added OIDC

2026-02-18 14:51:15 +01:00
parent 07429800d1
commit 3f84b7ea20
1 changed files with 26 additions and 26 deletions
@@ -212,32 +212,32 @@ spec:
            # --- Serve at / instead of /guacamole ---
            - name: WEBAPP_CONTEXT
              value: "ROOT"
-            # --- OpenID Connect (Authentik) ---
+            #--- OpenID Connect (Authentik) ---
-            # - name: OPENID_AUTHORIZATION_ENDPOINT
+            - name: OPENID_AUTHORIZATION_ENDPOINT
-            #   value: "https://authentik.dooplex.hu/application/o/authorize/"
+              value: "https://authentik.dooplex.hu/application/o/authorize/"
-            # - name: OPENID_JWKS_ENDPOINT
+            - name: OPENID_JWKS_ENDPOINT
-            #   value: "https://authentik.dooplex.hu/application/o/guacamole/jwks/"
+              value: "https://authentik.dooplex.hu/application/o/guacamole/jwks/"
-            # - name: OPENID_ISSUER
+            - name: OPENID_ISSUER
-            #   value: "https://authentik.dooplex.hu/application/o/guacamole/"
+              value: "https://authentik.dooplex.hu/application/o/guacamole/"
-            # - name: OPENID_CLIENT_ID
+            - name: OPENID_CLIENT_ID
-            #   valueFrom:
+              valueFrom:
-            #     secretKeyRef:
+                secretKeyRef:
-            #       name: guacamole-secrets
+                  name: guacamole-secrets
-            #       key: openid-client-id
+                  key: openid-client-id
-            # - name: OPENID_REDIRECT_URI
+            - name: OPENID_REDIRECT_URI
-            #   value: "https://remote.dooplex.hu/"
+              value: "https://remote.dooplex.hu/"
-            # - name: OPENID_USERNAME_CLAIM_TYPE
+            - name: OPENID_USERNAME_CLAIM_TYPE
-            #   value: "preferred_username"
+              value: "preferred_username"
-            # - name: OPENID_GROUPS_CLAIM_TYPE
+            - name: OPENID_GROUPS_CLAIM_TYPE
-            #   value: "groups"
+              value: "groups"
-            # - name: OPENID_SCOPE
+            - name: OPENID_SCOPE
-            #   value: "openid email profile"
+              value: "openid email profile"
-            # # Show both DB login form AND OIDC button on login page
+            # Show both DB login form AND OIDC button on login page
-            # - name: EXTENSION_PRIORITY
+            - name: EXTENSION_PRIORITY
-            #   value: "*, openid"
+              value: "*, openid"
-            # # Auto-create Guacamole accounts for OIDC users
+            # Auto-create Guacamole accounts for OIDC users
-            # - name: POSTGRESQL_AUTO_CREATE_ACCOUNTS
+            - name: POSTGRESQL_AUTO_CREATE_ACCOUNTS
-            #   value: "true"
+              value: "true"
          ports:
            - containerPort: 8080
              name: http