janek
/
stackspout
1
0
Fork 0
Code Issues Pull Requests Releases Activity

vikunja: create subdirectory with ConfigMap and OAuth2Client

This commit is contained in:
xeruf 2022-06-27 21:37:14 +01:00
parent 9218617d6a
commit 3c02297cab
5 changed files with 88 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
basic/apps/stackspout/do/vikunja-oauth-client.yaml Normal file
View File

@ -0,0 +1,21 @@
apiVersion: hydra.ory.sh/v1alpha1
kind: OAuth2Client
metadata:
name: vikunja-oauth-client
# Has to live in the same namespace as the stackspin-wordpress-oauth-variables secret
namespace: flux-system
spec:
# TODO copied from wekan: https://github.com/wekan/wekan/wiki/Keycloak
grantTypes:
- authorization_code
- refresh_token
- client_credentials
- implicit
responseTypes:
- id_token
- code
scope: "openid profile email stackspin_roles"
secretName: stackspin-vikunja-oauth-variables
redirectUris:
- https://do.${domain}/oauth/openid/
tokenEndpointAuthMethod: client_secret_post

27
basic/apps/stackspout/do/vikunja-release.yaml Normal file
View File

@ -0,0 +1,27 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: vikunja
namespace: stackspout
spec:
releaseName: vikunja
chart:
spec:
chart: vikunja
version: 5.5.3
sourceRef:
kind: HelmRepository
name: k8s-at-home
namespace: stackspout
interval: 10m
valuesFrom:
- kind: ConfigMap
name: stackspin-vikunja-values
optional: false
# Allow overriding values by ConfigMap or Secret
- kind: ConfigMap
name: stackspin-vikunja-override
optional: true
- kind: Secret
name: stackspin-vikunja-override
optional: true

37
basic/apps/stackspout/do/vikunja-values-configmap.yaml Normal file
View File

@ -0,0 +1,37 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: stackspin-vikunja-values
namespace: stackspout
data:
# Defaults: https://github.com/k8s-at-home/charts/blob/master/charts/stable/vikunja/values.yaml
# Inherits: https://github.com/k8s-at-home/library-charts/blob/main/charts/stable/common/values.yaml
values.yaml: |
vikunja:
config: |-
auth:
openid:
# https://vikunja.io/docs/config-options/#openid
# Example: https://github.com/go-vikunja/api/blob/main/config.yml.sample#L289-L312
enabled: true
providers:
- name: Stackspin
authurl: "https://sso.${domain}"
clientid: vikunja
clientsecret: "${client_secret}"
local:
enabled: false
ingress:
main:
enabled: true
primary: false
hosts:
- host: "https://do.${domain}"
paths:
- path: /
pathType: Prefix
tls:
- secretName: vikunja
hosts:
- "https://do.${domain}"

44
basic/apps/stackspout/vikunja-release.yaml
View File

@ -1,44 +0,0 @@
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: vikunja
namespace: stackspout
spec:
releaseName: vikunja
chart:
spec:
chart: vikunja
version: 5.5.3
sourceRef:
kind: HelmRepository
name: k8s-at-home
namespace: stackspout
interval: 10m
values:
# https://github.com/k8s-at-home/charts/blob/master/charts/stable/vikunja/values.yaml
vikunja:
# TODO https://vikunja.io/docs/config-options/#openid
config: |-
auth:
local:
enabled: true
openid:
enabled: true
providers:
- name: Stackspin
authurl: "https://sso.${domain}"
clientid: vikunja
clientsecret: "${client_secret}"
ingress:
main:
enabled: true
primary: false
hosts:
- host: do.ftt.gmbh
paths:
- path: /
pathType: Prefix
tls:
- secretName: vikunja
hosts:
- do.ftt.gmbh

3
basic/install.sh
View File

@ -16,3 +16,6 @@ flux create kustomization stackspout \
--path="./basic/clusters/production/" \
--prune=true \
--interval=10m
python ../../stackspin/install/generate_secrets.py vikunja
python ../../stackspin/install/generate_secrets.py gitea