---
#oauth2-proxy values file for stash app

image:
  tag: "v7.2.0"

config:
  clientID: cf0bd81a-eb10-4db6-9689-07a9a7ea0de1
  clientSecret: gto_vgpe33q73wstgc637u6xhtmmsvbux6ckliypntd3kuzpq7squ42a

extraArgs:
  upstream: "http://stash:9999/"
  provider: "github"
  provider-display-name: "Gitea"
  redirect-url: "https://stash.xai-corp.net/oauth2/callback"
  login-url: "https://git.xai-corp.net/login/oauth/authorize"
  redeem-url: "https://git.xai-corp.net/login/oauth/access_token"
  validate-url: "https://git.xai-corp.net/api/v1"

ingress:
  enabled: true
  path: /
  pathType: Prefix
  hosts:
    - stash.xai-corp.net
  # - chart-example.local
  # Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
  # Warning! The configuration is dependant on your current k8s API version capabilities (networking.k8s.io/v1)
  tls: # < placing a host in the TLS config will determine what ends up in the cert's subjectAltNames
    - secretName: xai-corp-production-tls
  annotations:
    ingress.kubernetes.io/force-hsts: "true"
    ingress.kubernetes.io/hsts-max-age: "315360000"