Add iOS redirect URI and JWT secret to Helm chart
Add backend.oidc.iosRedirectUri (default: timetracker://oauth/callback) and backend.jwt.secret to values.yaml and wire them into the backend deployment as OIDC_IOS_REDIRECT_URI and JWT_SECRET env vars. Update NOTES.txt to surface both values post-install.
This commit is contained in:
@@ -33,8 +33,13 @@ IMPORTANT NOTES:
|
||||
- Set postgresql.url in values.yaml to point to your existing database.
|
||||
- Make sure to change the OIDC configuration in values.yaml
|
||||
- Change the SESSION_SECRET from the default value for production
|
||||
- Set backend.jwt.secret to a dedicated secret in production (falls back to SESSION_SECRET if empty)
|
||||
- Configure ingress host and TLS settings for your environment
|
||||
|
||||
OIDC Configuration Required:
|
||||
issuerUrl: {{ .Values.backend.oidc.issuerUrl | default "NOT SET - REQUIRED" }}
|
||||
clientId: {{ .Values.backend.oidc.clientId | default "NOT SET - REQUIRED" }}
|
||||
issuerUrl: {{ .Values.backend.oidc.issuerUrl | default "NOT SET - REQUIRED" }}
|
||||
clientId: {{ .Values.backend.oidc.clientId | default "NOT SET - REQUIRED" }}
|
||||
iosRedirectUri: {{ .Values.backend.oidc.iosRedirectUri }}
|
||||
|
||||
JWT (iOS Bearer auth):
|
||||
jwt.secret: {{ if .Values.backend.jwt.secret }}(set){{ else }}NOT SET - falling back to session.secret{{ end }}
|
||||
@@ -56,8 +56,12 @@ spec:
|
||||
value: {{ .Values.backend.oidc.clientId | quote }}
|
||||
- name: OIDC_REDIRECT_URI
|
||||
value: {{ (index .Values.ingress.hosts 0).host | printf "https://%s/api/auth/callback" | quote }}
|
||||
- name: OIDC_IOS_REDIRECT_URI
|
||||
value: {{ .Values.backend.oidc.iosRedirectUri | quote }}
|
||||
- name: SESSION_SECRET
|
||||
value: {{ .Values.backend.session.secret | quote }}
|
||||
- name: JWT_SECRET
|
||||
value: {{ .Values.backend.jwt.secret | quote }}
|
||||
- name: APP_URL
|
||||
value: {{ (index .Values.ingress.hosts 0).host | printf "https://%s" | quote }}
|
||||
ports:
|
||||
|
||||
Reference in New Issue
Block a user