use oauth2-proxy in front of hello-world

2022-12-20 17:30:42 -05:00
parent 0e1aee55b4
commit 4dc0961cc8
5 changed files with 94 additions and 18 deletions
--- a/ansible-5/roles/prod.k3s/files/hello-world/values.yaml
+++ b/ansible-5/roles/prod.k3s/files/hello-world/values.yaml
@@ -0,0 +1,43 @@
+---
+# values file for hello-world oauth2-proxy helm chart
+
+image:
+  tag: "v7.2.0"
+
+config:
+  clientID: ab3b5b5f-cb5b-4e89-9453-d1fb318399c8
+  clientSecret: gto_mjzrf23bvu5ohu7dub6r7ti5daoa7vw2wpafum7i4qcb4emwqrza
+
+#configFile: |-
+#  email_domains = [ "*" ]
+#  upstreams = [ "file:///dev/null" ]
+#  provider = "github"
+#  redirect-url = "https://www.xai-corp.net/oauth2/callback"
+#  login-url = "https://git.xai-corp.net/login/oauth/authorize"
+#  redeem-url = "https://git.xai-corp.net/login/oauth/access_token"
+#  validate-url = "https://git.xai-corp.net/api/v1"
+
+extraArgs:
+  upstream: "http://hello-world/"
+  provider: "github"
+  provider-display-name: "Gitea"
+  redirect-url: "https://www.xai-corp.net/oauth2/callback"
+  login-url: "https://git.xai-corp.net/login/oauth/authorize"
+  redeem-url: "https://git.xai-corp.net/login/oauth/access_token"
+  validate-url: "https://git.xai-corp.net/api/v1"
+
+
+ingress:
+  enabled: true
+  path: /
+  pathType: Prefix
+  annotations:
+  hosts:
+    - www.xai-corp.net
+#  hosts:
+#    - host: www.xai-corp.net
+#      paths:
+#        - path: /
+#          pathType: Prefix
+  tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames
+    - secretName: xai-corp-production-tls