee7f1d --- /dev/null +++ b/basic/apps/stackspout/dev/gitea-values-configmap.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: stackspin-gitea-values + namespace: stackspout +data: + values.yaml: + ingress: + enabled: true + annotations: + kubernetes.io/tls-acme: "true" + hosts: + - host: "dev.${domain}" + paths: + - path: / + pathType: Prefix + tls: + - secretName: gitea-tls + hosts: + - "dev.${domain}"