K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CHORE(authelia): Remove immich OIDC client

Browse Source 
- Remove IMMICH_CLIENT_SECRET from extraVolumes/extraVolumeMounts
- Remove immich OIDC client configuration
- Immich application removed

CHORE(authelia): Remove IMMICH_CLIENT_SECRET from ExternalSecret
This commit is contained in:
Mayne0213
2026-01-08 18:09:55 +09:00
parent 870eea8664
commit 8f449666b5
2 changed files with 0 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
authelia/helm-values.yaml
View File

@@ -25,8 +25,6 @@ pod:
path: HEADLAMP_CLIENT_SECRET path: HEADLAMP_CLIENT_SECRET
- key: VAULT_CLIENT_SECRET - key: VAULT_CLIENT_SECRET
path: VAULT_CLIENT_SECRET path: VAULT_CLIENT_SECRET
- key: IMMICH_CLIENT_SECRET
path: IMMICH_CLIENT_SECRET
- key: identity_providers.oidc.jwks.key - key: identity_providers.oidc.jwks.key
path: jwks.pem path: jwks.pem
extraVolumeMounts: extraVolumeMounts:
@@ -42,10 +40,6 @@ pod:
mountPath: /secrets/VAULT_CLIENT_SECRET mountPath: /secrets/VAULT_CLIENT_SECRET
subPath: VAULT_CLIENT_SECRET subPath: VAULT_CLIENT_SECRET
readOnly: true readOnly: true
- name: oidc-secrets
mountPath: /secrets/IMMICH_CLIENT_SECRET
subPath: IMMICH_CLIENT_SECRET
readOnly: true
- name: oidc-secrets - name: oidc-secrets
mountPath: /secrets/jwks.pem mountPath: /secrets/jwks.pem
subPath: jwks.pem subPath: jwks.pem
@@ -146,21 +140,6 @@ configMap:
- email - email
- groups - groups
token_endpoint_auth_method: client_secret_post token_endpoint_auth_method: client_secret_post
- client_id: immich
client_name: Immich
client_secret:
path: /secrets/IMMICH_CLIENT_SECRET
public: false
authorization_policy: one_factor
redirect_uris:
- https://immich0213.kro.kr/auth/login
- https://immich0213.kro.kr/user-settings
- app.immich:///oauth-callback
scopes:
- openid
- profile
- email
token_endpoint_auth_method: client_secret_post
# Secret configuration - use existing secret from Vault # Secret configuration - use existing secret from Vault
secret: secret:

5
authelia/manifests/secret.yaml
View File

@@ -52,8 +52,3 @@ spec:
remoteRef: remoteRef:
key: authelia key: authelia
property: VAULT_CLIENT_SECRET property: VAULT_CLIENT_SECRET
# Immich OIDC client secret
- secretKey: IMMICH_CLIENT_SECRET
remoteRef:
key: authelia
property: IMMICH_CLIENT_SECRET