diff --git a/cluster/apps/default/mealie/env-secret.sops.yaml b/cluster/apps/default/mealie/env-secret.sops.yaml index 51091bf..0772983 100644 --- a/cluster/apps/default/mealie/env-secret.sops.yaml +++ b/cluster/apps/default/mealie/env-secret.sops.yaml @@ -4,67 +4,69 @@ metadata: name: mealie-env namespace: default stringData: - POSTGRES_PASSWORD: ENC[AES256_GCM,data:0dypT/STvsUdm9YIJXqGQLUNZlWU+W43bsskE3Ujlk8=,iv:MtG5RydB2VFmtCAmzMelXniVRe+mS8pYkUxfeAaqZVI=,tag:uXKtbf09Ugtu7wE+/uQmuA==,type:str] + POSTGRES_PASSWORD: ENC[AES256_GCM,data:5yps23lQxWSDAztuRVSPdctXfGVaPjcT//FZPfFtdO8=,iv:2UUhXqj+e2lTNAMwVMNnbgzocbkUgaqEjU4AfOd8q48=,tag:8Lbj4FRAKS5VI94c4FPYLw==,type:str] + OIDC_CONFIGURATION_URL: ENC[AES256_GCM,data:685kc+/W1CAFvSctw1lt7ItVyUR1ad97g2lRmTU5M2bvTh+ihW2v+ej4drcWV9d+kv9FWKzUdKcmQasEVNx52V8hyWtAs/8e6VXfLGgqow==,iv:eBTmHwDQhOTHBx96xmZz7iK11sgZ8vsQKMdjH/CukgA=,tag:BN2Hlmk5RRT5RuM83Bt+fg==,type:str] + OIDC_CLIENT_ID: ENC[AES256_GCM,data:eEqCyLj1FrZJHCeCifA49t2Ooqx9O2cR+TqRqme0YDi4chw7aSqQwQ==,iv:7fEVks0mOnbNMwPLtaWCgfyeuFqN9ZWD2KPUUbEjcUc=,tag:UtPiGFwUIX9FaVFR25oCsA==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2024-05-24T22:08:41Z" - mac: ENC[AES256_GCM,data:a1UiuY32ceblpZuUUcVyKGt6sXe+shv1n/lUUqmJzw5GcE6rys11ckUsysKxhD0pnQR38ez2HGBof+3ffkyEECPH96UKVO7pSC9XIfmWBSbgEVxOzEeu1UJF21nrRbU0rsFOooZm1bQ2lH0l0Cv9XXsJeIiLADXFiIsdDfYLLV8=,iv:xuxFdR856GGxADM7/8FZBW9FQ1pee8d3fbGJ8yan9e0=,tag:9VN1ZEO6c/mLHLiPXP7awg==,type:str] + lastmodified: "2024-05-24T22:29:36Z" + mac: ENC[AES256_GCM,data:I7XCohPzUlpxcrOC1qu5vsB9/G8YGadS5eysc4Zkv1rPrDCLtqtIlC1wUh8Si8x4UZgTgiTtqVC3tkVwF4tpCe3DL6Dg+FvNFbG9OMo2QTQ//LoBToX3729tALEHv8rV5Q1XgybaBRS13ZfDxOxtCorLA7yUQ8p8Of+MkBkZpqk=,iv:B4BaIB0st5fupS0WYaEM5oYLqKcFmM/A7h0U3/aOR8E=,tag:JvDKDKyw74+nZ3Lqcfb12A==,type:str] pgp: - - created_at: "2024-05-24T22:08:41Z" + - created_at: "2024-05-24T22:29:36Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAyqlIeyoxYovARAAl9YlhnGIKee43rVKNTDpxhcFQCTR9cimVNusxQoFZhUp - CXNJEWtCoaTzj9oIx9fQBGOKWFNQoS2C1w3LLlu4fhAIJVQMmbS3V7/mM/uphfL3 - D/qk444Vfg5IModOLmIMWTNARMHoA5+O2Daj1+amx47EaXl0KfQ0zCzxORs+bNFX - mn9OhjrLX/aqr35QwddridELt6m56kAPyRjGs8IddQ09TgQCO89u7o/87yfEll+G - nE+YgfqSPaHicnUz5khTrs8F+hPFO+JAsTY92g3Nu7+Yqkp4BwyGmnZSgyN63oBZ - mijGpt1JM80L/qktTw+uS5w2esLXH/wys+iEQwLw0U2PrWWLObiM22w+gUOMt2lP - tlTkS8B9fmvSdehXweHNQHa/yylrhMiUZaQHTIOcmXXuUn/5C9OlMvMbQvA7Nya9 - 7Z/6S9WN4no+8e1r7CQoM5YxUJJPLW55SFM0bwVV2hCwS5dLIKZIk9hZIozPeKKD - l51O4Rm9IUjs1cee7fDOifpLa2aqBpibs4D/UUEZxZN6hWHDjTUGfyFSWwn8An2U - WtJZXfarA/Yc7tzYiD8wK6HSVq29jHUdV3Obw4FCyBqbnAOk3Bwchi+gWMs4WAr+ - RtQeen6U2emsdBw69xb/KbjcR+TXiICd8UtuFzatvmz5zH1hOFn692xo2/YiYnWF - AgwDXjg0p2IN1X8BD/4/IhGG9a/1fkCaxRKB3Lfd3Cn5SWdbr7LrBe9YFDJ2gkIf - Q7fKsyVSS7Qk8xiJJ3q2DpVcnNEnZXhKvoUP87FlHsEfX5FqjpqtB6GVRJVmNHq7 - E1zKo3n4d0qr7DuiDQHwE5ySQ1DbFZ/8AfDTm4q1/spcxCnqmKGvc8r+FrMvfd6D - DIiB5Gl3EziNdk+oIj8aTZCAm90/F/iY4JvDnCR8czQz5gGuhKXk3WY425qNSxmq - +htSHgExPmr7xqvQ++As8oD0BRFaGhJiDHL66QHJiNONlqTGdPupQM8MMgI0czrW - UX6s8549TGcEMR5mqksqxD6RcAUOsIrAlugx1eGUip2N53fd71DJG8fhu7rsi1CI - FA5icZxQemL3P6vqfNHA89Gc0uqDHNWzmA8iy1NtVM7bB3QZXaKCz5HNHgN/GM/A - /CbGW1dYCv/MJFwD0xlO4l5l95xyW3rBZImXAxFEa8c56Ik5m8ZrUYpGYKInVVvk - RB566m1q6naIW9Jdw+IR//PmQk4mI5XOGcrwMemxeVwIyi44GtocuRmRWT6oIwtk - CJF9imidDS6+qO2tROE99k4XqDfx46LXO6FNJfFY/7PiHs72QMdOuXa7RefIlDJU - cqjfHiSVO9ISPvvnvm4DxFESQdNZeW1E0JAWnUjt3KjG2w80m8ngsKjAtm8GnNRo - AQkCEIJh3BZa/6iSm0kl93shJyeoSnr7AsYPKU/i6pbiv601pgc2GEH6RIfssUhP - w83gXI/EWNVN7g5T3BoKOMlI4+dciBedeuuNCmCwa3FVbpa7KXGkuieJ7G4CTd86 - 6baMvtaYi6s= - =gss5 + hQIMAyqlIeyoxYovAQ/7B6jTtiyW2MrPXO4xORnBgzXMvElzEbjyyBvGS8p8aqXq + PIu5GTM5jd4H5EA97ULaadrSKxdjz97hkmtbwdkK6QT9BORuuAC2661wEN23dCbm + VJNrkkJcngP7VAH2lQE6+Znpn4kubsCdatprDuq5BxvhrWPNJ6Zk4UERfrFwdB3q + zIYssaWr248bQ/2qZGtsGQkIqwHu/hIT/w1h77yKhrUVbGAXlCyvQwh4e+FDWoKB + 2ZwEmhUzmqdL44TeimJGIB6P0QOc/F66QgrPChGB8oRVcctSSfj3F2rOomgdeFqG + p6jqzRp0ArsCI8x8y6KHCsrwWGJ4LGLAqYkBd7kRYc0skiLrDEHfpSpDXJGYAArr + iiv3x4VmEhVJcv1+F58YOdnMvf7Abj+MvDxns1m8+M8b2laqD7Is8R1ldlTiblHs + lOv74mjp7OsZLtsvLf7G+za9QzkTzRRJwf0SGjCfIhsby/+u7yKcxlqEELs/s6/b + UyacDewdLK8SNbH6tMM/07K0ydb6Cv2kHp5Hp7PTZikuu5my+t1oJF2FLNfv01bi + qSTOFg+dbxquBNt0hRl/P/tHV2J0PT33RB7olu8l/qVZGOQyUxsATy3VZqbFJo+x + gis3r+yTffXywwYFXWdRnaSRPW5gRzvJn/p4IPNlGBWE0N0sJq2urHsR3YOUzLmF + AgwDXjg0p2IN1X8BD/9HMGFsNb6A2x5lgj4Y4z41mWF9jP8msgDfr25mIs9lPnfd + EVhe+LjTlgPJtI4U5cImAG281ObFU8jvSp4yb0ICin1UDL78yE3UkEwxya3PjoNM + 4H31NcR/1to+ZxRAIPLlr/31TDdQJgJdV/ch72c0EEEn8D1P9WwSurKQbdRaXtbL + SRtTUPE5Ib8tNHcELn1sWXAoABW3QlRzinGrCiYqRQAlySn+h5ddk0+dZrg8BqTM + oZ4/2XkCg2zUuJEJG16M5FNCVvoyL3j24+fnLHiic4JI3RX1U041NNETmb3Qmd1C + q+mtEsxVJaT3sSNtBLnzFl5b4BucDmLL5Al7kaS2s/lhZvBlmOIWq1QDIX85QhSS + xX+TDh9Z6Bu0BVRHsGpxpZuEDMZDl4Et/Ogeh28AgBBPvveFAFxMNnAF+t2bKU6/ + DnF2qnIFZLmSLsjFDzFBWSia8qHpbwbaA6Bvgmb2OmUwIjACiNZ/KmjXU/EZTidV + +/o+pCawxvnj9kll3kDUph9IvENvCaVY1fd+BVAaOA3u8k0exH2XUA/9lhH5X2ma + o+Cg2aKeRnHM9kBn7qPbmwYre/ZNO5wIqUOGcti8mFIvjcO/xvbCvAYB5A+mbHm0 + eqhh237KXgkqcEfriTkqIiX9MxOXFC5h9qIyNQe1OJfEzMYonvx2wnNMH6o349Ro + AQkCEPH3phD9vPnAHylWSm2Ww0OOx0E/Gw+rBrXa8/FpCoc/NjLOqb65yMdEuOTa + IAcUcdno5fE0meZDXMP61gtVfkXk7J4vZgYR6iHEv8HYDxUjFtC1+VhoF5ir4C9I + o5vJXAbfXpM= + =Qs8b -----END PGP MESSAGE----- fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD - - created_at: "2024-05-24T22:08:41Z" + - created_at: "2024-05-24T22:29:36Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMAy5t8IMoPu4VARAAmA+hjxODva+QLyKAJ1Ay+k2n3qjCmqMKVOyRiA1O9Qsl - 4jcboAkABN9BSQYlfY6GjV9YznI61RBFep4cSNCjxpsPhFaATrih85jeAJYMWtCX - 9ynIPyH1hJQ6Yr4/jCKzC7Y0fQ8dqasQG7HHi91YZAqgJJSqfr0UIl5P8COSHpRc - TcdeWzEcmgHfoD7FLvVA2YxxNDDQw1sMBa0QImNtfuByKZGdFIR4hFfbZxNznNh5 - oiF+DKBApYm+19wfH9Gmq8FgD28kvzk6nPe3gcsXaLSRv2yjCfWBAbcRrAGKcvXS - yJgGkQQM3wFMBm1ZECZC30pUvO54x+sDws2cggs1S3rUNawfuDcALAFZ+78quifa - lB4Jea6qtuyAYqbfANXKK0GsjwmYR3IfYjZxsi6f78uqT+TbQiC7SYuKZoTCrLnG - UzlvUpvk5Df59moyNXNxYSXTSvMIThBfiKmfOvBFa8PYq1+inT+piT3KAn9wFJdI - HvlXGgO+Ce4uXiUdP+19aSZUTnfjtwueon4jgAmt3MoasN9oed7iO6ISKnSKc/AR - O+omz60Dea87m7p5AIrZ8P6ig6LrbNHUO5U6vvE7THw7HsIc4JMx6PDeZLWHoIP+ - wgTKYR55EMUMnkJx1EMMocBtCPrKkA4TgdBDpEPSAKy4Kor+9hZ5m0Ke87TSoRrU - aAEJAhCOX/SXDB+ZQc0xzFQPDEG5MYvszdHYsZacYZ2tirSQosdAd5qSmRCkPcPc - cV8KPMOvV0W1KUVozBRDQAyM3ZhBAZ3ilNGMUXNDytN8JEDcKYdlpslGK+5bshc8 - EZPNJLm9zwuo - =fGOf + hQIMAy5t8IMoPu4VARAAoNLu3Nv+CLV/nQUp/LH1JN/rmYk8FdLu/xuxk+AHZvXL + PKymrvLuNaewjN1ErGfUhs5PRaMYGnzTBuRwAT3453+hkDjBRtNMVkZ7lBcmk40i + Ms9Pq5P3f6jWkv5AAreRKAbq1Oo2NWN28XoCMD+77P6rYqJ+lMrn/3/44uzyTZ7n + 2myc5SkAePLMsrCK/w473z3Bi1FMEHFh1gzeyU+psu03U9AuomqnNplU7WwcX6cn + rRdo4AwziBX5Sy0rsGHKw7SsTwgCwTfkMd0MiPvDXw99yg/XsFNBv5n/eT9pacRW + c540faiu4DIIIzbRUAPNvPcSgjq6Nk8F6n04lbE0feirduAeC38JZcvUw8SWCRls + EslBwpVzDuiLCgAuQ52kUhdyZHQm5jdj254OPfqZYTT1ACFpMwXZqP/e2s1H5jNP + g27iDeOI02AHCVyeOpMisefDyFm3ubkYtudpInihAdFhMgQzRN2dxLftM1zqpk6H + 4xTydD/Nmz85ywGcJOwxnzvc6lAhpDaErgd1rZhFgYCqMyAdbJc0azHjtINCmRhb + gZly4q1Cj6rt4J986ywPItaDKdlS4b/cPuw3lcbap/zYBwQTHLF/y0bcczo0vcVg + lTxRTikzxpskW7gUUPLr2/tJJ7ZN/D4jH+/d88E5Hd55lgicJakWDZ6CJEahpjjU + aAEJAhA0yGxciVEPZb1FQavCqlOzAIUuHPJgxii9uHE4V9AlalZE9Q77X2xJ4GJA + LG7DPavZpZKoHVhpNLlu+0mewOywIFvlyRu708/UnL/mfHNe33rcd16ckmpXI+V2 + UkzFv/ac/dEj + =jT5t -----END PGP MESSAGE----- fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D encrypted_regex: ^(data|stringData)$ diff --git a/cluster/apps/default/mealie/helm-release.yaml b/cluster/apps/default/mealie/helm-release.yaml index 89d6e1b..96f3f6c 100644 --- a/cluster/apps/default/mealie/helm-release.yaml +++ b/cluster/apps/default/mealie/helm-release.yaml @@ -50,6 +50,16 @@ spec: POSTGRES_PORT: 5432 POSTGRES_DB: mealie + # oidc + OIDC_AUTH_ENABLED: "True" + OIDC_SIGNUP_ENABLED: "True" + OIDC_ADMIN_GROUP: mealieAdmins + OIDC_AUTO_REDIRECT: "True" + OIDC_REMEMBER_ME: "True" + # specified in mealie-env + # OIDC_CONFIGURATION_URL + # OIDC_CLIENT_ID + envFrom: - secretRef: name: mealie-env