Add OIDC to freshrss
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Tyler Perkins 2023-11-10 13:23:43 -05:00
parent ccfc77187c
commit 4bd4de728b
2 changed files with 47 additions and 0 deletions

View File

@ -16,6 +16,35 @@ spec:
containers: containers:
- name: freshrss - name: freshrss
image: linuxserver/freshrss image: linuxserver/freshrss
env:
- name: OIDC_ENABLED
value: TRUE
- name: OIDC_REMOTE_USER_CLAIM
value: preferred_username
- name: OIDC_SCOPES
value: "openid profile"
- name: OIDC_X_FORWARDED_HEADERS
value: "X-Forwarded-Host X-Forwarded-Port X-Forwarded-Proto"
- name: OIDC_PROVIDER_METADATA_URL
valueFrom:
secretKeyRef:
name: freshrss-oidc
key: metadata-url
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: freshrss-oidc
key: client-id
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: freshrss-oidc
key: client-secret
- name: OIDC_CLIENT_CRYPTO_KEY
valueFrom:
secretKeyRef:
name: freshrss-oidc
key: crypto-key
ports: ports:
- containerPort: 80 - containerPort: 80
volumeMounts: volumeMounts:

View File

@ -0,0 +1,18 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: freshrss-oidc-config
namespace: freshrss-ns
spec:
encryptedData:
OIDC_CLIENT_CRYPTO_KEY: AgAXVFKET2896vplk8EB1NtSBahDBSyXjnoRhyD3ZsIKSyoO2dkxRuBA9h6lYikIDnmD31LBE8Onu1KOnsEOg0HFLYls80VEGZhn3Dq9KmLxZvDvSORLMXa0bXD1oDSN1RWeNTcGBFOswkyXgJITpvU0rt8w5g1isr6A+g0JrLV7BG/OHZxy+D7VE6QZfFu+xlz64J0TUn5z6wHxU5asHzmiBdn3mxhMvoYv8KdvNDfpm2hKPvp2sJL7TBrp/GXqm2rT7kaYjGqc7Jm48PyLif3UajUrGpPR0Hjraox7cYkAFebmtepbqFZkoRZpfwY6fxObdlsgmknam9EE4/7ZFc+QJzXm1utTWL6s8v1WidB8ily1Bh6zXFLv2eLw+7q2V/0xxW+WQCV8jNEQaeqO2kA6Ch2lh4OIK4cp5Qgq6XeX6EoccLykO0toFkBNn4UkJ72CCSi5FZJqPNZU7Gu5FihrpGfOvmbLQzVoHNTyuVF7qtOj11EvI1TDgQLc0tu78cdcB2VemgRLMpoffWCr01toW34FwYrt3gOsZUK+WRoT+TAPhzv2mfHd94BMH2DnoLHIkz+VH5qmR0CsTq8dUYCw5M8AjdaTPw38NqUfbvrbJl5+dSRMxQ4Sm/6GEQPLoM7LEAn/mTSwy27EePJKEfZbhfu9xqzKLQB3VsEF/rdl/IVdsk3KMqZZbVY/AlYJIGf1ohdv3gbSssTmPIDHWhEbXMQv+++kbK+rNqxqq2v7ig==
