diff --git a/etc/base.yaml b/etc/base.yaml index affda616e..d0eac2a3a 100644 --- a/etc/base.yaml +++ b/etc/base.yaml @@ -214,6 +214,16 @@ kratos_ui: _chart_version: 0.43.1 _extra_timeout: 0 +hydra: + _install: false + _chart_version: 0.41.0 + _extra_timeout: 0 + +hydra_ui: + _install: false + _chart_version: 0.41.0 + _extra_timeout: 0 + app_config: _install: true _chart_version: 1.1.1 diff --git a/etc/hydra-ui/values.yaml b/etc/hydra-ui/values.yaml new file mode 100644 index 000000000..229314cb4 --- /dev/null +++ b/etc/hydra-ui/values.yaml @@ -0,0 +1,17 @@ +hydraAdminUrl: http://hydra-admin:4445 +hydraPublicUrl: http://hydra-public:4444 +baseUrl: https://radar-k3s-test.thehyve.net/hydra-ui/ + +ingress: + enabled: true + className: nginx + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /$1 + hosts: + - host: radar-k3s-test.thehyve.net + paths: + - path: "/hydra-ui/?(.*)" + pathType: ImplementationSpecific + tls: + - hosts: [radar-k3s-test.thehyve.net] + secretName: radar-base-tls \ No newline at end of file diff --git a/etc/hydra/values.yaml b/etc/hydra/values.yaml new file mode 100644 index 000000000..b0149c39d --- /dev/null +++ b/etc/hydra/values.yaml @@ -0,0 +1,47 @@ +ingress: + admin: + enabled: true + className: "nginx" + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: radar-k3s-test.thehyve.net + paths: + - path: "/admin/hydra/?(.*)" + pathType: ImplementationSpecific + tls: + - secretName: hydra-admin-tls + host: + - radar-k3s-test.thehyve.net + public: + enabled: true + className: "nginx" + annotations: + nginx.ingress.kubernetes.io/rewrite-target: /$1 + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: radar-k3s-test.thehyve.net + paths: + - path: "/hydra/?(.*)" + pathType: ImplementationSpecific + tls: + - secretName: hydra-public-tls + hosts: + - radar-k3s-test.thehyve.net +hydra: + automigration: + enabled: true + config: + urls: + self: + issuer: https://radar-k3s-test.thehyve.net/hydra/ + login: https://radar-k3s-test.thehyve.net/hydra-ui/login + consent: https://radar-k3s-test.thehyve.net/hydra-ui/consent + + log: + level: debug + format: text + leak_sensitive_values: true + + +#https://www.ory.sh/docs/hydra/reference/configuration \ No newline at end of file diff --git a/etc/postgresql/values.yaml b/etc/postgresql/values.yaml index c1a843e89..9c6753157 100644 --- a/etc/postgresql/values.yaml +++ b/etc/postgresql/values.yaml @@ -114,7 +114,7 @@ primary: ## extraEnvVars: - name: POSTGRES_MULTIPLE_DATABASES - value: managementportal,restsourceauthorizer,appconfig,kratos + value: managementportal,restsourceauthorizer,appconfig,kratos,hydra ## @param primary.podAnnotations Map of annotations to add to the pods (postgresql primary) ## podAnnotations: diff --git a/helmfile.d/10-managementportal.yaml b/helmfile.d/10-managementportal.yaml index 4ba31a88c..a1aecc5b3 100644 --- a/helmfile.d/10-managementportal.yaml +++ b/helmfile.d/10-managementportal.yaml @@ -17,7 +17,7 @@ releases: - {{ .Values.postgresql | toYaml | indent 8 | trim }} - name: management-portal - chart: radar/management-portal + chart: ../../radar-helm-charts/charts/management-portal version: {{ .Values.management_portal._chart_version }} installed: {{ .Values.management_portal._install }} timeout: {{ add .Values.base_timeout .Values.management_portal._extra_timeout }} @@ -154,7 +154,7 @@ releases: timeout: {{ add .Values.base_timeout .Values.kratos_ui._extra_timeout }} <<: *logFailedRelease values: - - "../etc/kratos_ui/values.yaml" + - "../etc/kratos-ui/values.yaml" - {{ .Values.kratos_ui | toYaml | indent 8 | trim }} set: - name: serverName @@ -177,6 +177,9 @@ releases: values: - "../etc/hydra/values.yaml" - {{ .Values.hydra | toYaml | indent 8 | trim }} + set: + - name: hydra.config.dsn + value: postgres://{{ .Values.management_portal.postgres.user }}:{{ .Values.management_portal.postgres.password }}@{{ .Values.management_portal.postgres.host }}:{{ .Values.management_portal.postgres.port }}/{{ .Values | get "hydra.jdbc.database" "hydra" }} - name: hydra-ui chart: ory/example-idp