From 04c20ae36b358a89513c123fcc7f03cf347ed6ba Mon Sep 17 00:00:00 2001 From: xeruf <27jf@pm.me> Date: Mon, 12 Feb 2024 20:53:28 +0100 Subject: [PATCH] apps: reenable secret substitution properly --- apps/do/vikunja-secrets-kustomization.yaml | 4 ++++ apps/do/vikunja/vikunja-oauth-client.yaml | 2 +- apps/do/vikunja/vikunja-values-configmap.yaml | 12 ++++++------ apps/forge/forgejo-secrets-kustomization.yaml | 4 ++++ apps/ninja/invoiceninja-secrets-kustomization.yaml | 4 ++++ 5 files changed, 19 insertions(+), 7 deletions(-) diff --git a/apps/do/vikunja-secrets-kustomization.yaml b/apps/do/vikunja-secrets-kustomization.yaml index 17ff62c..8d694f2 100644 --- a/apps/do/vikunja-secrets-kustomization.yaml +++ b/apps/do/vikunja-secrets-kustomization.yaml @@ -16,3 +16,7 @@ spec: dependsOn: - name: flux - name: secrets-controller + postBuild: + substituteFrom: + - kind: Secret + name: stackspin-cluster-variables diff --git a/apps/do/vikunja/vikunja-oauth-client.yaml b/apps/do/vikunja/vikunja-oauth-client.yaml index 6a12ffa..b458a64 100644 --- a/apps/do/vikunja/vikunja-oauth-client.yaml +++ b/apps/do/vikunja/vikunja-oauth-client.yaml @@ -17,5 +17,5 @@ spec: scope: "openid profile email stackspin_roles" secretName: stackspin-vikunja-oauth-variables redirectUris: - - https://do.${domain}/auth/openid/stackspin + - https://${vikunja_domain}/auth/openid/stackspin tokenEndpointAuthMethod: client_secret_post diff --git a/apps/do/vikunja/vikunja-values-configmap.yaml b/apps/do/vikunja/vikunja-values-configmap.yaml index 2c03025..2e8bb89 100644 --- a/apps/do/vikunja/vikunja-values-configmap.yaml +++ b/apps/do/vikunja/vikunja-values-configmap.yaml @@ -13,13 +13,13 @@ data: annotations: kubernetes.io/tls-acme: "true" hosts: - - host: "do.${domain}" + - host: "${vikunja_domain}" paths: - path: / tls: - secretName: vikunja-tls hosts: - - "do.${domain}" + - "${vikunja_domain}" api: persistence: data: @@ -30,13 +30,13 @@ data: annotations: kubernetes.io/tls-acme: "true" hosts: - - host: "do.${domain}" + - host: "${vikunja_domain}" paths: - path: /api tls: - secretName: vikunja-tls hosts: - - "do.${domain}" + - "${vikunja_domain}" configMaps: config: data: @@ -46,7 +46,7 @@ data: # https://vikunja.io/docs/config-options/#openid # Example: https://github.com/go-vikunja/api/blob/main/config.yml.sample#L289-L312 enabled: true - redirecturl: "https://do.${domain}/auth/openid/" + redirecturl: "https://${vikunja_domain}/auth/openid/" providers: - name: Stackspin authurl: "https://${hydra_domain}/" @@ -64,7 +64,7 @@ data: forcessl: true # TODO Configure PVC for file uploads service: - frontendurl: "https://do.${domain}" + frontendurl: "https://${vikunja_domain}" timezone: "CET" JWTSecret: "${jwt}" database: diff --git a/apps/forge/forgejo-secrets-kustomization.yaml b/apps/forge/forgejo-secrets-kustomization.yaml index 2c0e363..301291e 100644 --- a/apps/forge/forgejo-secrets-kustomization.yaml +++ b/apps/forge/forgejo-secrets-kustomization.yaml @@ -16,3 +16,7 @@ spec: dependsOn: - name: flux - name: secrets-controller + postBuild: + substituteFrom: + - kind: Secret + name: stackspin-cluster-variables diff --git a/apps/ninja/invoiceninja-secrets-kustomization.yaml b/apps/ninja/invoiceninja-secrets-kustomization.yaml index 29cab4e..1d740f8 100644 --- a/apps/ninja/invoiceninja-secrets-kustomization.yaml +++ b/apps/ninja/invoiceninja-secrets-kustomization.yaml @@ -15,3 +15,7 @@ spec: dependsOn: - name: flux - name: secrets-controller + postBuild: + substituteFrom: + - kind: Secret + name: stackspin-cluster-variables