DevOps/ansible-role-eom
1
0
Fork 0
Code Issues 19 Pull Requests Actions Packages Projects Releases Wiki Activity
3ae97ac4e1
ansible-role-eom/tasks/dex.yaml
Eric Meehan 3ae97ac4e1 Many changes
2025-06-26 12:56:15 -04:00

94 lines
2.4 KiB
YAML
Raw Blame History

---
# tasks file for dex
- name: Add Dex repo
kubernetes.core.helm_repository:
name: dex
repo_url: https://charts.dexidp.io
register: repo
- name: Update Helm repos
command: helm repo update
when: repo.changed
- name: Deploy PostgreSQL
kubernetes.core.helm:
name: postgresql
chart_ref: bitnami/postgresql
release_namespace: dex
create_namespace: true
values:
auth:
enablePostgresUser: true
postgresPassword: "{{ postgresql_admin_password }}"
username: "dex"
password: "{{ dex_admin_password }}"
database: "dex"
primary:
name: primary
initdb:
scripts: {}
persistence:
enabled: true
volumeName: "data"
size: 256Gi
- name: Deploy Dex
kubernetes.core.helm:
name: dex
chart_ref: dex/dex
release_namespace: dex
create_namespace: true
values:
config:
issuer: https://dex.eom.dev/
storage:
type: postgres
config:
host: postgresql
port: 5432
databbase: dex
user: dex
password: "{{ dex_admin_password }}"
ssl:
mode: disable
connectors:
- type: ldap
id: ldap
name: LDAP
config:
host: openldap.openldap.svc.cluster.local
insecureNoSSL: true
bindDN: cn=readonly,dc=example,dc=com
bindPW: "{{ openldap_readonly_password }}"
userSearch:
baseDN: dc=example,dc=com
filter: "(&(objectClass=posixAccount)(memberOf=cn=Dex Users,ou=Dex,ou=Services,dc=eom,dc=dev))"
username: uid
idAttr: uid
emailAttr: mail
nameAttr: givenName
preferredUsernameAttr: uid
groupSearch:
baseDN: dc=eom,dc=dev
filter: "(objectClass=groupOfUniqueNames)"
userMatchers:
- userAttr: cn
groupAttr: uniqueMember
nameAttr: cn
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: ca-issuer
hosts:
- host: dex.eom.dev
paths:
- path: /
tls:
- hosts:
- dex.eom.dev
secretName: dex
Reference in New Issue View Git Blame Copy Permalink