sciencebox / charts

Helm Charts for ScienceBox services
GNU Affero General Public License v3.0
4 stars 6 forks source link

Improve handling oh hostnames #21

Open ebocchi opened 2 years ago

ebocchi commented 2 years ago

Many hostnames should be easily guessable within sciencebox:

Make the chart guess them wherever possible

ebocchi commented 2 years ago

Tracking:

- eos:mgm:ldapBindUsers:nslcd:config:ldap_uri        # depends on helm release name
- eos-instance-config.config.oauth.resourceEndpoint  # depends on hostname (requires httpS, we leverage on ingress)
- ocis-idp:en:IDP_ISS                                # depends on hostname (requires httpS, we leverage on ingress)
- swan:fusex:fusex:config:eos_mgm_alias              # depends on helm release name
- swan:jupyterhub:hub:config:KeyCloakAuthenticator:oidc_issuer
- swan:jupyterhub:hub:config:KeyCloakAuthenticator:oauth_callback
ebocchi commented 2 years ago

This is partially covered by mboxed --> etc/deploy.sh --> install_charts() but we should do it in a better way.

    --set nginx.ingress.hostname=${HOSTNAME} \
    --set ocis-idp.env.IDP_ISS=https://${HOSTNAME} \
    --set ocis-idp.ingress.hosts="{${HOSTNAME}}" \
    --set eos-instance-config.config.oauth.resourceEndpoint=${HOSTNAME}/konnect/v1/userinfo \
    --set swan.jupyterhub.hub.config.KeyCloakAuthenticator.oidc_issuer=https://${HOSTNAME} \
    --set swan.jupyterhub.hub.config.KeyCloakAuthenticator.oauth_callback_url=https://${HOSTNAME}/swan/hub/oauth_callback \
    --set swan.jupyterhub.ingress.hosts="{${HOSTNAME}}" \

Some internals are not covered at all and will break when using a helm name different from sciencebox: