Skip to content

Commit

Permalink
Add auth for nas
Browse files Browse the repository at this point in the history
  • Loading branch information
@Serubin
Serubin committed Jul 3, 2024
1 parent b94902d commit ccc94c4
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 2 deletions.
14 changes: 14 additions & 0 deletions apps/prod/authelia/authelia.hr.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,27 @@ spec:
- grafana.${SECRET_DOMAIN}
- prometheus.${SECRET_DOMAIN}
- weave.${SECRET_DOMAIN}
- nas.${INTERNAL_DOMAIN}:5001
notifier:
smtp:
username: ${NOREPLY_AUTH_EMAIL}
sender: ${NOREPLY_SEND_EMAIL}
identity_providers:
oidc:
clients:
- id: nas
description: Synology NAS
secret: ${OIDC_NAS_CLIENT_DIGEST}
public: false
authorization_policy: two_factor
redirect_uris:
- https://nas.${INTERNAL_DOMAIN}:5001
scopes:
- openid
- profile
- groups
- email
userinfo_signing_algorithm: none
- id: grafana
description: Grafana
secret: ${OIDC_GRAFANA_CLIENT_DIGEST}
Expand Down
8 changes: 6 additions & 2 deletions configs/prod/cluster-secrets.sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ stringData:
#ENC[AES256_GCM,data:spxVq1LSEWU=,iv:SMXjqq6aG+BR3ELeRB8aeeVzRhsNGJ6Ml3SAKr/+5uQ=,tag:MnwWb9LZc69ZIIe2S/KdLQ==,type:comment]
CLUSTER_HOST: ENC[AES256_GCM,data:GlJwf9kXIU6OcJHZiLN3yfF9AnzNJgOU,iv:9Wgnt0Fvkc71Nedie0b/3dkVgArJS9dCVb6WK89QQdM=,tag:/fy3hFXhEC4u5rUtfd2hnA==,type:str]
SECRET_DOMAIN: ENC[AES256_GCM,data:txD1gUKP4WubW4c=,iv:1Woa25GUqfMcZjCPwnkseC0q2hoFI0ircnHsIEwyH3w=,tag:MOzPgn4DzPSG780pKSL5Xg==,type:str]
INTERNAL_DOMAIN: ENC[AES256_GCM,data:UuMDnICYDzPbjQ==,iv:qck8D0AXaO4XNnxJYlogJsjYwkU1a/qyhg95ECqWMZA=,tag:Suy/f2DQiY93oggWUrMiEA==,type:str]
ACCESS_DOMAIN: ENC[AES256_GCM,data:OkkSFCYGn47W0Y315rAmjyUAxpoPG9A=,iv:kaqjwDqcFrP1kDp/IFqMbdobdkJZOcp++RCXFnXC7g0=,tag:Nz+9XgCKY9JCiOWiUfrpTg==,type:str]
#ENC[AES256_GCM,data:8uH9eEcIQFsn,iv:ZqcX/RtDKvN7d+njRvuGtUr1A2SzNwu23U92Sz4UFNY=,tag:e+hzXNbLlTormiy9hoi5wQ==,type:comment]
EMAIL: ENC[AES256_GCM,data:Tz40YbXPSzOJ2Sk3b3bWC/6SXg==,iv:IFBR6s9boGD4fJd9FYfyjrgOYEI1CWUtfe35+DHCYhA=,tag:WI6JHZ8iaDEfxyMMbTTwdw==,type:str]
ADMIN_USERNAME: ENC[AES256_GCM,data:jU+vIZG9rA==,iv:qqNCOrktJLZSX4313qSBwe1QNmUy0o8zdq7Gkk4g5Uo=,tag:1XM/wtQGJMQayUNRPFUUsQ==,type:str]
Expand All @@ -23,15 +25,17 @@ stringData:
#ENC[AES256_GCM,data:8uW2ap7OC4Slpmfx4w==,iv:i9E6DaZXhKgjfXw4yY7uxS8nxc1tFhI9e9KID4QIjnA=,tag:qM0jWRffuk7PwSOVZ6AdoQ==,type:comment]
OIDC_GRAFANA_CLIENT_DIGEST: ENC[AES256_GCM,data:8fOkDJWSe8tstyD54/QB46Aeq0qTRm16rNjLyHtsDHnMYbCLR+nBCADCS8SJaB9dfQxTZuqeI72YSZDAPRThkZrVnKmBUZ+3ZpmzXwhLP5QO4mwsFtE4UxxYy3V2oHIF+MzEV3x7i9erhkCWguL4Y1PJ63VXpOEGF8vI9cVmVgivWPA=,iv:wajfP/CKUvPuuHZGr9fmoWqAgp/Y2saelttVry7MMfg=,tag:BToKGyBgj9CQinImg1g/DA==,type:str]
OIDC_GRAFANA_CLIENT_SECRET: ENC[AES256_GCM,data:zx3vRBV0pLM9FOajSvw0bzQBh3BIqGWVQ9FmsFozAdeKXiDDG17FpUIAZFyIOwK46YoWU43M8cYYPOOdk6vCDG6nGe/QEs6medYcgUnVFXRDPQt/JgyEnTghVSBKU4dnVgb9OLYhMpr6hhbe5Q6LEpy+TqRtbFKdNer+HUreYYo=,iv:1udGrvbliIMug9Xp2VU7ws3PLmG8Mn/wCq4IdxQ8HTI=,tag:jpd+LK1NFWC7O3sfDxR55g==,type:str]
OIDC_NAS_CLIENT_SECRET: ENC[AES256_GCM,data:2eH8H8A7+R60y5iQUU3Wrnn01te43Db11Xd3q+z6XZFPfc3Rl45kwAjiutPNgY54A5HYjLxmR0i8/qQb3VZoFqCTuJ56eyJM1w4kQfOwd8TDyapKa2IvwrzCV5wx51iqr9TpVKelBSl9hxuhuxcRBRKEsiYTq2GZavMwZY59RGg=,iv:Wd9MWw6uRUksX5eUDjxdn2BzNH62S9RUgdAkc+/9Zow=,tag:+1ZxPr6d6ysJxK49Shl2ag==,type:str]
#ENC[AES256_GCM,data:jjAy/u+zH1ds,iv:GmbKtEq83YXzpw0lXwloeJWSHpBDTEedJ1kKYvopX3g=,tag:6dLRau5RJ6QQaOzzCGDdDg==,type:comment]
LACEWORK_TOKEN: ENC[AES256_GCM,data:YnPXbFNd6gLTK0bSNkzxTLMCy69FFOL4Q1v2LzqlOKYIJm5foWuOGxxhUPyYV1CVK/LxDtsqBrU=,iv:EWzSxfKMkxmJE2xIRuo46Ry6neSBzULa6eOSugMIVUE=,tag:V3thnSCG2v664JeEdmGarA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age: []
lastmodified: "2024-04-10T16:18:58Z"
mac: ENC[AES256_GCM,data:IEz7hyNrl/h0VnG21tsecGol54kRG6+8mT8LSGtGfZf8kqBlL5qXrF9wzzLh6IwL2qva6YBGSPZqIfEYMiZo8X/NwBU+/VsLZ7dhyjQDSj1Qa9KkHXazr/i+X84+3ThqFoikWh0kJb0VK25X9Wkbi0i0RZc+6tBsySNwcSSJevI=,iv:veXBL8eqSU95f/6nLM1MYpNtAJ//nRLUdKEpnCBz+WQ=,tag:qTcTp9gnWusHJWV5cOAvbA==,type:str]
lastmodified: "2024-07-03T23:13:22Z"
mac: ENC[AES256_GCM,data:fCJErpHXVUhX/X6IBZC3FMGYqY4TGMjB5K/q4j5IVYRMD7pGznnMdAVM6o4qSEEwGkmOOdaFvv+6794SV3KuN7ZqXot7jRLAP+4VfVTa0lah0v00qGDI6oIfY3R1j93LtsWk4yXQSQgMTWw16nxVrrXcnittaPAqzuHbir3Di3g=,iv:dGBaGB/SVxBOqY0/i5OVVBPEFQVXmh3ZL7yWfJKsO/U=,tag:Xkw30NxjYFV4IxZwyZlJCw==,type:str]
pgp:
- created_at: "2024-02-26T23:49:52Z"
enc: |-
Expand Down

0 comments on commit ccc94c4

Please sign in to comment.