mirror of
https://github.com/amkartashov/gf-k8s.git
synced 2026-01-11 18:09:44 +00:00
60 lines
1.9 KiB
YAML
60 lines
1.9 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: oauth2-proxy
|
|
spec:
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: oauth2-proxy
|
|
project: apps
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
# https://argo-cd.readthedocs.io/en/stable/user-guide/multiple_sources/#helm-value-files-from-external-git-repository
|
|
source:
|
|
repoURL: https://oauth2-proxy.github.io/manifests
|
|
targetRevision: 6.16.1
|
|
chart: oauth2-proxy
|
|
helm:
|
|
values: |
|
|
# https://github.com/oauth2-proxy/manifests/blob/main/helm/oauth2-proxy/values.yaml
|
|
|
|
config:
|
|
clientID: 13240a7012a34dbdd9c7
|
|
clientSecret: change_in_argocd
|
|
cookieSecret: change_in_argocd
|
|
configFile: |-
|
|
# https://github.com/kubernetes/ingress-nginx/issues/2831#issuecomment-407336056
|
|
provider = "github"
|
|
email_domains = [ "*" ]
|
|
upstreams = [ "file:///dev/null" ]
|
|
github_users = "amkartashov"
|
|
whitelist_domains = ".ioot.xyz"
|
|
cookie_refresh = "1m"
|
|
cookie_expire = "30m"
|
|
cookie_secure = "true"
|
|
cookie_domains = ".ioot.xyz"
|
|
ssl_insecure_skip_verify = "true"
|
|
pass_basic_auth = "false"
|
|
pass_access_token = "true"
|
|
pass_user_headers = "true"
|
|
set_authorization_header = "true"
|
|
pass_authorization_header = "true"
|
|
set_xauthrequest = true
|
|
# https://github.com/oauth2-proxy/oauth2-proxy/issues/1724#issuecomment-1199075723
|
|
scope = "user:email"
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
hosts:
|
|
- oauth2.ioot.xyz
|
|
tls:
|
|
- hosts:
|
|
- oauth2.ioot.xyz
|
|
secretName: oauth2-tls
|