From f6fdfdaadc1b44817fe3f8647013bca65258641c Mon Sep 17 00:00:00 2001 From: mbelfares Date: Thu, 11 Jun 2026 23:53:11 +0200 Subject: [PATCH] fix ssh key for git sync --- .../monitoring/oauth2-proxy-alertmanager.yaml | 20 +++++++++---------- helm/monitoring/oauth2-proxy-prometheus.yaml | 20 +++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/helm/monitoring/oauth2-proxy-alertmanager.yaml b/helm/monitoring/oauth2-proxy-alertmanager.yaml index 61ce676..358d05c 100644 --- a/helm/monitoring/oauth2-proxy-alertmanager.yaml +++ b/helm/monitoring/oauth2-proxy-alertmanager.yaml @@ -1,22 +1,16 @@ -hostAliases: -- ip: "13.140.150.2" - hostnames: - - "keycloak.idir-belfares.fr" - config: existingSecret: oauth2-proxy-alertmanager - cookie_secure: false - reverse_proxy: true + cookie_secure: true set_xauthrequest: true cookie_samesite: "lax" - redirect_url: http://alertmanager.idir-belfares.fr/oauth2/callback + redirect_url: https://alertmanager.idir-belfares.fr/oauth2/callback extraArgs: provider: oidc skip-oidc-discovery: "true" - login-url: "http://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth" + login-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth" redeem-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/token" - oidc-issuer-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps" + oidc-issuer-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps" oidc-jwks-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/certs" email-domain: "*" insecure-oidc-allow-unverified-email: "true" @@ -25,7 +19,13 @@ extraArgs: ingress: enabled: true className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - alertmanager.idir-belfares.fr + tls: + - secretName: alertmanager-tls + hosts: + - alertmanager.idir-belfares.fr path: / pathType: Prefix diff --git a/helm/monitoring/oauth2-proxy-prometheus.yaml b/helm/monitoring/oauth2-proxy-prometheus.yaml index 51c9404..5583e4d 100644 --- a/helm/monitoring/oauth2-proxy-prometheus.yaml +++ b/helm/monitoring/oauth2-proxy-prometheus.yaml @@ -1,22 +1,16 @@ -hostAliases: -- ip: "13.140.150.2" - hostnames: - - "keycloak.idir-belfares.fr" - config: existingSecret: oauth2-proxy-prometheus - cookie_secure: false - reverse_proxy: true + cookie_secure: true set_xauthrequest: true cookie_samesite: "lax" - redirect_url: http://prometheus.idir-belfares.fr/oauth2/callback + redirect_url: https://prometheus.idir-belfares.fr/oauth2/callback extraArgs: provider: oidc skip-oidc-discovery: "true" - login-url: "http://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth" + login-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps/protocol/openid-connect/auth" redeem-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/token" - oidc-issuer-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps" + oidc-issuer-url: "https://keycloak.idir-belfares.fr/auth/realms/k8s-apps" oidc-jwks-url: "http://keycloak-keycloakx-http.keycloak.svc.cluster.local/auth/realms/k8s-apps/protocol/openid-connect/certs" email-domain: "*" insecure-oidc-allow-unverified-email: "true" @@ -25,7 +19,13 @@ extraArgs: ingress: enabled: true className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - prometheus.idir-belfares.fr + tls: + - secretName: prometheus-tls + hosts: + - prometheus.idir-belfares.fr path: / pathType: Prefix