From 10a1b406fa649336290fd204b43edce85effec84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Tue, 29 Aug 2023 11:36:15 +0200 Subject: [PATCH] fix --- share/wildduck/application.tf | 7 --- share/wildduck/index.yaml | 96 +++++++++++++++++------------------ share/wildduck/scim.tf | 17 +++++++ 3 files changed, 65 insertions(+), 55 deletions(-) diff --git a/share/wildduck/application.tf b/share/wildduck/application.tf index 5bf1545..7bed5ed 100644 --- a/share/wildduck/application.tf +++ b/share/wildduck/application.tf @@ -28,10 +28,3 @@ resource "authentik_policy_binding" "prj_access_vynil" { group = data.authentik_group.akadmin.id order = 1 } - -data "kubernetes_secret_v1" "authentik" { - metadata { - name = "authentik" - namespace = "${var.domain}-auth" - } -} diff --git a/share/wildduck/index.yaml b/share/wildduck/index.yaml index d0b5e6f..8c8d3b6 100644 --- a/share/wildduck/index.yaml +++ b/share/wildduck/index.yaml @@ -6,50 +6,20 @@ metadata: name: wildduck description: null options: + sub-domain: + default: mail + examples: + - mail + type: string issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string - additional-domains: - default: [] - items: - type: string - type: array - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings + domain: + default: your-company examples: - - enable: false - endpoint: '' - key-id-key: s3-id - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com + - your-company type: string ingress-class: default: traefik @@ -265,16 +235,6 @@ options: type: string type: object type: object - domain: - default: your-company - examples: - - your-company - type: string - sub-domain: - default: mail - examples: - - mail - type: string redis: default: exporter: @@ -308,6 +268,46 @@ options: default: 2Gi type: string type: object + additional-domains: + default: [] + items: + type: string + type: array + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object + domain-name: + default: your_company.com + examples: + - your_company.com + type: string dependencies: - dist: null category: dbo diff --git a/share/wildduck/scim.tf b/share/wildduck/scim.tf index 67ae24e..915043f 100644 --- a/share/wildduck/scim.tf +++ b/share/wildduck/scim.tf @@ -1,3 +1,10 @@ +data "kubernetes_secret_v1" "authentik" { + metadata { + name = "authentik" + namespace = "${var.domain}-auth" + } +} + data "authentik_property_mapping_scim" "user" { managed = "goauthentik.io/providers/scim/user" } @@ -14,6 +21,16 @@ resource "authentik_provider_scim" "scim" { property_mappings_group = [data.authentik_property_mapping_scim.group.id] } + +// Work-around missing features in the provider +locals { + authentik-token = data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"] + request_headers = { + "Content-Type" = "application/json" + Authorization = "Bearer ${local.authentik-token}" + } +} + provider "restapi" { uri = "http://authentik.${var.domain}-auth.svc/api/v3/" headers = local.request_headers