forked from hswaw/hscloud
app/matrix: bump oauth2-cas-proxy for service_url security
This commit is contained in:
parent
9ab9f61a67
commit
aa0e755389
1 changed files with 3 additions and 1 deletions
|
@ -3,6 +3,7 @@
|
|||
# kubectl -n matrix create secret generic synapse --from-literal=postgres_password=$(pwgen 24 1)
|
||||
# kubectl -n matrix create secret generic oauth2-cas-proxy --from-literal=oauth2_secret=...
|
||||
# kubectl -n matrix create secret generic appservice-irc-freenode-registration --from-file=registration.yaml=<(kubectl logs -n matrix $(kubectl get pods -n matrix --selector=job-name=appservice-irc-freenode-bootstrap --output=jsonpath='{.items[*].metadata.name}') | tail -n +4)
|
||||
# TODO: /appservices/*/registration.yaml needs to be copied into /data/appservices/*.yaml manually
|
||||
|
||||
local kube = import "../../kube/kube.libsonnet";
|
||||
local postgres = import "../../kube/postgres.libsonnet";
|
||||
|
@ -18,7 +19,7 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
|
||||
synapseImage: "matrixdotorg/synapse:v0.99.4",
|
||||
riotImage: "bubuntux/riot-web:v1.1.2",
|
||||
casProxyImage: "registry.k0.hswaw.net/informatic/oauth2-cas-proxy:0.1.3"
|
||||
casProxyImage: "registry.k0.hswaw.net/informatic/oauth2-cas-proxy:0.1.4"
|
||||
},
|
||||
|
||||
metadata(component):: {
|
||||
|
@ -76,6 +77,7 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
},
|
||||
env_: {
|
||||
BASE_URL: "https://matrix.hackerspace.pl",
|
||||
SERVICE_URL: "https://matrix.hackerspace.pl",
|
||||
OAUTH2_CLIENT: "matrix",
|
||||
OAUTH2_SECRET: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } },
|
||||
},
|
||||
|
|
Loading…
Reference in a new issue