From 7dd3bd59814df775aeb3db29bcdb7c5c648de214 Mon Sep 17 00:00:00 2001 From: kjeld Schouten-Lebbing Date: Tue, 31 Aug 2021 22:30:32 +0200 Subject: [PATCH] authelia try to patch more db-like vars --- charts/incubator/authelia/Chart.yaml | 2 +- charts/incubator/authelia/SCALE/ix_values.yaml | 4 ++-- .../incubator/authelia/templates/_configmap.tpl | 4 ++-- charts/incubator/authelia/templates/_secrets.tpl | 16 ++++++++++++---- charts/incubator/authelia/templates/common.yaml | 4 ++-- charts/incubator/authelia/values.yaml | 2 +- 6 files changed, 20 insertions(+), 12 deletions(-) diff --git a/charts/incubator/authelia/Chart.yaml b/charts/incubator/authelia/Chart.yaml index 66fefe29350..8de6c619c90 100644 --- a/charts/incubator/authelia/Chart.yaml +++ b/charts/incubator/authelia/Chart.yaml @@ -38,4 +38,4 @@ sources: - https://github.com/authelia/chartrepo - https://github.com/authelia/authelia type: application -version: 1.6.5 +version: 1.6.6 diff --git a/charts/incubator/authelia/SCALE/ix_values.yaml b/charts/incubator/authelia/SCALE/ix_values.yaml index d84b0926487..074d1f45f32 100644 --- a/charts/incubator/authelia/SCALE/ix_values.yaml +++ b/charts/incubator/authelia/SCALE/ix_values.yaml @@ -14,7 +14,7 @@ postgresql: enabled: true postgresqlUsername: authelia postgresqlDatabase: authelia - existingSecret: "{{ .Release.Name }}-dbcreds" + existingSecret: dbcreds persistence: db: storageClass: "SCALE-ZFS" @@ -42,7 +42,7 @@ redis: envFrom: - configMapRef: - name: '{{ include "common.names.fullname" . }}-paths' + name: authelia-paths probes: liveness: diff --git a/charts/incubator/authelia/templates/_configmap.tpl b/charts/incubator/authelia/templates/_configmap.tpl index 4bdeefd71cd..92733eb54da 100644 --- a/charts/incubator/authelia/templates/_configmap.tpl +++ b/charts/incubator/authelia/templates/_configmap.tpl @@ -4,7 +4,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.names.fullname" . }}-paths + name: authelia-paths data: AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true" AUTHELIA_JWT_SECRET_FILE: "/secrets/JWT_TOKEN" @@ -33,7 +33,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.names.fullname" . }}-configfile + name: authelia-configfile data: configuration.yaml: | --- diff --git a/charts/incubator/authelia/templates/_secrets.tpl b/charts/incubator/authelia/templates/_secrets.tpl index eafb4fc9663..2de8aca3c9c 100644 --- a/charts/incubator/authelia/templates/_secrets.tpl +++ b/charts/incubator/authelia/templates/_secrets.tpl @@ -37,7 +37,9 @@ metadata: {{- $sentinelPass := "" }} data: {{- if $redisprevious }} - redis-password: {{ ( index $redisprevious.data "redis-password" ) }} + {{- $redisPass = ( index $redisprevious.data "redis-password" ) | b64dec }} + {{- $sentinelPass = ( index $redisprevious.data "redis-password" ) | b64dec }} + redis-password: {{ ( index $redisprevious.data "sentinel-password" ) }} sentinel-password: {{ ( index $redisprevious.data "sentinel-password" ) }} {{- else }} {{- $redisPass = randAlphaNum 50 }} @@ -46,7 +48,7 @@ data: sentinel-password: {{ $sentinelPass | b64enc | quote }} {{- end }} masterhost: {{ ( printf "%v-%v" .Release.Name "redis-master" ) | b64enc | quote }} - slavehost: {{ ( printf "%v-%v" .Release.Name "redis-master" ) | b64enc | quote }} + slavehost: {{ ( printf "%v-%v" .Release.Name "redis-slave" ) | b64enc | quote }} type: Opaque @@ -56,8 +58,8 @@ apiVersion: v1 kind: Secret type: Opaque metadata: - name: {{ include "common.names.fullname" . }}-secrets -{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace ( ( printf "%v-%v" ( ( include "common.names.fullname" . ) | quote ) "-secrets" ) | quote ) }} + name: authelia-secrets +{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }} {{- $oidckey := "" }} {{- $oidcsecret := "" }} {{- $jwtsecret := "" }} @@ -72,20 +74,25 @@ data: SESSION_ENCRYPTION_KEY: {{ $jwtsecret | b64enc | quote }} JWT_TOKEN: {{ $jwtsecret | b64enc | quote }} {{- end }} + {{- if .Values.authentication_backend.ldap.enabled }} LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password }} {{- end }} + {{- if .Values.notifier.smtp.enabled }} SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password }} {{- end }} + {{- if .Values.duo_api.enabled }} DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }} {{- end }} + {{- if $dbprevious }} STORAGE_PASSWORD: {{ ( index $dbprevious.data "postgresql-password" ) }} {{- else }} STORAGE_PASSWORD: {{ $dbPass | b64enc | quote }} {{- end }} + {{- if $redisprevious }} REDIS_PASSWORD: {{ ( index $redisprevious.data "redis-password" ) }} {{- if .Values.redisProvider.high_availability.enabled}} @@ -97,6 +104,7 @@ data: REDIS_SENTINEL_PASSWORD: {{ $sentinelPass | b64enc | quote }} {{- end }} {{- end }} + {{- if .Values.identity_providers.oidc.enabled }} {{- if $autheliaprevious }} OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }} diff --git a/charts/incubator/authelia/templates/common.yaml b/charts/incubator/authelia/templates/common.yaml index caa2c91f302..2f643d62ee9 100644 --- a/charts/incubator/authelia/templates/common.yaml +++ b/charts/incubator/authelia/templates/common.yaml @@ -16,7 +16,7 @@ subPath: configuration.yaml type: "custom" volumeSpec: configMap: - name: {{ include "common.names.fullname" . }}-configfile + name: authelia-configfile items: - key: configuration.yaml path: configuration.yaml @@ -30,7 +30,7 @@ readOnly: true type: "custom" volumeSpec: secret: - secretName: {{ include "common.names.fullname" . }}-secrets + secretName: authelia-secrets items: - key: "JWT_TOKEN" path: JWT_TOKEN diff --git a/charts/incubator/authelia/values.yaml b/charts/incubator/authelia/values.yaml index 3a418e333d1..24a87353c67 100644 --- a/charts/incubator/authelia/values.yaml +++ b/charts/incubator/authelia/values.yaml @@ -82,7 +82,7 @@ resources: envFrom: - configMapRef: - name: '{{ include "common.names.fullname" . }}-paths' + name: authelia-paths probes: liveness: