diff --git a/oauth2-proxy/Chart.yaml b/oauth2-proxy/Chart.yaml deleted file mode 100644 index 52f8170..0000000 --- a/oauth2-proxy/Chart.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v2 -name: oauth2-proxy -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: oauth2-proxy - repository: https://oauth2-proxy.github.io/manifests - version: 6.3.0 - - - diff --git a/oauth2-proxy/templates/oauth-credentials.yaml b/oauth2-proxy/templates/oauth-credentials.yaml deleted file mode 100644 index 82ac3d0..0000000 --- a/oauth2-proxy/templates/oauth-credentials.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: oauth-credentials - namespace: oauth2-proxy -spec: - encryptedData: - client-id: AgBROlAq1xM1PEnjhSmJBkeQd6YmvzPMdaaHUcYrWVe1bPwUUTRdyOp1TdvSmekma5LE4zgCWHVrsbybZooQjhK91cE3SS1HK5m5tiaC4bp7s7YLjc1jRPOVfrwjjYi5gDwVWLOeu/Ji8u7rspubYWhKGHkGap1FcldhxOLQVSTPrkKknKmWLMNhgrxGwFCEdoB78gZWAAjhp9o28u4Feqfl8zrUn5UJCEUYCM9jvUdvELBrxGvCrDm1Wenn0z6opIXzohJCXKthKy+xfNEt4shSEGjbbUtmY9aeFdUoA08LTmmVDeciz0fQ7oe1U6tJOjXPHmwLWb1Cxqp6UVFwkwjpS+PHnIEUsMwwXadanjL0Iglbbrw41jBkvpeWavLfogQU8o+q+Px0zUFhHwlfjXQS1fMi4lrPgtNDv2p7jIY7tdFGkaRWlN014tB5QVE1zvtdOKpJyQo1HnukJdqwTygDeox96GRwmSEKRhTMLBtiYZ03fOcLnxuuYIX2FaZaCXXGbB+HrGDCg1/iAQAJ849nlID14FDaQ4PhXPyhtqUfpwgMu9hqDlhRnnElMChC7014cHfnlrrTKIrpf29UeR64Fnerj7rWWppJcWMxqQ9sWajAGENqWvCzUwgtocrkPoNNOwucGDBAYUsiEkfnNQpdNvtW3ZbawwFgotvuei7fuAAAsmAolVrd6Boj3KXCLIONahZ2eZh2MSSYdm8s/frt+ypxu53dZYln14QYaBtkAA== - client-secret: AgA2kPXSjMEcMilBdz+6QszhHxpBGAA2AaYgP9SR2aAYYBdANMJDMjri4DTQVU/1oH+2gvR2h4+Albs2IIxVxSwZLN7XiQ9mEQHLEtbqe8BQ2P1nKC6DmLUejMzVWDihCAOGhAu0Z5rYeKcMJM0PI+rMMsxRctgEaoixH1qy2Ozbbwpt2kuASQ8q6I5AHJWSDpIPspv17jRoPT7MwqEequBxO8S6aBo8HZmJ4JpggJ+YdTvUxx60Mr7DFqS01K6+LZNSY6NzyC6+mIDKo3RYGzVk23LL8Vlt9SnFOLS9yB9A+pz6De+N8ByKIlkmBNcqBCBcKfltYOCzuoY7Fkti/4ccuf79/qdFjn0WsZZMyI+AwJEdONIEssZk7Q3uHdiGZIL5DT5zCWkuFOllSwKJcuPqoqceySp6gX+El4x84MB8pBPTLzIPZ6qjGXbz823nWrITGjjRVvKbyvt+wJUv41++oUOqyIuTID5hBLkZWD9OYh6gRWE2A//TvFTGXKXTrTitJqCHcRnApWsRmNMFxvDfto5K12sjtJkXDYNc0f5H3HcSBAHohwQ6e9vV6THL2rH2lj+1+0TZJoYbmFHG7PdgfRbLjTAhTM2OmAzzZVCcEv9KwSw1IThfOMTpCF0mvlkFOXgWtlcZHpCBLodWSCdfy2H1bsnpjdGKp0EYC/6Suc1NIEJyWEjAYmdhGI4CyIvSDZB6J8dGYow3upIAv++YmIPYYkU4JVRCZrvdC5vD7jxi/ZYrThxAmICDw2BKkpHoOEYwbMFlUI82u13qB3GumP4a/UI+PHZit35KfSUiDNq7TEoE/SDdy0I9kRkxyvtb6MrZvh+kuRYNyrrIZt43BnI6rwgTdVaSW9WoD6KjNNDnoFCISdc0ixXiM2JXhlCC6u/RfdDATHxla54yQSG4czr752ZqII/4+XRgUsZX1ADd0sLrvofC7Mr+T/A7GWnyO1+++Vi+M+ueEdb5hmnqmrYLHYXl96ynvacgW+5fo3Ce+yvbHizmKrQ1GXMrPXgesOgqfgt3A4qBosKukj/T0hmT4xJKFo2voFH+EVPwAK9/zjppooOHm7S6OQPp2zgCk7z8l3iokZ+PHnXNPNS/l8ZpBnoTlFqG7aH/QBNmNoLGRaJLkIFTB3zDuY3jNSNq1hkpq+KkFUmnkA/79V38SNbce0mSXWX5v6GKmAPxqSSQlwH23bXJYukx9BrKb9m4EcK2eihCiki3bk912PEGXI9uCLvW6sSx5kpm9AP1AtJx4svaBMwfEdB3Gt08cCsvHmKBuowd1/tRchRRxkkGh5QxuRMkDw== - cookie-secret: