diff --git a/openproject/secret.yaml b/openproject/secret.yaml index e1aa4d4..bc55e3e 100644 --- a/openproject/secret.yaml +++ b/openproject/secret.yaml @@ -6,9 +6,11 @@ metadata: labels: app.kubernetes.io/name: openproject-secret app.kubernetes.io/part-of: openproject -data: - clientId: ENC[AES256_GCM,data:0wOW8ShKuySyE/4YB8Z85bjZrXNQNRD2667Ex8DnCLWPPSlTeC2lGTJqJU15C+lu/sH42tPMkwU=,iv:yTjzkoI6HP44qyivl3P4nm5AhehrFRTEyHl0Da6g1Yc=,tag:vacZEXyA6UMdABmwg302pg==,type:str] - clientSecret: ENC[AES256_GCM,data:waV+v7EAFxxoPRum8LUqZytX9xIUqnUYcjca2kaw84z+8x+iAG91IGc22ZFzabrbVn/CMX9KTbcubuPc+d9hIYiKWnjbGZzNOHqiWwOynFgF3Mpv+qN6CxmOZf82v6A9o6tFi2/zNrxrByD6cH6C+1+VpT4qmKf7C5oARJGboV3lejUVmksEdK2t32m17js9b68ksraN74mtJzGztVv/O+fujSpG5/RdheZ5Uw==,iv:2TIM8rY6kTieUWLY6FIjYGyihK9N2PIJPWkOUEXiklg=,tag:bPWPFuwjHdDtsCxxS5Q2sA==,type:str] +stringData: + OPENPROJECT_OPENID__CONNECT_AUTHENTIK_IDENTIFIER: ENC[AES256_GCM,data:YRSk6WbIi03tMl5PE+jVeWUjiEsMogGSjcd71DWmdhrs9hx0gHz/6Q==,iv:9a5cATFe+sGFVvIcIq702XZpWbwCpkEgbHL04WC73RU=,tag:t/TAeA5lkVS4V5EWZjP96w==,type:str] + OPENPROJECT_OPENID__CONNECT_AUTHENTIK_SECRET: ENC[AES256_GCM,data:iP1vQTVCS9iB5qBvsT4HCpXg/7vEaqEvMBG8pkjapx7fwdzUvPnumqT/4kjT2A0G0B8hvbNbLXlBx3u3bznUjFCyQXizDmsP7y5IewtQD9x1Gjcc/3PyijUauXTIYt3DjjhJqStiDsc855LGbdBukowdQNZwTdHGYkEmZmlyNnw=,iv:msO6nSphjMFwnRZ+bzyPJDOMfAVMpYzf6bXq6m5OYJU=,tag:zxYWhn3zXHKdGNwyAoOq6g==,type:str] + OPENPROJECT_FOG_CREDENTIALS_AWS__ACCESS__KEY__ID: ENC[AES256_GCM,data:d4kh/eBE35VT5dE3oIAQiIIaC54=,iv:0/Tvwi5zWHetytYPWsSTEcVX8cc7MjwQQpgD2j/2blg=,tag:WTuGgku1aQYcChf1dTShBw==,type:str] + OPENPROJECT_FOG_CREDENTIALS_AWS__SECRET__ACCESS__KEY: ENC[AES256_GCM,data:MrOc+zr6qkv+55vjuCciijW1bnjKyjxr0mbbH/IajNjMvDIVqq7GDg==,iv:0+GBZuWA6t5Pp5gKeIczrFKdTYMznV2fTSuJxS/y6Do=,tag:zq9QtqFANlUFJL737Sa8jw==,type:str] type: Opaque sops: kms: [] @@ -34,50 +36,8 @@ sops: cEk2ZEp3UzArK1NEL0E2Zkwzd1dnMW8KWWQ861ukoDUh7l1iFBnnrsInQWfeYgD9 d1y8yHr1kLZX66xg9erbaQbA+xtRRD+5sctypxJWPNkDO+rW+pfrAQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-06T20:12:29Z" - mac: ENC[AES256_GCM,data:K9EFJwzgr/GjUFEgTzvI6J5RJyT5k0emBOEFqbdM2yAjBX/xsyrTz3IV/fsBDzNvFKjpKBb4goqoh42Ezs23TGblYnzmGo1EJQGTWKNtp3VdaPihgzzUnL7yjYyula+GaMlTM3zL4XySLne1jjmfXVsPywTbktRTXb1hqSOy3tw=,iv:sMW4f1j+uEWRqROc/npnCw6qSzDfGR4fl8X2z5h85tM=,tag:ScoBCZH0ILu5C7hwhSXfeA==,type:str] - pgp: [] - encrypted_regex: ^(data|stringData)$ - version: 3.9.0 ---- -apiVersion: v1 -kind: Secret -metadata: - name: openproject-objectstorage - namespace: openproject - labels: - app.kubernetes.io/name: openproject-objectstorage - app.kubernetes.io/part-of: openproject -data: - accessKeyId: ENC[AES256_GCM,data:DOrWAOQtyzQmTW7MLdVNvFfkGeQ4xufBY+B0eQ==,iv:goAohxqv7n5fWwzCuCQTSJt5brqmX58dn0w4eme093I=,tag:8RLbaVUx5LU9B6H4cEjcCA==,type:str] - secretAccessKey: