From 71d04912361f3467ecd41039e35cc1b9656f3884 Mon Sep 17 00:00:00 2001
From: Eric Meehan <eric@eom.dev>
Date: Mon, 3 Nov 2025 22:59:41 -0500
Subject: [PATCH] Closes #33

---
 tasks/dex.yaml | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/tasks/dex.yaml b/tasks/dex.yaml
index adf68b2..9aa0389 100644
--- a/tasks/dex.yaml
+++ b/tasks/dex.yaml
@@ -32,10 +32,6 @@
           volumeName: "data"
           size: 256Gi
 
-
-
-
-
 - name: Deploy Dex
   kubernetes.core.helm:
     name: dex
@@ -45,6 +41,12 @@
     values:
       config:
         issuer: https://dex.eom.dev/
+        staticClients:
+          - id: "{{ matrix_dex_oidc_client_id }}"
+            name: Matrix Auth Service
+            secret: "{{ matrix_dex_oidc_client_secret }}"
+            redirectURIs:
+              - "https://mas.eom.dev/upstream/callback/01K96AQEZKKABW34PY3R6BVNJ4"
         storage:
           type: postgres
           config:
@@ -62,10 +64,10 @@
             config:
               host: openldap.openldap.svc.cluster.local
               insecureNoSSL: true
-              bindDN: cn=readonly,dc=example,dc=com
+              bindDN: cn=readonly,dc=eom,dc=dev
               bindPW: "{{ openldap_readonly_password }}"
               userSearch:
-                baseDN: dc=example,dc=com
+                baseDN: dc=eom,dc=dev
                 filter: "(&(objectClass=posixAccount)(memberOf=cn=Dex Users,ou=Dex,ou=Services,dc=eom,dc=dev))"
                 username: uid
                 idAttr: uid
@@ -81,12 +83,14 @@
                 nameAttr: cn
       ingress:
         enabled: true
+        className: nginx
         annotations:
           cert-manager.io/cluster-issuer: ca-issuer
         hosts:
           - host: dex.eom.dev
             paths:
               - path: /
+                pathType: ImplementationSpecific
         tls:
           - hosts:
               - dex.eom.dev