mirror of
https://gitlab.durp.info/durfy/homelab/gitops.git
synced 2026-05-07 16:00:29 -05:00
initial commit
This commit is contained in:
commit
d91a4238cc
86 changed files with 4143 additions and 0 deletions
14
oauth2-proxy/Chart.yaml
Normal file
14
oauth2-proxy/Chart.yaml
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v2
|
||||
name: oauth2-proxy
|
||||
description: A Helm chart for Kubernetes
|
||||
type: application
|
||||
version: 0.0.1
|
||||
appVersion: 0.0.1
|
||||
|
||||
dependencies:
|
||||
- name: oauth2-proxy
|
||||
repository: https://oauth2-proxy.github.io/manifests
|
||||
version: 6.2.1
|
||||
|
||||
|
||||
|
||||
17
oauth2-proxy/templates/oauth-credentials.yaml
Normal file
17
oauth2-proxy/templates/oauth-credentials.yaml
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: oauth-credentials
|
||||
namespace: oauth2-proxy
|
||||
spec:
|
||||
encryptedData:
|
||||
client-id: AgAaSZY4qz9DPg4c0qbdoLbvGkT9PU8I/qd7AVXf/povNcNICvQYih+gWX9xjZlHc6V50dNjzSOtEKHNOCvX08EYd89uOeUNGvaig12JkqQNJUUZcozCCz1MeKm4P0NRWExn9GVnc/pnweMS7RDX0dwzax0m3HgyX+3XRVxK5uT8+et8mbXZhTvAmOuzcEb0UQZMgFZtM6APDuKYqVmS4VabnesxRfrbS0eUut+K1s9oSd9ZFQBGgEMHdBxFVsws7mxJ+u4WaDrSJTtS4PMtDqZ9g6gWTs+4ttns/v4rlO4wcyuRUb2UjRAACCGN8DPDtze7htTcDVSqwODREXOPtcfJtEOLGWTx+jbJHmWFEBbEWtkfPjrQcAvvGdwS/QSAz7JFMwsO19uCLEzZYXWAejfvXgiqAaQEIn0uF42L6pZ+gIhRXN/fQYlCsA1x+MAKjoZvcoNM3nGfjLog7j3Hb0V7jAbmyEwSxAbEaNQAM+3lVzha/SPZMDYrE9JL1SpXO1C+vg0U6OWrxhN6eXiAhhXkrbRIe33gb5YnDJvvXvTo4nl+r0sC+Oar9yWWM05mjy/Mk7bQBhUWnhjnKGIG516tMPl0wZV6DgiXhgRCRG4ufYfH2kwBKrM5fHP5RsL1FcfBwMdJ3I3mAvwHTfBuRweOsbUgXGKORRZ5NtKK8TPEPOgEB4sJEkRy72TPoP7GawUCOhrAxr6r
|
||||
client-secret: AgCWW9mPWGxp83RVnSwg5nKELRWKQg3gDtVY+40qTn/oRvFxkHwqmPA5lZCVcuumRX4QQNaz41Gi0DlFXMFGN5z+CwTBo854y4MsdiXk5Thu/4khl0SR2+rOlYhyifhWwIcSWt+4US11gT/4kh3dPrS+4RO7RvVBZ8m4k1mgku7qrqVBMfvZAcJGSViX7N6xb/BtkPMj3AqT10WK5m9J47Q6YF6Aw8smc6EfJwzHuJfq6eFO8Mj8/dPW2E74M9ZhFuuL5XVT/7/1TCa/k3fsEvVAcpAnaALPiZrd9dNOnBKRSVQP8XQxQ5IFcNGQQOjXffQnhMonLQJJo+HEAKSwoznQk3yCmCMRgWRkuj5NM/g2UxXLueCEVBI5PcSSq1BpSPFWyv8REVVf20SOYKS46tJ6eWbs8rV0dcvjp+6BzaGVGlFBJGBNqhAjPHF1uuTYDxbJmT+qbKpEJj0yXDGBrWKXjYTbPJ81J6daSlxtC5PGO5DrYz1sT+WjQtC/NOIa8/07Bkf6pBqjBZRI+/tItH+VjQdbOhyAY/B7Mr7N/daf1kFWQkQlYbf7BJrr9VZppNnUh+YdBZutVYPmaoiAYL0FtAZW4bRRtiTGIPFa63XdidPchROiWJAY7xI5RhoFKVKkfqufqT3N68wsOBgXjekfPZeZWkY+Rnk2DixlXoWC+IA9JUoCL4W9ubXT3ZyJdKnjdjcV04hxviP3HI2LVpJpzBJYPvMDIAnbJIxdAIlWGQ==
|
||||