OIDC_CLIENT_ID: AgBs+WyhEc7xDbkrxL0s+/PbNYbA9NQ0cCgiOH3UrufaA6+0l5obAZvITlq7jaDhKdc32NtKzz9bbB/MrLK0UienxiUg28f/ta/H2jpMzljzroxDIgNylZeNG/txrh8/jGnmbs5pKxbX5GsEzXBaSgb0QJ0IdQyit1W1vv/fFFxifCoABczS7VNfiYynJazp2G+Bq1U5EiyZDrjgu37f0h2v9VwBRf25p5W+v1AjSto73jmyTHlmEVPVlaft+4iBDRdDrarHRkgFCFl8mwIcGNWZreVM1/Uzdc5EZ6AU5gVtDMAKiIUT5X2CznseIbhPDSqc9WNwLKEsKWhXlGg17CpvmjG91P6SUXQsNGUJWGfrOeQuKt2mO/C9OhF+H1HuzSMa1NjgA5VRPeT529MY9Gw4gGO5+4ykpLw1BvHisA5Ia7VqieN6RB9VKKIkKr/ITpwjtkiBmuv3oGL+QKAihUwn0Tso8BhyufMM+O6iLnOCesi9dbgI0DeVEof3U3cQNDc/iuhtaesphK6+rNEq7kEfnXAzVoIfbCTvm1d799WYJSYBB6K/OZ9SGwGIoBcxDeEHw1OvBkqE1g807sV/VW1GbRj97xSXtEh7uJcevei2mBwSIICrmI4Yz3OF8IzVzPYjra/8hiIa19WW7SMMN1/oEZXw6G39zUETgKceV2fleIsUOoNQ+UQ92a6Y2UF92UHeIZVKCxE5lT4gcD5QxAChB/XQOE4sB1LceeCb6QBrGitrdBTpU2Yd
OIDC_CLIENT_SECRET: AgBy4M5GzoYXjDQ12DCgbfJ+mLCInGl73lP+NnpzEcccgqrKbPtjL++8GK758irKhtEvi3A5K/FPEjYHltQcrNcDDTZesmXE/Taiawc/s5o1npP9dQoHdFonKJsTFQ/BeOaoRExNTLC3Zz9Ubu2uw2Dd4FU2dk6bHisjk4kDSNPmCAx2VOhxZ8ujc7dr/krTMdNFNCgAPo5v+x6JUsYBzc5s6ZwEs+NninDuXRw+x6wldvCRascdUUZoa7TutWmtUIMsPTszyHcU9inojs40MFodGhCmjufY+XzjjBk3uiVDJZAiyzDozlz5OnKzf0BKJsiMsXxFmHpeotXZwy2ubROQUdyLnKOjTDfI131lhm0FWr2K08rzjiMls1mv1Gyr/CgzJm++fssFxps0V+9IR8sVh/M47qCW9hbfQM6w9AwzpX6Nc1O9MVxSj5CaqW32YYthXGnLYXYyiizSljsSb0onnwnpub6y5v5YiFNKt0o/6MXAkJZtt5JM0adC44KHSQjh/J0XlDcSg4yI3h7ty/E/KaPSmWe6E+C9KNIn+GMoXQeX4h1IluuiemefccRfJWiAiRZO5s8h0SkMizVyrRQYuywOUFOvB4UW1kMjRY2T8P+ziejtg3OHarMY2+fHpMDE1jugym6ctiBU0NgsKhc1xBrC1dHdNVnBkzUos0bP3lanlrRKbo1wqJSsukPxH4iAvKOkSgnDQogg6RhB7/k1eLqNqCHB2iNn04e47jgSguSfgV22jk7gVNiBRIqcY/g8nIWV4LzOetUuYoXpLxPPg03kXPnEqg1OX48z2RJOKKcmv5RzoN0hEKEc4+5DIlfIUh/IMd3gCpDZHdPp59aJ72MyaOzh0Kyq1GhE9c53Jg==
OIDC_PROVIDER_METADATA_URL: AgBayKIOoT5PVqeWexksEMiiW4oytgM54qygSPkUpRbapso56pMzDwUHpdRib6WfIVUODCy3R6UjIXl47mYnSVjjgSz/boMj5aKVntp/1isP2nC+yl2vQlUWOlNAXBSbss5BAych9NiJT7JPn0SqB7id3ByBP/A9hah4bNkXxioiLGZ57h/qYI3hYLP+22ywfdB051tAZx3ytiZhNAIJUmUjjz4dMJOwxI2jCZ2A7d0liF1TpkSjafHZIOnG05S4AfIRWMeIP2+F3Ar8kdNAtH8bpfmzwWcCho4J4O4UTavR1CHaGxteyJAt56dl2+7iSvtdbMI2QKhr4v4fYKG5Kl2BJ8s0/dvrjZ6tRSengBK0ei6CLoXHo/eEc797gXNWD22Mw+OuhKaEAxjuF9VbcNJbF8kgQSniPBsAKe/NH0B66374iUzfJUa0mkoE8RuvJ/DKlREUMn4oZfxuD/lGVLzOopyQ73M+ukhLScUgqThBZITk67iSxK7HxIuV/unr4jSmtLepH1nNEZ335fqEBOpV2pw92S0Fw0YKSr3iXGy4/x8agBiXCfPOMa7/1B6ekk5gHdi3BBL/PS1NPb/q4V2yGgzPq6f8ZKZjQ3Q7VgCf3x4ybg+unAZlFoC/qV5Bfd3vUNcWXnsFLIXcfykme/NrNp+ScuXUVAmb1bWxMhV60Jb0zXcaC0gSMuSbkFvNKX8BaGr1QFUBLTyg4712vpH8N4F3mYfDTGhzD5QGF1njBkpAuZyeOFRtU/SUsfidgDMhivmgnN41hpPxBo9GmD/MXYpZunXszkAhuJit4RMOHg==
template:
metadata:
creationTimestamp: null
name: freshrss-oidc-config
namespace: freshrss-ns
---