AgAdo/PA4h8bOiV/SjHWuSml8piPV1Zub/YOCy19hGrwpSeRujTHBONEWB6mtgATYzbUL463603ifbs9cvCCVNbblB0FrEes45hnZ0XYOZSu4jlwltbkLTxChTkIXlVnxTUTpgUgY6vfzQRlGjPFN/Lsa3Dw3uYJ5xwTfS5Z4hF3AQZ/kokdlOdkqQJVGHWVI48gFHlOvHvJvAe6xzjtKryVH3xOOMXNFtkb0uTmw0+++n1S181UTAkUBT6EUdrqNrf04/YVfp/lPUn2MH/420175I3xB0Ez5S8SYyEHg4JuejbsyaSYkRhz2xZlJz62OGi99wSwx9Ocujp4R3UfIbTWBohIPLqgMlb4i6uiTgnGMQzkx/M9P0R/vMkyzdR5RScFWVI8PUAM5d4HbSae4Q2nToXGu9Yu9tNrvw/UylqdCJmS4P5ICnoRr+Zx1CejCFwZR47oF9sfeBZf4DboG3DMXFQ6j4namcG5syrrRxXCza8XhvRcd9ssl2DLddFznF7deFOFnd6Nueh1Eadw6kHcAOc4YyCIgzDbDGjRh22Ege1L92TWAzSNWoAJrcK/AFPrSSiDK6FZ6RP1LQaya6phEjBSooUmcKIM+SICz3xR+nI1puJQES8V70lnRvvQR442TJ1tw9iwgqYhS6uuKAioiLkNeSXTAN/x2BWEt7SIlsb2dyWdKoutprHE9JYmQcLcgeOWaMzQA4PC7OdnG8XiCEOA+WO20zTVgukcPZI7yA4kdaBU8SxfaeP5+Q== - template: - data: null - metadata: - creationTimestamp: null - name: oauth-credentials - namespace: oauth2-proxy - - diff --git a/oauth2-proxy/values.yaml b/oauth2-proxy/values.yaml deleted file mode 100644 index 1750a95..0000000 --- a/oauth2-proxy/values.yaml +++ /dev/null @@ -1,86 +0,0 @@ -oauth2-proxy: - - config: - existingSecret: oauth-credentials - configFile: |- - email_domains = [ "*" ] - upstreams = [ "file:///dev/null" ] - pass_authorization_header = true - pass_access_token = true - pass_user_headers = true - set_authorization_header = true - set_xauthrequest = true - request_logging=true - cookie_secure=true - scope = "openid profile email" - cookie_refresh = "1m" - cookie_expire = "30m" - - - #--allowed-role= // Optional, required realm role - #--allowed-role=: // Optional, required client role - -# configFile: |- -# email_domains = [ "*" ] -# upstreams = [ "file:///dev/null" ] -# pass_authorization_header = true -# pass_access_token = true -# pass_user_headers = true -# set_authorization_header = true -# set_xauthrequest = true -# request_logging=true -# cookie_secure=true -# scope = "openid profile email" -# cookie_refresh = "1m" -# cookie_expire = "30m" - - image: - repository: "quay.io/oauth2-proxy/oauth2-proxy" - pullPolicy: "Always" - - extraArgs: - provider: keycloak-oidc - redirect-url: https://oauth.durp.info/oauth2/callback/ - oidc-issuer-url: https://keycloak.durp.info/realms/lab - whitelist-domain: .durp.info - - serviceAccount: - enabled: true - name: - annotations: {} - - ingress: - enabled: true - path: / - pathType: Prefix - hosts: - - oauth.durp.info - annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: "true" - cert-manager.io/cluster-issuer: letsencrypt-production - tls: - - secretName: oauth-tls - hosts: - - oauth.durp.info - - resources: - limits: - memory: 300Mi - requests: - cpu: 100m - memory: 300Mi - - livenessProbe: - enabled: true - initialDelaySeconds: 0 - timeoutSeconds: 1 - - readinessProbe: - enabled: true - initialDelaySeconds: 0 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - - replicaCount: 1 \ No newline at end of file