TrueChartsClone/charts/stable/authelia/templates/_secrets.tpl

{{/* Define the secrets */}}
{{- define "authelia.secrets" -}}
---

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: authelia-secrets
{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}
{{- $oidckey := "" }}
{{- $oidcsecret := "" }}
{{- $jwtsecret := "" }}
{{- $sessionsecret := "" }}
{{- $encryptionkey := "" }}
data:
  {{- if $autheliaprevious }}
  SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY"  }}
  JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN"  }}
  {{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}
  ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY"  }}
  {{- else }}
  {{- $encryptionkey := randAlphaNum 100 }}
  ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
  {{- end }}
  {{- else }}
  {{- $jwtsecret := randAlphaNum 50 }}
  {{- $sessionsecret := randAlphaNum 50 }}
  {{- $encryptionkey := randAlphaNum 100 }}
  SESSION_ENCRYPTION_KEY: {{ $sessionsecret | b64enc }}
  JWT_TOKEN: {{ $jwtsecret | b64enc}}
  ENCRYPTION_KEY: {{ $encryptionkey | b64enc }}
  {{- end }}

  {{- if .Values.authentication_backend.ldap.enabled }}
  LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password | b64enc | quote }}
  {{- end }}

  {{- if .Values.notifier.smtp.enabled }}
  SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password | b64enc | quote }}
  {{- end }}

  {{- if .Values.duo_api.enabled }}
  DUO_API_KEY: {{ .Values.duo_api.plain_api_key | b64enc }}
  {{- end }}

  STORAGE_PASSWORD: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" | b64enc }}

  REDIS_PASSWORD: {{ .Values.redis.redisPassword | trimAll "\"" | b64enc }}
  {{- if .Values.redisProvider.high_availability.enabled}}
  REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword | trimAll "\"" | b64enc }}
  {{- end }}

  {{- if $autheliaprevious }}
  {{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}
  OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY"  }}
  OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}
  {{- else }}
  {{- $oidckey := genPrivateKey "rsa"   }}
  {{- $oidcsecret := randAlphaNum 32 }}
  OIDC_PRIVATE_KEY: {{ $oidckey | b64enc }}
  OIDC_HMAC_SECRET: {{ $oidcsecret | b64enc }}
  {{- end }}
  {{- end }}


{{- end -}}
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{/* Define the secrets */}}`
			`{{- define "authelia.secrets" -}}`
			`---`

