shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d57a177167147a12037bec422fdfc7fdedc35dcb
auricom-home-cluster/kubernetes/apps/default/glauth
History
feisar-bot d57a177167 ⬆️ Update chart app-template to 1.5.1 
| datasource | package      | from  | to    |
| ---------- | ------------ | ----- | ----- |
| helm       | app-template | 1.4.0 | 1.5.1 |
2023-06-30 21:43:28 +02:00
..
app
⬆️ Update chart app-template to 1.5.1
2023-06-30 21:43:28 +02:00
ks.yaml
readme.md

readme.md

glAuth

Repo configuration

  1. Add/Update .vscode/extensions.json

    {
    "files.associations": {
        "**/cluster/**/*.sops.toml": "plaintext"
    }
}

  2. Add/Update .gitattributes

    *.sops.toml linguist-language=JSON

  3. Add/Update .sops.yaml

    - path_regex: cluster/.*\.sops\.toml
    key_groups:
    - age:
        - age1hhurqwmfvl9m3vh3hk8urulfzcdsrep2ax2neazqt435yhpamu3qj20asg

App Configuration

Below are the decrypted versions of the sops encrypted toml files.

passbcrypt can be generated on CyberChef

  1. server.sops.toml

    debug = true
[ldap]
    enabled = true
    listen = "0.0.0.0:389"
[ldaps]
    enabled = false
[api]
    enabled = true
    tls = false
    listen = "0.0.0.0:5555"
[backend]
    datastore = "config"
    baseDN = "dc=home,dc=arpa"

  2. groups.sops.toml

    [[groups]]
    name = "svcaccts"
    gidnumber = 6500
[[groups]]
    name = "admins"
    gidnumber = 6501
[[groups]]
    name = "people"
    gidnumber = 6502

  3. users.sops.toml

    [[users]]
    name = "search"
    uidnumber = 5000
    primarygroup = 6500
    passbcrypt = ""
    [[users.capabilities]]
        action = "search"
        object = "*"
[[users]]
    name = "<name>"
    mail = ""
    givenname = "<Name>"
    sn = "<sn>"
    uidnumber = <uid>
    primarygroup = <gid>
    othergroups = [ <gid> ]
    passbcrypt = ""