Closes #33

2025-11-03 22:59:41 -05:00 · 2025-11-03 22:59:41 -05:00 · 71d0491236
commit 71d0491236
parent 460fdedf50
1 changed files with 10 additions and 6 deletions
--- a/tasks/dex.yaml
+++ b/tasks/dex.yaml
@ -32,10 +32,6 @@
          volumeName: "data"
          size: 256Gi

-
-
-
-
 - name: Deploy Dex
  kubernetes.core.helm:
    name: dex
@ -45,6 +41,12 @@
    values:
      config:
        issuer: https://dex.eom.dev/
+        staticClients:
+          - id: "{{ matrix_dex_oidc_client_id }}"
+            name: Matrix Auth Service
+            secret: "{{ matrix_dex_oidc_client_secret }}"
+            redirectURIs:
+              - "https://mas.eom.dev/upstream/callback/01K96AQEZKKABW34PY3R6BVNJ4"
        storage:
          type: postgres
          config:
@ -62,10 +64,10 @@
            config:
              host: openldap.openldap.svc.cluster.local
              insecureNoSSL: true
-              bindDN: cn=readonly,dc=example,dc=com
+              bindDN: cn=readonly,dc=eom,dc=dev
              bindPW: "{{ openldap_readonly_password }}"
              userSearch:
-                baseDN: dc=example,dc=com
+                baseDN: dc=eom,dc=dev
                filter: "(&(objectClass=posixAccount)(memberOf=cn=Dex Users,ou=Dex,ou=Services,dc=eom,dc=dev))"
                username: uid
                idAttr: uid
@ -81,12 +83,14 @@
                nameAttr: cn
      ingress:
        enabled: true
+        className: nginx
        annotations:
          cert-manager.io/cluster-issuer: ca-issuer
        hosts:
          - host: dex.eom.dev
            paths:
              - path: /
+                pathType: ImplementationSpecific
        tls:
          - hosts:
              - dex.eom.dev