pomerium Changeset - 1d3d12b7cf6d

Changeset - 1d3d12b7cf6d

Parent rev.

Child rev.

[Not reviewed]

default

1 1 0

drewp@bigasterisk.com - 16 months ago 2023-06-22 05:57:20
drewp@bigasterisk.com

move pom cert into make_global.py to share some vars

2 files changed with 18 insertions and 12 deletions:

config/60-auth-cert.yaml

make_global.py

0 comments (0 inline, 0 general)

config/60-auth-cert.yaml

➞

Show inline comments

deleted file

make_global.py

➞

Show inline comments

@@ @@ -50,24 +50,42 @@ config = { @@
                 "openid",
                 "email",
                 "profile"  # adds name+locale to user details
             ],
             'secret': "pomerium/idp"
         },
 #        'storage': {
 #            'postgres': {
 #                'secret': "pomerium/postgres-connection-key"
 #            }
 #        },
+    }
 def pomCert():
     return {
   "apiVersion": "cert-manager.io/v1",
   "kind": "Certificate",
   "metadata": {
     "name": POM_CERT_NAME,
     "namespace": "pomerium"
   },
   "spec": {
     "dnsNames": [
       AUTH_HOST
     ],
     "issuerRef": {
       "kind": "ClusterIssuer",
       "name": "letsencrypt-dns-prod"
     },
     "secretName": "pomerium-proxy-tls"
+  }
+}
 # Old note: pom won't start up if this cert doesn't exist, so you have to run once
 # with it commented out, then after cert success, run again with it enabled.
 config['spec']['certificates'] = [
     # retryGetSuffixedName() # it appear this is a temporary cert and we should set the line below then wait a few minutes
     'pomerium/pomerium-proxy-tls'
+]
 sys.stderr.write('\n')

0 comments (0 inline, 0 general)