FEAT(authelia): add jwks config for authelia oidc
- Mount jwks.pem from authelia-secrets - Configure JWKS with RS256 algorithm
This commit is contained in:
@@ -24,6 +24,8 @@ pod:
|
|||||||
items:
|
items:
|
||||||
- key: HEADLAMP_CLIENT_SECRET
|
- key: HEADLAMP_CLIENT_SECRET
|
||||||
path: HEADLAMP_CLIENT_SECRET
|
path: HEADLAMP_CLIENT_SECRET
|
||||||
|
- key: identity_providers.oidc.jwks.key
|
||||||
|
path: jwks.pem
|
||||||
extraVolumeMounts:
|
extraVolumeMounts:
|
||||||
- name: users-database
|
- name: users-database
|
||||||
mountPath: /config/users_database.yml
|
mountPath: /config/users_database.yml
|
||||||
@@ -33,6 +35,10 @@ pod:
|
|||||||
mountPath: /secrets/HEADLAMP_CLIENT_SECRET
|
mountPath: /secrets/HEADLAMP_CLIENT_SECRET
|
||||||
subPath: HEADLAMP_CLIENT_SECRET
|
subPath: HEADLAMP_CLIENT_SECRET
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- name: oidc-secrets
|
||||||
|
mountPath: /secrets/jwks.pem
|
||||||
|
subPath: jwks.pem
|
||||||
|
readOnly: true
|
||||||
|
|
||||||
# ConfigMap configuration
|
# ConfigMap configuration
|
||||||
configMap:
|
configMap:
|
||||||
@@ -85,6 +91,12 @@ configMap:
|
|||||||
identity_providers:
|
identity_providers:
|
||||||
oidc:
|
oidc:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
jwks:
|
||||||
|
- key_id: 'main'
|
||||||
|
algorithm: 'RS256'
|
||||||
|
use: 'sig'
|
||||||
|
key:
|
||||||
|
path: /secrets/jwks.pem
|
||||||
cors:
|
cors:
|
||||||
endpoints:
|
endpoints:
|
||||||
- authorization
|
- authorization
|
||||||
|
|||||||
Reference in New Issue
Block a user