Setup ldap in minio environment vars
This commit is contained in:
parent
e7a4e1f8d2
commit
8d7ccdfac9
|
@ -6,14 +6,23 @@ metadata:
|
||||||
stringData:
|
stringData:
|
||||||
MINIO_ROOT_USER: ENC[AES256_GCM,data:xEqc/w==,iv:QNJlfvs/uIWuTZ5i/OuGKRvK0iYhbO2bMI9oufCYQAI=,tag:Ck6DVPTcqcDpuM1SUBl+xA==,type:str]
|
MINIO_ROOT_USER: ENC[AES256_GCM,data:xEqc/w==,iv:QNJlfvs/uIWuTZ5i/OuGKRvK0iYhbO2bMI9oufCYQAI=,tag:Ck6DVPTcqcDpuM1SUBl+xA==,type:str]
|
||||||
MINIO_ROOT_PASSWORD: ENC[AES256_GCM,data:G83RzKMZ8L7F4e0=,iv:UidYzq8QTNX0/xTGcozEI8kvKJD8g58g2Z45Pihtpmw=,tag:UhnngTLbV3ZWK+4jF2hQQw==,type:str]
|
MINIO_ROOT_PASSWORD: ENC[AES256_GCM,data:G83RzKMZ8L7F4e0=,iv:UidYzq8QTNX0/xTGcozEI8kvKJD8g58g2Z45Pihtpmw=,tag:UhnngTLbV3ZWK+4jF2hQQw==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_SERVER_ADDR: ENC[AES256_GCM,data:0pw7wnOER/Bo6ks8bBXZDkO/DGRRKmIAW7PkbcfqdOgyjOlcI07gkMNLUvk=,iv:rAn3p3EzdKfWjKNSRMK5lFNMhA0KuK+xFrftKb4c3qY=,tag:8oylCs0edyafJmwJMaLb1w==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_TLS_SKIP_VERIFY: ENC[AES256_GCM,data:fpk=,iv:/ZGYSfa5GEnv8/KH5cD9qsd0gz8qmqcDFL3syGUqh6Y=,tag:OuMlBbNxDOo4Em++di05JA==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_SERVER_INSECURE: ENC[AES256_GCM,data:1rM=,iv:SKhuvzcjXy7FJqZeMTtO3alvWa2E1YYRAkM4T1YnDc0=,tag:znUtC3Q0okedbOv7zVOUgQ==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN: ENC[AES256_GCM,data:33aRyIxdLvW0+I2YDwh8VifqoYoWrIL84ORiQHqqFlFvZaiimTWBNg46BhI8IC4e,iv:qeo9vFoqidUoPI19CQwP4SDqTWuNEWFvTKmipoKZwPs=,tag:7GIwLOBq4ni9ELGLdsYgNw==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD: ENC[AES256_GCM,data:pIuhgM5tnwYEUTH9D6lHoDhovoGNLV/hCKhWyPmk7hCAyT2UY1I8jGIXdErpF9YZkLcs74pMuQrJZyjg,iv:fP6UzgfOxRmmoGzDmeqO02liSzxbc3LXDkWffUY5rFU=,tag:gAPlBlSmk3sRaoFoA6uytA==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN: ENC[AES256_GCM,data:9Wm2O3CZ6dJ1oWKiAR/S74O2OXw3UK+GDlP2Od7Wsv1t7oo=,iv:7d+lzsTEj2jy0QSFurr0brY4NqT2wOZOQfdwAEADUaU=,tag:s2Ks9ftCBxeaOAJs3TvxmA==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER: ENC[AES256_GCM,data:+F8SwQ8NnYkegYOJWAjAbeytMQ==,iv:KRBpb/ss3dYJA9CeARi4BHrUIwq8jsmXQ0N5sT/fA0M=,tag:SmBeODb3/2qV/hQTINflMA==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN: ENC[AES256_GCM,data:/NShkg0AAnNNvADI0M3p47GjTrbUYAsyKB65bP21e2WFoF8f,iv:G7qgm3JD7lD7qc0fUVraUf5SFCgLndjnwRbbQH4KGVQ=,tag:xmpu0Y+23MMIBjER4PKXYg==,type:str]
|
||||||
|
MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER: ENC[AES256_GCM,data:ua2lxGZOEosUk5h71qlMVsxHOTua/nUEiXPkrGqXX69SDOlR6CofDg==,iv:Lzr/kDtpJ0QU/eIlB16L0Wsym48m20a7sAbI4xsaXKs=,tag:LaognVNlPVCOXPkRWyz3Zg==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
azure_kv: []
|
azure_kv: []
|
||||||
hc_vault: []
|
hc_vault: []
|
||||||
age: []
|
age: []
|
||||||
lastmodified: "2023-04-15T00:16:34Z"
|
lastmodified: "2023-04-15T22:21:00Z"
|
||||||
mac: ENC[AES256_GCM,data:evOpEk01hJma7fD46PpjXtIeMJ2vLrMEdC4J08djTAFLFZ5R0xCzx7Q1LqpUYYbD6+/Np7KgS8J5Y3vG3XR+IBKJOa5e3Td8ark9ZX9uyeAs6OY/knBg/N8CaArAktb4ZKVAjd5qH3K+jex9NOKQMc05NnCfrxweMGI7GZMJ75c=,iv:jWERVLB3gHD1Dli3K4qKP1C4iSsSs2h6VBVsgIKSzmY=,tag:+wVUGRkMx1FRX/1/wLRVkg==,type:str]
|
mac: ENC[AES256_GCM,data:RTPqmKlqQ8PmD9NeiMIxcXkB4BLmdIwUwc1kzjSh4WYb3waPDYEYh1ZcghbVgSc65WBUXx/0OB6lt5aK31omqRTgPKh2NXsIyuWGsUGDY+xsGvCPXNOwg7sofBz9y1jvUgPMQEwrflz9XJUw8oNZa59sunwJs05wbRxqwWwKTGY=,iv:6DUt5qb9fPrNNc8IgstJiBBuw6gMC8xe7p4qZYZ1mAw=,tag:33lim9TkxR25zPlpr/c9jw==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2023-04-07T01:57:22Z"
|
- created_at: "2023-04-07T01:57:22Z"
|
||||||
enc: |
|
enc: |
|
||||||
|
|
|
@ -17,4 +17,29 @@ sudo systemctl start k3s
|
||||||
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
|
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
|
||||||
sudo chown $USER ~/.kube/config
|
sudo chown $USER ~/.kube/config
|
||||||
sudo chmod 600 ~/.kube/config
|
sudo chmod 600 ~/.kube/config
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Finishing Service Setup
|
||||||
|
|
||||||
|
### SSO (Authentik)
|
||||||
|
Many services require SSO to be setup.
|
||||||
|
|
||||||
|
Proxy Providers:
|
||||||
|
* Bazarr
|
||||||
|
* Mylar3
|
||||||
|
* Prowlarr
|
||||||
|
* qBittorrent
|
||||||
|
* Radarr
|
||||||
|
* Readarr Audiobooks
|
||||||
|
* Readarr eBooks
|
||||||
|
* Sonarr
|
||||||
|
* Prometheus
|
||||||
|
* Alertmanager
|
||||||
|
* Traefik
|
||||||
|
|
||||||
|
OpenID Providers:
|
||||||
|
* Komga
|
||||||
|
* Apache Guacamole
|
||||||
|
|
||||||
|
An LDAP Provider is also required by services. Create an LDAP provider in authentik and just let it create the kubernetes resources.
|
Loading…
Reference in New Issue