diff --git a/clusters/cl01tl/applications/linkwarden/templates/external-secret.yaml b/clusters/cl01tl/applications/linkwarden/templates/external-secret.yaml index 985f1eb22..b8e5f96bd 100644 --- a/clusters/cl01tl/applications/linkwarden/templates/external-secret.yaml +++ b/clusters/cl01tl/applications/linkwarden/templates/external-secret.yaml @@ -1,5 +1,30 @@ apiVersion: external-secrets.io/v1beta1 kind: ExternalSecret +metadata: + name: linkwarden-key-secret + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/name: linkwarden-key-secret + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + app.kubernetes.io/component: web + app.kubernetes.io/part-of: {{ .Release.Name }} +spec: + secretStoreRef: + kind: ClusterSecretStore + name: vault + data: + - secretKey: key + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/linkwarden/key + metadataPolicy: None + property: key + +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret metadata: name: linkwarden-oidc-secret namespace: {{ .Release.Namespace }} diff --git a/clusters/cl01tl/applications/linkwarden/values.yaml b/clusters/cl01tl/applications/linkwarden/values.yaml index 3a99f1806..38e6f93f7 100644 --- a/clusters/cl01tl/applications/linkwarden/values.yaml +++ b/clusters/cl01tl/applications/linkwarden/values.yaml @@ -12,6 +12,13 @@ linkwarden: tag: v2.6.0 pullPolicy: IfNotPresent env: + - name: NEXTAUTH_SECRET + valueFrom: + secretKeyRef: + name: linkwarden-key-secret + key: key + - name: NEXTAUTH_URL + value: https://bookmarks.alexlebens.dev/api/v1/auth - name: NEXT_PUBLIC_DISABLE_REGISTRATION value: false - name: NEXT_PUBLIC_CREDENTIALS_ENABLED @@ -20,8 +27,6 @@ linkwarden: value: false - name: NEXT_PUBLIC_AUTHENTIK_ENABLED value: true - - name: NEXTAUTH_URL - value: https://bookmarks.alexlebens.dev/api/v1/auth - name: AUTHENTIK_CUSTOM_NAME value: "Authentik" - name: AUTHENTIK_ISSUER