authelia try to patch more db-like vars
This commit is contained in:
@@ -38,4 +38,4 @@ sources:
|
||||
- https://github.com/authelia/chartrepo
|
||||
- https://github.com/authelia/authelia
|
||||
type: application
|
||||
version: 1.6.5
|
||||
version: 1.6.6
|
||||
|
||||
@@ -14,7 +14,7 @@ postgresql:
|
||||
enabled: true
|
||||
postgresqlUsername: authelia
|
||||
postgresqlDatabase: authelia
|
||||
existingSecret: "{{ .Release.Name }}-dbcreds"
|
||||
existingSecret: dbcreds
|
||||
persistence:
|
||||
db:
|
||||
storageClass: "SCALE-ZFS"
|
||||
@@ -42,7 +42,7 @@ redis:
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: '{{ include "common.names.fullname" . }}-paths'
|
||||
name: authelia-paths
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
|
||||
@@ -4,7 +4,7 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}-paths
|
||||
name: authelia-paths
|
||||
data:
|
||||
AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
|
||||
AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN"
|
||||
@@ -33,7 +33,7 @@ data:
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}-configfile
|
||||
name: authelia-configfile
|
||||
data:
|
||||
configuration.yaml: |
|
||||
---
|
||||
|
||||
@@ -37,7 +37,9 @@ metadata:
|
||||
{{- $sentinelPass := "" }}
|
||||
data:
|
||||
{{- if $redisprevious }}
|
||||
redis-password: {{ ( index $redisprevious.data "redis-password" ) }}
|
||||
{{- $redisPass = ( index $redisprevious.data "redis-password" ) | b64dec }}
|
||||
{{- $sentinelPass = ( index $redisprevious.data "redis-password" ) | b64dec }}
|
||||
redis-password: {{ ( index $redisprevious.data "sentinel-password" ) }}
|
||||
sentinel-password: {{ ( index $redisprevious.data "sentinel-password" ) }}
|
||||
{{- else }}
|
||||
{{- $redisPass = randAlphaNum 50 }}
|
||||
@@ -46,7 +48,7 @@ data:
|
||||
sentinel-password: {{ $sentinelPass | b64enc | quote }}
|
||||
{{- end }}
|
||||
masterhost: {{ ( printf "%v-%v" .Release.Name "redis-master" ) | b64enc | quote }}
|
||||
slavehost: {{ ( printf "%v-%v" .Release.Name "redis-master" ) | b64enc | quote }}
|
||||
slavehost: {{ ( printf "%v-%v" .Release.Name "redis-slave" ) | b64enc | quote }}
|
||||
type: Opaque
|
||||
|
||||
|
||||
@@ -56,8 +58,8 @@ apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: {{ include "common.names.fullname" . }}-secrets
|
||||
{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace ( ( printf "%v-%v" ( ( include "common.names.fullname" . ) | quote ) "-secrets" ) | quote ) }}
|
||||
name: authelia-secrets
|
||||
{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
|
||||
{{- $oidckey := "" }}
|
||||
{{- $oidcsecret := "" }}
|
||||
{{- $jwtsecret := "" }}
|
||||
@@ -72,20 +74,25 @@ data:
|
||||
SESSION_ENCRYPTION_KEY: {{ $jwtsecret | b64enc | quote }}
|
||||
JWT_TOKEN: {{ $jwtsecret | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.authentication_backend.ldap.enabled }}
|
||||
LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.notifier.smtp.enabled }}
|
||||
SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.duo_api.enabled }}
|
||||
DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }}
|
||||
{{- end }}
|
||||
|
||||
{{- if $dbprevious }}
|
||||
STORAGE_PASSWORD: {{ ( index $dbprevious.data "postgresql-password" ) }}
|
||||
{{- else }}
|
||||
STORAGE_PASSWORD: {{ $dbPass | b64enc | quote }}
|
||||
{{- end }}
|
||||
|
||||
{{- if $redisprevious }}
|
||||
REDIS_PASSWORD: {{ ( index $redisprevious.data "redis-password" ) }}
|
||||
{{- if .Values.redisProvider.high_availability.enabled}}
|
||||
@@ -97,6 +104,7 @@ data:
|
||||
REDIS_SENTINEL_PASSWORD: {{ $sentinelPass | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.identity_providers.oidc.enabled }}
|
||||
{{- if $autheliaprevious }}
|
||||
OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}
|
||||
|
||||
@@ -16,7 +16,7 @@ subPath: configuration.yaml
|
||||
type: "custom"
|
||||
volumeSpec:
|
||||
configMap:
|
||||
name: {{ include "common.names.fullname" . }}-configfile
|
||||
name: authelia-configfile
|
||||
items:
|
||||
- key: configuration.yaml
|
||||
path: configuration.yaml
|
||||
@@ -30,7 +30,7 @@ readOnly: true
|
||||
type: "custom"
|
||||
volumeSpec:
|
||||
secret:
|
||||
secretName: {{ include "common.names.fullname" . }}-secrets
|
||||
secretName: authelia-secrets
|
||||
items:
|
||||
- key: "JWT_TOKEN"
|
||||
path: JWT_TOKEN
|
||||
|
||||
@@ -82,7 +82,7 @@ resources:
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: '{{ include "common.names.fullname" . }}-paths'
|
||||
name: authelia-paths
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
|
||||
Reference in New Issue
Block a user