Open ebocchi opened 2 years ago
Tracking:
- eos:mgm:ldapBindUsers:nslcd:config:ldap_uri # depends on helm release name
- eos-instance-config.config.oauth.resourceEndpoint # depends on hostname (requires httpS, we leverage on ingress)
- ocis-idp:en:IDP_ISS # depends on hostname (requires httpS, we leverage on ingress)
- swan:fusex:fusex:config:eos_mgm_alias # depends on helm release name
- swan:jupyterhub:hub:config:KeyCloakAuthenticator:oidc_issuer
- swan:jupyterhub:hub:config:KeyCloakAuthenticator:oauth_callback
This is partially covered by mboxed --> etc/deploy.sh --> install_charts() but we should do it in a better way.
--set nginx.ingress.hostname=${HOSTNAME} \
--set ocis-idp.env.IDP_ISS=https://${HOSTNAME} \
--set ocis-idp.ingress.hosts="{${HOSTNAME}}" \
--set eos-instance-config.config.oauth.resourceEndpoint=${HOSTNAME}/konnect/v1/userinfo \
--set swan.jupyterhub.hub.config.KeyCloakAuthenticator.oidc_issuer=https://${HOSTNAME} \
--set swan.jupyterhub.hub.config.KeyCloakAuthenticator.oauth_callback_url=https://${HOSTNAME}/swan/hub/oauth_callback \
--set swan.jupyterhub.ingress.hosts="{${HOSTNAME}}" \
Some internals are not covered at all and will break when using a helm name different from sciencebox:
root://{{ include "mgm.fqdn" . }}
)
Many hostnames should be easily guessable within sciencebox:
Make the chart guess them wherever possible