Compare commits

...

1 Commits

Author SHA1 Message Date
SeanOMik 6b299e5f45
feat: add guacamole after removing it 2023-10-22 18:52:59 -04:00
3 changed files with 40 additions and 62 deletions

View File

@ -1,60 +1,20 @@
apiVersion: v1
kind: Secret
kind: ConfigMap
metadata:
name: guacamole-secret
namespace: management
name: guacamole-properties
namespace: management
stringData:
OPENID_CLIENT_ID: ENC[AES256_GCM,data:rIJWHZ9rJQ1jwXL3+Mg00ZrcUwu4CevdOHRuP/EYjbUR5cKccvgwMg==,iv:NU7HCctec1PJeE9RAi7PhSpsNR9jxSTqh/7IJgKm9aw=,tag:vAPLHnK8HbsTaisLPY/vfQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2023-04-11T04:35:01Z"
mac: ENC[AES256_GCM,data:Q+i2p15dIYxhSIfTxXOJF81GZEUaxBNko++GgP8mZolS4FxlRxRzfN7vTbXcjuUtHvXqhaLj5nkHr3D+DHEkQONdX+iGlQ57P69r54+YooxqN+k8xH0itbhkJOBQXsCWy7/du5O5hcaPKosD1mB8h/t4G6l0hmco6/teIr/H1fU=,iv:huBC55AnGpZZa8DLZrGjrialg4DQs41EvxrDFuUdvGo=,tag:qXsUyu9Rj2jNNJUP3EMA8g==,type:str]
pgp:
- created_at: "2023-06-19T18:35:41Z"
enc: |
-----BEGIN PGP MESSAGE-----
guacamole.properties: |
postgresql-hostname: postgresql.database
postgresql-port: 5432
postgresql-database: guacamole
postgresql-username: guacamole
postgresql-password: EypqWCBj7KvzqwWT8N2rNHofYVam
hQIMAzKleRwoSoixARAAls4GtR9VbIW6MStf+SKBGybWAtexoVH7hrrg/qAbk0tv
WwnOmPgaPllMBW9NPTPZK0nYH7OEi++VbrBdZ0Ol69d2pA8SM3mpqg7a8zRKpg1q
loXNMsej0S+hMwqyYWc/WJnTqugQNo1UWO2RATFylsBPabaDVV77wU8Sgi6O71kO
55LYsB8y8HLbNFCeRafUutEyCbxyfFPXmBvYgy43JND82pfNRe0o3s+ZsTc/gSTd
CYoXlvYOMm6J0s/U/rP8L1JU1zC5f9RmvWpM2yKjs4HBB+WQ8zWMZfHyuXfbv8Yw
J/fJgpQor+BTWLLh+7E6JAqT0pJUMd31P290M0zfR7OyNIgFPfxinxzldheWziHQ
fU9YsPZaYHQoFGlYnUf8Ayb6l2aAl11yUPHcN135kBD6S54Ulm+5GLofS9TMPii3
WvDqZzvZo3wQSt/G88m5yNuImXfx/GGaCZUC3uv+ea5byZ9Zt5DtQiSwZ9rtIg49
JOCdn6ojdgiv8prFJuKNF55XQvtQZvwRQU8wlY9dOLnMPl/lfxU3cfOw7bZSCMI3
SA4XXOBdDOlKDLHI1BtIGm9aFlsItqt2Y7gMskGBBY43FJFlrEuNKKeZXxrlOofH
S/eHUK32z8NTor/2jyPF1MwfG458qDHZ99HxgF2fJ/fd3xj8MftWbHT2hqwDKjvU
aAEJAhCIQrI1FHAMlo9yFu80xKKfYvaUaUYpd8VL7YugtPjepy9+HIbHhpWISaze
oc1cYlQixHUPnLN9Bh2uD8qIx6YN+rocucP37IgYYMweELZg434wMbLFvLhGY+Mz
IQm/8YSSAZcK
=zmEF
-----END PGP MESSAGE-----
fp: 2CC2B3631D5C3393901335DB68F95C5D753EE1E5
- created_at: "2023-06-19T18:35:41Z"
enc: |
-----BEGIN PGP MESSAGE-----
enable-clipboard-integration: true
hQIMAy5t8IMoPu4VARAAr06Bw3F9BG6WGrGDlI80snvLqG45nfeBfWS8MmAvWLf6
cbLoj1lp55VrGhfD0Rcl1oYdAaz9dJrhjxBojSbw2Xda8J/Lj9ogftOV5n/vo4Sn
nWHj/cCweg4mTu4h4zN4eYc5VhZySftJr6OI/58ba+jELOHpBnFD6ZqRWCZQYeqQ
/xgb3LviC7fXD27DD72r5YMqHlvPLThk5VD6bCG6DtWV0bZIp3nr4lCB0nUXIoNN
+a5dMsazVvqDY1hXckhRMBujyyo65zLWmo2nywb2BvGRwKiIwStUlKXrTCj0ALiU
+hBcie6Q6JrMdnuPqFygqn4JR0a5OF7rxBiQ1epuB4Un2zafgwNQppOuVILbXWss
lh9RJD9scauhlEI92S7IJ4YrgaoWHWERIPPABxJinge55+pP4KZqN5IrP5z0KQr2
ELfLPBtM5Tj0WbAs2OfcJuSZtybiLPVZ+351EPe03UVEdjK3DKp/cQ1TpO5HdKVy
dFndTHwGhAMLoRx2m4WYNb0HUwoRzSfiX7gXaHssjViBEJri34DfIR+Zt5Zvuv9w
1ySBIPmbaTC4uh7GtE3m86Dg+q9R69X5wmJOZe0nB96gmBQrMSWGtNOhLtssILwy
iQPn7VGRuDn6rAcASNtOO7zL+N9CIm8/kuNkEUUTvjsBNjXjf5JTFmE8htcYzM7U
aAEJAhCD6jX/IRbgbamJre1yKjBIzDkHgct4pDMgOMVZCc2c2lWvdheMGmjArCHC
D4pzkkocXtIcvBf9L5LeXqDlqlmr9vi5afeBH8me8saPHURPKw19w+1me6Hu1jZb
C6AWGnYRFlBW
=/Jg7
-----END PGP MESSAGE-----
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
encrypted_regex: ^(data|stringData)$
version: 3.7.3
openid-authorization-endpoint=https://auth.seanomik.net/application/o/authorize/
openid-client-id=8ab8a779ce0eaf204750855a24bb7698845aeb4a
openid-issuer=https://auth.seanomik.net/application/o/apache-guacamole/
openid-jwks-endpoint=https://auth.seanomik.net/application/o/apache-guacamole/jwks/
openid-redirect-uri=https://remote.seanomik.net/ # This must match the redirect URI in Authentik

