diff --git a/deployment/helmchart/templates/configmaps.yaml b/deployment/helmchart/templates/configmaps.yaml index 2767855..6d02f35 100644 --- a/deployment/helmchart/templates/configmaps.yaml +++ b/deployment/helmchart/templates/configmaps.yaml @@ -16,11 +16,11 @@ data: HYDRA_CLIENT_ID: {{ .Values.backend.oidc.clientId }} HYDRA_AUTHORIZATION_BASE_URL: {{ .Values.backend.oidc.authorizationBaseUrl }} TOKEN_URL: {{ .Values.backend.oidc.tokenUrl }} - HYDRA_URL: {{ .Values.backend.oidc.baseUrl }} KRATOS_PUBLIC_URL: {{ .Values.backend.kratos.publicUrl }} KRATOS_ADMIN_URL: {{ .Values.backend.kratos.adminUrl }} + HYDRA_PUBLIC_URL: {{ .Values.backend.oidc.baseUrl }} HYDRA_ADMIN_URL: {{ .Values.backend.hydra.adminUrl }} - PUBLIC_URL: {{ .Values.backend.publicUrl }} + LOGIN_PANEL_URL: {{ .Values.backend.loginPanelUrl }} DATABASE_URL: {{ .Values.backend.databaseUrl }} # {{- if .Values.backend.smtp.enabled }} # DASHBOARD_BACKEND_SMTP_HOST: {{ .Values.backend.smtp.host | quote }} diff --git a/deployment/helmchart/templates/deployment.yaml b/deployment/helmchart/templates/deployment.yaml index e22ce4f..7ddb265 100644 --- a/deployment/helmchart/templates/deployment.yaml +++ b/deployment/helmchart/templates/deployment.yaml @@ -138,7 +138,7 @@ spec: name: {{ include "backend.secretName" . }} key: oidc-client-secret - name: KRATOS_URL - value: {{ .Values.backend.kratosUrl }} + value: {{ .Values.backend.kratos.adminUrl }} {{- if (include "backend.smtp.password.enabled" .) }} - name: DASHBOARD_SMTP_PASSWORD valueFrom: diff --git a/deployment/helmchart/templates/ingress.yaml b/deployment/helmchart/templates/ingress.yaml index e60b4fa..041f9f7 100644 --- a/deployment/helmchart/templates/ingress.yaml +++ b/deployment/helmchart/templates/ingress.yaml @@ -61,22 +61,4 @@ spec: port: number: 80 {{- end }} - {{- range .Values.ingress.extraHosts }} - # In the event of "extraHosts", kratos is not proxied. Due the redirects, - # and single domain support of kratos/hydra. it is not feasable to support - # multiple hostnames. Same is true for the /web/ login frontend - - host: {{ .name }} - http: - paths: - - path: {{ default "/" .path }}(.*) - {{- if eq "true" (include "common.ingress.supportsPathType" $) }} - pathType: {{ default "ImplementationSpecific" .pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "dashboard.serviceName" $) "servicePort" "dashboard-http" "context" $) | nindent 14 }} - - path: {{ default "/" .path }}(api/v1.*) - {{- if eq "true" (include "common.ingress.supportsPathType" $) }} - pathType: {{ default "ImplementationSpecific" .pathType }} - {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "backend.serviceName" .) "servicePort" "backend-http" "context" $) | nindent 14 }} - {{- end }} {{- end }} diff --git a/deployment/helmchart/values.yaml b/deployment/helmchart/values.yaml index 9238634..952e842 100644 --- a/deployment/helmchart/values.yaml +++ b/deployment/helmchart/values.yaml @@ -270,7 +270,7 @@ backend: adminUrl: http://single-sign-on-hydra-admin:4445 # Public URL of login panel - publicUrl: https://dashboard.stackspin.example.org/web/ + loginPanelUrl: https://dashboard.stackspin.example.org/web/ databaseUrl: mysql+pymysql://stackspin:stackspin@single-sign-on-database-mariadb/stackspin ## Kubernetes service configuration. For minikube, set this to NodePort, elsewhere use LoadBalancer or ClusterIP @@ -676,12 +676,6 @@ ingress: ## You can use the ingress.secrets parameter to create this TLS secret or relay on cert-manager to create it ## tls: false - ## @param ingress.extraHosts The list of additional hostnames to be covered with this ingress record. - ## Most likely the hostname above will be enough, but in the event more hosts are needed, this is an array - ## extraHosts: - ## - name: dashboard.local - ## path: / - extraHosts: [] ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## extraTls: