simonfranken/timetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3fa13e1428a2ea5ce27decdefb6afe809e1e3785
timetracker/timetracker-chart/templates/NOTES.txt
Simon Franken f758aa2fcd Add iOS redirect URI and JWT secret to Helm chart 
Add backend.oidc.iosRedirectUri (default: timetracker://oauth/callback) and
backend.jwt.secret to values.yaml and wire them into the backend deployment
as OIDC_IOS_REDIRECT_URI and JWT_SECRET env vars. Update NOTES.txt to surface
both values post-install.
2026-02-20 11:17:18 +01:00

45 lines
2.7 KiB
Plaintext
Raw Blame History

CHART NAME: {{ .Chart.Name }}
CHART VERSION: {{ .Chart.Version }}
APP VERSION: {{ .Chart.AppVersion }}
** Please be patient while the chart is being deployed **
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
- http{{ if .Values.ingress.tls.enabled }}s{{ end }}://{{ (index .Values.ingress.hosts 0).host }}
{{- else if contains "NodePort" .Values.frontend.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "timetracker.fullname" . }}-frontend)
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.frontend.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "timetracker.fullname" . }}-frontend'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "timetracker.fullname" . }}-frontend --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP
{{- else if contains "ClusterIP" .Values.frontend.service.type }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "timetracker.fullname" . }}-frontend 8080:80
echo "Visit http://127.0.0.1:8080 to use your application"
{{- end }}
2. Check the status of the pods:
kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "timetracker.name" . }},app.kubernetes.io/instance={{ .Release.Name }}"
3. External PostgreSQL:
This chart requires an existing PostgreSQL database.
Configured connection: {{ .Values.postgresql.url }}
IMPORTANT NOTES:
- Ensure your external PostgreSQL database is reachable from within the cluster before installing.
- Set postgresql.url in values.yaml to point to your existing database.
- Make sure to change the OIDC configuration in values.yaml
- Change the SESSION_SECRET from the default value for production
- Set backend.jwt.secret to a dedicated secret in production (falls back to SESSION_SECRET if empty)
- Configure ingress host and TLS settings for your environment
OIDC Configuration Required:
issuerUrl: {{ .Values.backend.oidc.issuerUrl | default "NOT SET - REQUIRED" }}
clientId: {{ .Values.backend.oidc.clientId | default "NOT SET - REQUIRED" }}
iosRedirectUri: {{ .Values.backend.oidc.iosRedirectUri }}
JWT (iOS Bearer auth):
jwt.secret: {{ if .Values.backend.jwt.secret }}(set){{ else }}NOT SET - falling back to session.secret{{ end }}
Reference in New Issue View Git Blame Copy Permalink