cookie-secret: AgAdo/PA4h8bOiV/SjHWuSml8piPV1Zub/YOCy19hGrwpSeRujTHBONEWB6mtgATYzbUL463603ifbs9cvCCVNbblB0FrEes45hnZ0XYOZSu4jlwltbkLTxChTkIXlVnxTUTpgUgY6vfzQRlGjPFN/Lsa3Dw3uYJ5xwTfS5Z4hF3AQZ/kokdlOdkqQJVGHWVI48gFHlOvHvJvAe6xzjtKryVH3xOOMXNFtkb0uTmw0+++n1S181UTAkUBT6EUdrqNrf04/YVfp/lPUn2MH/420175I3xB0Ez5S8SYyEHg4JuejbsyaSYkRhz2xZlJz62OGi99wSwx9Ocujp4R3UfIbTWBohIPLqgMlb4i6uiTgnGMQzkx/M9P0R/vMkyzdR5RScFWVI8PUAM5d4HbSae4Q2nToXGu9Yu9tNrvw/UylqdCJmS4P5ICnoRr+Zx1CejCFwZR47oF9sfeBZf4DboG3DMXFQ6j4namcG5syrrRxXCza8XhvRcd9ssl2DLddFznF7deFOFnd6Nueh1Eadw6kHcAOc4YyCIgzDbDGjRh22Ege1L92TWAzSNWoAJrcK/AFPrSSiDK6FZ6RP1LQaya6phEjBSooUmcKIM+SICz3xR+nI1puJQES8V70lnRvvQR442TJ1tw9iwgqYhS6uuKAioiLkNeSXTAN/x2BWEt7SIlsb2dyWdKoutprHE9JYmQcLcgeOWaMzQA4PC7OdnG8XiCEOA+WO20zTVgukcPZI7yA4kdaBU8SxfaeP5+Q==
|
||||
template:
|
||||
data: null
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: oauth-credentials
|
||||
namespace: oauth2-proxy
|
||||
64
oauth2-proxy/values.yaml
Normal file
64
oauth2-proxy/values.yaml
Normal file
|
|
@ -0,0 +1,64 @@
|
|||
oauth2-proxy:
|
||||
|
||||
config:
|
||||
existingSecret: oauth-credentials
|
||||
configFile: |-
|
||||
email_domains = [ "*" ]
|
||||
upstreams = [ "file:///dev/null" ]
|
||||
set_xauthrequest=true
|
||||
pass_host_header=true
|
||||
pass_user_headers=true
|
||||
request_logging=true
|
||||
cookie_secure=true
|
||||
|
||||
image:
|
||||
repository: "quay.io/oauth2-proxy/oauth2-proxy"
|
||||
pullPolicy: "Always"
|
||||
|
||||
extraArgs:
|
||||
provider: keycloak-oidc
|
||||
redirect-url: https://oauth.durp.info/oauth2/callback/
|
||||
oidc-issuer-url: https://keycloak.durp.info/realms/homelab
|
||||
allowed-role: user
|
||||
|
||||
serviceAccount:
|
||||
enabled: true
|
||||
name:
|
||||
annotations: {}
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
path: /
|
||||
pathType: Prefix
|
||||
hosts:
|
||||
- oauth.durp.info
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
kubernetes.io/tls-acme: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
tls:
|
||||
- secretName: oauth-tls
|
||||
hosts:
|
||||
- oauth.durp.info
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 300Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 300Mi
|
||||
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
initialDelaySeconds: 0
|
||||
timeoutSeconds: 1
|
||||
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
initialDelaySeconds: 0
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
|
||||
replicaCount: 1
|
||||
Loading…
Add table
Add a link
Reference in a new issue