added OIDC

kisfenyo-system/guacamole.yaml

@@ -213,31 +213,31 @@ spec:
             - name: WEBAPP_CONTEXT
               value: "ROOT"
             #--- OpenID Connect (Authentik) ---
-            # - name: OPENID_AUTHORIZATION_ENDPOINT
+            - name: OPENID_AUTHORIZATION_ENDPOINT
-            #   value: "https://authentik.dooplex.hu/application/o/authorize/"
+              value: "https://authentik.dooplex.hu/application/o/authorize/"
-            # - name: OPENID_JWKS_ENDPOINT
+            - name: OPENID_JWKS_ENDPOINT
-            #   value: "https://authentik.dooplex.hu/application/o/guacamole/jwks/"
+              value: "https://authentik.dooplex.hu/application/o/guacamole/jwks/"
-            # - name: OPENID_ISSUER
+            - name: OPENID_ISSUER
-            #   value: "https://authentik.dooplex.hu/application/o/guacamole/"
+              value: "https://authentik.dooplex.hu/application/o/guacamole/"
-            # - name: OPENID_CLIENT_ID
+            - name: OPENID_CLIENT_ID
-            #   valueFrom:
+              valueFrom:
-            #     secretKeyRef:
+                secretKeyRef:
-            #       name: guacamole-secrets
+                  name: guacamole-secrets
-            #       key: openid-client-id
+                  key: openid-client-id
-            # - name: OPENID_REDIRECT_URI
+            - name: OPENID_REDIRECT_URI
-            #   value: "https://remote.dooplex.hu/"
+              value: "https://remote.dooplex.hu/"
-            # - name: OPENID_USERNAME_CLAIM_TYPE
+            - name: OPENID_USERNAME_CLAIM_TYPE
-            #   value: "preferred_username"
+              value: "preferred_username"
-            # - name: OPENID_GROUPS_CLAIM_TYPE
+            - name: OPENID_GROUPS_CLAIM_TYPE
-            #   value: "groups"
+              value: "groups"
-            # - name: OPENID_SCOPE
+            - name: OPENID_SCOPE
-            #   value: "openid email profile"
+              value: "openid email profile"
-            # # Show both DB login form AND OIDC button on login page
+            # Show both DB login form AND OIDC button on login page
-            # - name: EXTENSION_PRIORITY
+            - name: EXTENSION_PRIORITY
-            #   value: "*, openid"
+              value: "*, openid"
-            # # Auto-create Guacamole accounts for OIDC users
+            # Auto-create Guacamole accounts for OIDC users
-            # - name: POSTGRESQL_AUTO_CREATE_ACCOUNTS
+            - name: POSTGRESQL_AUTO_CREATE_ACCOUNTS
-            #   value: "true"
+              value: "true"
           ports:
             - containerPort: 8080
               name: http