			`apiVersion: v1`
			`kind: Secret`
			`type: Opaque`
			`metadata:`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00			`name: authelia-secrets`
			`{{- $autheliaprevious := lookup "v1" "Secret" .Release.Namespace "authelia-secrets" }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- $oidckey := "" }}`
			`{{- $oidcsecret := "" }}`
			`{{- $jwtsecret := "" }}`
			`{{- $sessionsecret := "" }}`
fix(apps): misc fixes 2021-12-03 22:10:11 +00:00			`{{- $encryptionkey := "" }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`data:`
			`{{- if $autheliaprevious }}`
			`SESSION_ENCRYPTION_KEY: {{ index $autheliaprevious.data "SESSION_ENCRYPTION_KEY" }}`
			`JWT_TOKEN: {{ index $autheliaprevious.data "JWT_TOKEN" }}`
fix(authelia): correct upgrade handling without encryption key 2021-12-05 23:57:57 +00:00			`{{- if ( hasKey $autheliaprevious.data "ENCRYPTION_KEY" ) }}`
			`ENCRYPTION_KEY: {{ index $autheliaprevious.data "ENCRYPTION_KEY" }}`
			`{{- else }}`
			`{{- $encryptionkey := randAlphaNum 100 }}`
fix(apps): Removed some double `b64enc` on autogenerated secrets, also some quotes off them. (#1937) * fix(anonaddy): only b64enc once * fix(pydio-cells): trim `"` from dbPass * chore(paperless-ng): don't quote secret * fix(linkace): don't quote secret * chore(librephotos): don't quote secret * chore(leantime): don't quote secret * chore(fireflyiii): don't quote secret * chore(authelia): dont quote secret 2022-02-22 23:10:13 +00:00			`ENCRYPTION_KEY: {{ $encryptionkey \| b64enc }}`
fix(authelia): correct upgrade handling without encryption key 2021-12-05 23:57:57 +00:00			`{{- end }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- else }}`
			`{{- $jwtsecret := randAlphaNum 50 }}`
			`{{- $sessionsecret := randAlphaNum 50 }}`
fix(apps): misc fixes 2021-12-03 22:10:11 +00:00			`{{- $encryptionkey := randAlphaNum 100 }}`
fix(apps): Removed some double `b64enc` on autogenerated secrets, also some quotes off them. (#1937) * fix(anonaddy): only b64enc once * fix(pydio-cells): trim `"` from dbPass * chore(paperless-ng): don't quote secret * fix(linkace): don't quote secret * chore(librephotos): don't quote secret * chore(leantime): don't quote secret * chore(fireflyiii): don't quote secret * chore(authelia): dont quote secret 2022-02-22 23:10:13 +00:00			`SESSION_ENCRYPTION_KEY: {{ $sessionsecret \| b64enc }}`
			`JWT_TOKEN: {{ $jwtsecret \| b64enc}}`
			`ENCRYPTION_KEY: {{ $encryptionkey \| b64enc }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- end }}`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- if .Values.authentication_backend.ldap.enabled }}`
Fix authelia ldap and smtp secrets 2021-09-01 15:14:17 +00:00			`LDAP_PASSWORD: {{ .Values.authentication_backend.ldap.plain_password \| b64enc \| quote }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- end }}`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- if .Values.notifier.smtp.enabled }}`
Fix authelia ldap and smtp secrets 2021-09-01 15:14:17 +00:00			`SMTP_PASSWORD: {{ .Values.notifier.smtp.plain_password \| b64enc \| quote }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- end }}`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- if .Values.duo_api.enabled }}`
			`DUO_API_KEY: {{ .Values.duo_api.plain_api_key \| b64enc }}`
			`{{- end }}`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00
(feat) Update Apps to use common-postgresql hooks (#1114) * (feat) bump common to use new common postgresql-hooks * bump postgresql as well * bump yet again * also process gitea * sogo * also add adaptations to gitea * bump postgresql * bump postgresql yet again * revert central defined existing secret * bump common... again * bumps * fix vaultwarden * encode authelia dbpassword secret correctly * remove useless container from nextcloud config * some cleanup * use lookup to grab the secret for authelia * try getting authelia to work * Fix quoting issues for autheliadb 2021-10-09 23:20:01 +00:00			`STORAGE_PASSWORD: {{ .Values.postgresql.postgresqlPassword \| trimAll "\"" \| b64enc }}`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00
feat(authelia): use our own redis chart (#1312) * feat(authelia): use our own redis chart * no message * hmm * no message * small nextcloud UI tweak 2021-11-12 21:12:20 +00:00			`REDIS_PASSWORD: {{ .Values.redis.redisPassword \| trimAll "\"" \| b64enc }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- if .Values.redisProvider.high_availability.enabled}}`
feat(authelia): use our own redis chart (#1312) * feat(authelia): use our own redis chart * no message * hmm * no message * small nextcloud UI tweak 2021-11-12 21:12:20 +00:00			`REDIS_SENTINEL_PASSWORD: {{ .Values.redis.sentinelPassword \| trimAll "\"" \| b64enc }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- end }}`
authelia try to patch more db-like vars 2021-08-31 20:30:32 +00:00
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- if $autheliaprevious }}`
fix: ensure oidc keys get generated on existing authelia installations 2021-09-14 15:51:39 +00:00			`{{- if and ( hasKey $autheliaprevious.data "OIDC_PRIVATE_KEY" ) ( hasKey $autheliaprevious.data "OIDC_HMAC_SECRET" ) }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`OIDC_PRIVATE_KEY: {{ index $autheliaprevious.data "OIDC_PRIVATE_KEY" }}`
fix: ensure oidc keys get generated on existing authelia installations 2021-09-14 15:51:39 +00:00			`OIDC_HMAC_SECRET: {{ index $autheliaprevious.data "OIDC_HMAC_SECRET" }}`
Add Authelia (#821) * Add Authelia Helm-Chart * Work on SCALE specific code * Finish SCALE GUI * fix broken updating on authelia * different 2021-08-28 11:37:53 +00:00			`{{- else }}`
			`{{- $oidckey := genPrivateKey "rsa" }}`
			`{{- $oidcsecret := randAlphaNum 32 }}`
			`OIDC_PRIVATE_KEY: {{ $oidckey \| b64enc }}`
			`OIDC_HMAC_SECRET: {{ $oidcsecret \| b64enc }}`
			`{{- end }}`
			`{{- end }}`


			`{{- end -}}`