Skip to content

Commit

Permalink
WIP: Improve hydra chart
Browse files Browse the repository at this point in the history
  • Loading branch information
@Bdegraaf1234
Bdegraaf1234 committed Jul 12, 2024
1 parent 9b82693 commit 2d6e8eb
Show file tree
Hide file tree
Showing 3 changed files with 45 additions and 16 deletions.
6 changes: 3 additions & 3 deletions etc/hydra-ui/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
hydraAdminUrl: http://hydra-admin:4445
hydraPublicUrl: http://hydra-public:4444
baseUrl: https://radar-k3s-test.thehyve.net/hydra-ui/
baseUrl: https://localhost/hydra-ui/

ingress:
enabled: true
className: nginx
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
hosts:
- host: radar-k3s-test.thehyve.net
- host: localhost
paths:
- path: "/hydra-ui/?(.*)"
pathType: ImplementationSpecific
tls:
- hosts: [radar-k3s-test.thehyve.net]
- hosts: [localhost]
secretName: radar-base-tls
21 changes: 9 additions & 12 deletions etc/hydra/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,38 +10,35 @@ ingress:
- path: "/admin/hydra/?(.*)"
pathType: ImplementationSpecific
tls:
- secretName: hydra-admin-tls
host:
- radar-k3s-test.thehyve.net
- secretName: radar-base-tls
hosts:
- localhost
public:
enabled: true
className: "nginx"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: radar-k3s-test.thehyve.net
- host: localhost
paths:
- path: "/hydra/?(.*)"
pathType: ImplementationSpecific
tls:
- secretName: hydra-public-tls
hosts:
- radar-k3s-test.thehyve.net
- localhost
hydra:
automigration:
enabled: true
config:
urls:
self:
issuer: https://radar-k3s-test.thehyve.net/hydra/
login: https://radar-k3s-test.thehyve.net/hydra-ui/login
consent: https://radar-k3s-test.thehyve.net/hydra-ui/consent
issuer: https://localhost/hydra/
login: https://localhost/login
consent: https://localhost/hydra-ui/consent

log:
level: debug
format: text
leak_sensitive_values: true


#https://www.ory.sh/docs/hydra/reference/configuration
leak_sensitive_values: false
34 changes: 33 additions & 1 deletion helmfile.d/10-managementportal.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,8 @@ releases:
- name: ingress.public.tls[0].hosts
values:
- {{ .Values.server_name }}
- name: kratos.config.oauth2_provider.url
value: http://hydra:4445

- name: kratos-selfservice-ui-node
chart: radar/kratos-selfservice-ui-node
Expand Down Expand Up @@ -178,8 +180,28 @@ releases:
- "../etc/hydra/values.yaml"
- {{ .Values.hydra | toYaml | indent 8 | trim }}
set:
- name: serverName
value: {{ .Values.server_name }}
- name: hydra.config.dsn
value: postgres://{{ .Values.management_portal.postgres.user }}:{{ .Values.management_portal.postgres.password }}@{{ .Values.management_portal.postgres.host }}:{{ .Values.management_portal.postgres.port }}/{{ .Values | get "hydra.jdbc.database" "hydra" }}
- name: hydra.config.urls.self.issuer
value: https://{{ .Values.server_name }}/hydra/
- name: hydra.config.urls.login
value: https://{{ .Values.server_name }}/kratos-ui/login
- name: hydra.config.urls.logout
value: https://{{ .Values.server_name }}/kratos-ui/logout
- name: hydra.config.urls.consent
value: https://{{ .Values.server_name }}/kratos-ui/consent
- name: ingress.public.hosts[0].host
value: {{ .Values.server_name }}
- name: ingress.admin.tls[0].hosts
values:
- {{ .Values.server_name }}
- name: ingress.admin.hosts[0].host
value: {{ .Values.server_name }}
- name: ingress.public.tls[0].hosts
values:
- {{ .Values.server_name }}

- name: hydra-ui
chart: ory/example-idp
Expand All @@ -188,4 +210,14 @@ releases:
timeout: {{ add .Values.base_timeout .Values.hydra_ui._extra_timeout }}
values:
- "../etc/hydra-ui/values.yaml"
- {{ .Values.hydra_ui | toYaml | indent 8 | trim }}
- {{ .Values.hydra_ui | toYaml | indent 8 | trim }}
set:
- name: baseUrl
value: https://{{ .Values.server_name }}/hydra-ui/
- name: serverName
value: {{ .Values.server_name }}
- name: ingress.tls[0].hosts
values:
- {{ .Values.server_name }}
- name: ingress.rules[0].host
value: {{ .Values.server_name }}

0 comments on commit 2d6e8eb

Please sign in to comment.