FEAT(authelia): add jwks config for authelia oidc

- Mount jwks.pem from authelia-secrets - Configure JWKS with RS256 algorithm
2026-01-02 19:40:37 +09:00
parent ef31735060
commit 0be0f4cb5a
1 changed files with 12 additions and 0 deletions
--- a/authelia/helm-values.yaml
+++ b/authelia/helm-values.yaml
@@ -24,6 +24,8 @@ pod:
        items:
          - key: HEADLAMP_CLIENT_SECRET
            path: HEADLAMP_CLIENT_SECRET
+          - key: identity_providers.oidc.jwks.key
+            path: jwks.pem
  extraVolumeMounts:
    - name: users-database
      mountPath: /config/users_database.yml
@@ -33,6 +35,10 @@ pod:
      mountPath: /secrets/HEADLAMP_CLIENT_SECRET
      subPath: HEADLAMP_CLIENT_SECRET
      readOnly: true
+    - name: oidc-secrets
+      mountPath: /secrets/jwks.pem
+      subPath: jwks.pem
+      readOnly: true

 # ConfigMap configuration
 configMap:
@@ -85,6 +91,12 @@ configMap:
  identity_providers:
    oidc:
      enabled: true
+      jwks:
+        - key_id: 'main'
+          algorithm: 'RS256'
+          use: 'sig'
+          key:
+            path: /secrets/jwks.pem
      cors:
        endpoints:
          - authorization