Automated Manifest Update (#2959)
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: #2959 Co-authored-by: gitea-bot <gitea-bot@alexlebens.net> Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
This commit was merged in pull request #2959.
This commit is contained in:
@@ -46,6 +46,22 @@ spec:
|
||||
secretKeyRef:
|
||||
key: uri
|
||||
name: vaultwarden-postgresql-18-cluster-app
|
||||
- name: SSO_ENABLED
|
||||
value: "true"
|
||||
- name: SSO_SIGNUPS_MATCH_EMAIL
|
||||
value: "true"
|
||||
- name: SSO_AUTHORITY
|
||||
value: https://auth.alexlebens.dev/application/o/vaultwarden/.well-known/openid-configuration
|
||||
- name: SSO_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: client
|
||||
name: vaultwarden-oidc-secret
|
||||
- name: SSO_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: secret
|
||||
name: vaultwarden-oidc-secret
|
||||
image: vaultwarden/server:1.35.0
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: main
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: vaultwarden-oidc-secret
|
||||
namespace: vaultwarden
|
||||
labels:
|
||||
app.kubernetes.io/name: vaultwarden-oidc-secret
|
||||
app.kubernetes.io/instance: vaultwarden
|
||||
app.kubernetes.io/part-of: vaultwarden
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: vault
|
||||
data:
|
||||
- secretKey: client
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/vaultwarden
|
||||
metadataPolicy: None
|
||||
property: client
|
||||
- secretKey: secret
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: /authentik/oidc/vaultwarden
|
||||
metadataPolicy: None
|
||||
property: secret
|
||||
Reference in New Issue
Block a user