View File

@ -16,20 +16,23 @@ spec:
values:
image:
repository: abesnier/guacamole
tag: 1.5.0-alpine
repository: git.seanomik.net/seanomik/guacamole-sso-openid
tag: 1.5.0
sidecars:
guacd:
image: guacamole/guacd:1.5.0
imagePullPolicy: Always
env:
GUACD_HOSTNAME: "localhost"
GUACD_PORT: "4822"
EXTENSIONS: "auth-openid"
OPENID_AUTHORIZATION_ENDPOINT: "https://auth.${SECRET_NEW_DOMAIN}/application/o/authorize/"
OPENID_ISSUER: "https://auth.${SECRET_NEW_DOMAIN}/application/o/apache-guacamole/"
OPENID_JWKS_ENDPOINT: "https://auth.${SECRET_NEW_DOMAIN}/application/o/apache-guacamole/jwks/"
OPENID_REDIRECT_URI: "https://remote.${SECRET_NEW_DOMAIN}/"
envFrom:
- secretRef:
name: guacamole-secret
service:
main:
ports:
@ -59,9 +62,13 @@ spec:
persistence:
config:
enabled: true
type: hostPath
type: configMap
hostPath: /mnt/MainPool/Kubernetes/guacamole
mountPath: /config
# config:
# enabled: true
# type: configMap
# name: guacamole-properties
resources:
requests:

View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Secret
metadata:
name: gitea-puller
namespace: default
annotations:
replicator.v1.mittwald.de/replication-allowed: "true"
replicator.v1.mittwald.de/replication-allowed-namespaces: '*'
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: eyJhdXRocyI6eyJnaXQuc2Vhbm9taWsubmV0Ijp7InVzZXJuYW1lIjoiZ2l0ZWEtcHVsbGVyLnN2YyIsInBhc3N3b3JkIjoiYTM5NWI1NmJjMWNmMzA2ZjBlZWY4ZDZhZTVkNmQwZmJkYjM0ZDQxYiIsImF1dGgiOiJaMmwwWldFdGNIVnNiR1Z5TG5OMll6cGhNemsxWWpVMlltTXhZMll6TURabU1HVmxaamhrTm1GbE5XUTJaREJtWW1SaU16UmtOREZpIn19fQ==