Back to prev configuration before oidc

2025-07-17 04:39:58 +03:00 · 2025-07-17 04:39:58 +03:00 · bf647e3834
commit bf647e3834
parent e704143db8
4 changed files with 0 additions and 68 deletions
--- a/manifests/extra-resources/nextcloud/external-secret.yaml
+++ b/manifests/extra-resources/nextcloud/external-secret.yaml
@ -1,21 +0,0 @@
 apiVersion: external-secrets.io/v1beta1
 kind: ExternalSecret
 metadata:
  name: keycloak-client-secret
  namespace: my-apps
 spec:
  refreshInterval: 1h
  secretStoreRef:
    name: vault-oidc-clients
    kind: ClusterSecretStore
  target:
    name: keycloak-client-secret
    template:
      engineVersion: v2
      data:
        keycloak-client-secret: "{{ .client_secret }}"
  data:
    - secretKey: client_secret
      remoteRef:
        key: oidc-clients/nextcloud-oidc
        property: client_secret
--- a/manifests/extra-resources/nextcloud/keycloak-post-install-cm.yaml
+++ b/manifests/extra-resources/nextcloud/keycloak-post-install-cm.yaml
@ -1,20 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: nextcloud-post-install
  namespace: my-apps
 data:
  keycloak-post-install.sh: |
    #!/bin/bash
    echo "🔐 Enabling sociallogin app..."
    occ app:install sociallogin || true
    occ app:enable sociallogin
    echo "🔐 Configuring Keycloak OIDC provider..."
    occ sociallogin:custom_oidc keycloak \
      --client-id="nextcloud" \
      --client-secret="$(cat /secrets/keycloak-client-secret)" \
      --issuer-uri="https://keycloak.dvirlabs.com/realms/dvirlabs" \
      --auto-provision 1 \
      --hide-login-form 0 \
      --scope="openid profile email"
--- a/manifests/extra-resources/nextcloud/keycloak-post-install.sh
+++ b/manifests/extra-resources/nextcloud/keycloak-post-install.sh
@ -1,13 +0,0 @@
 #!/bin/bash
 echo "🔐 Enabling sociallogin app..."
 occ app:install sociallogin || true
 occ app:enable sociallogin
 echo "🔐 Configuring Keycloak OIDC provider..."
 occ sociallogin:custom_oidc keycloak \
  --client-id="nextcloud" \
  --client-secret="$(cat /secrets/keycloak-client-secret)" \
  --issuer-uri="https://keycloak.dvirlabs.com/realms/dvirlabs" \
  --auto-provision 1 \
  --hide-login-form 0 \
  --scope="openid profile email"
--- a/manifests/nextcloud/values.yaml
+++ b/manifests/nextcloud/values.yaml
@ -24,20 +24,6 @@ nextcloud:
    - name: OVERWRITEPROTOCOL
      value: https
  extraVolumes:
    - name: keycloak-post-install
      configMap:
        name: nextcloud-post-install
    - name: keycloak-secret
      secret:
        secretName: keycloak-client-secret
  extraVolumeMounts:
    - name: keycloak-post-install
      mountPath: /docker-entrypoint-hooks.d/post-installation
    - name: keycloak-secret
      mountPath: /secrets
 internalDatabase:
  enabled: false