ENC[AES256_GCM,data:plv3hYRwtmK3rnMa7xGobX/ZxFCgy4Ikb22uOG5EG907TZjsMVKKB05crMPXzB5qUy/pOf83AVo=,iv:QiFIhR6npXKBF7DkolGQBB4nm35MZcNjKodupclG3ks=,tag:BkHqAyIHEmhqfzXcEmA1Hw==,type:str] -type: Opaque -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age14uxgmvw26e7f82gkvxl0zwnfc5l75rdn5sms4zj0xrtrnlgn4qlsqh3kkt - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSByT0xDY1ZMNUtydlZqNyt4 - RGZhYTJCaTdoaUNDcUU3c2djUFFrb1NPWmdBClM4ZXZ6aUU0WU1NdmFLYWlHUVBy - VlU0VlZnRnQwenJPdGRSTFBac1ZlSTgKLS0tIGowNGZBZjgyMGxJbTZvOWRLS2Jr - ZTczeDVvYytjK0dzUDY0QXdaUlVyN3cKM+tC9agxFrnjpfPXoNXxCinTNXJ2gHyO - xmkLs958EAJZ8LuFfne01Sak/7ojRny+PzKb9TudIggCUoxAW8S0+w== - -----END AGE ENCRYPTED FILE----- - - recipient: age1z5wtjmk0jw0j9qz9k5rrnp30nzqxrl3v6wgl7eryvqus28zekp4qpx9jc2 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAxU2dyTnc3eCtSNFVBeFQ3 - bTFndGdUYXVTdnpnRTJVQjI3Z0RRZ0FkQzJ3CjZ6ZHBpU2w1MDRFUzJQL1FKS1Ex - N011MUcyY0hlV0lYREo3Tmhhc1NXZG8KLS0tIGZpa3IyU244OXRGZ1hQdVlJbzZr - cEk2ZEp3UzArK1NEL0E2Zkwzd1dnMW8KWWQ861ukoDUh7l1iFBnnrsInQWfeYgD9 - d1y8yHr1kLZX66xg9erbaQbA+xtRRD+5sctypxJWPNkDO+rW+pfrAQ== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-06T20:12:29Z" - mac: ENC[AES256_GCM,data:K9EFJwzgr/GjUFEgTzvI6J5RJyT5k0emBOEFqbdM2yAjBX/xsyrTz3IV/fsBDzNvFKjpKBb4goqoh42Ezs23TGblYnzmGo1EJQGTWKNtp3VdaPihgzzUnL7yjYyula+GaMlTM3zL4XySLne1jjmfXVsPywTbktRTXb1hqSOy3tw=,iv:sMW4f1j+uEWRqROc/npnCw6qSzDfGR4fl8X2z5h85tM=,tag:ScoBCZH0ILu5C7hwhSXfeA==,type:str] + lastmodified: "2024-11-06T20:53:34Z" + mac: ENC[AES256_GCM,data:3LaUkQy4IViYIjKHOJ71pIcPipv3p44ENAd31270uGsZNmOAlGqPcylF7Dlc475UfKrHXAZaagGKF80VkTaE6xca+Uq9ihUg0U5ovLyVbxBXMEjmycCBJXaKry17kju3eQec5dinqEBQ7+uU39lSKdhGPPvbZDYxu3WeZBWzrSQ=,iv:VN+W6S8t9RW06DnSoo+AY630bo4PVF027qtanv2YRh8=,tag:urMNwqclobcL7bxCJY5NbA==,type:str] pgp: [] encrypted_regex: ^(data|stringData)$ version: 3.9.0 diff --git a/openproject/values.yaml b/openproject/values.yaml index 49f5316..eb5b6b6 100644 --- a/openproject/values.yaml +++ b/openproject/values.yaml @@ -19,12 +19,12 @@ workers: default: replicas: 2 openproject: + extraEnvVarsSecret: openproject-secret oidc: enabled: true provider: authentik displayName: aaronID host: auth.ar21.de - existingSecret: openproject-secret identifier: null secret: null userinfoEndpoint: /application/o/userinfo/ @@ -32,15 +32,10 @@ openproject: authorizationEndpoint: /application/o/authorize/ endSessionEndpoint: /application/o/openproject/end-session/ scope: "[openid email profile]" - secretKeys: - identifier: "clientId" - secret: "clientSecret" persistence: enabled: false s3: enabled: true - auth: - existingSecret: openproject-objectstorage region: fsn1 bucketName: openproject endpoint: https://fsn1.your-objectstorage.com