-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathdex-ad-cm.yaml
51 lines (51 loc) · 1.27 KB
/
dex-ad-cm.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
apiVersion: v1
kind: ConfigMap
metadata:
name: dex
namespace: auth-system
data:
config.yaml: |
issuer: https://auth.172.30.2.2.nip.io/
storage:
type: kubernetes
config:
inCluster: true
oauth2:
skipApprovalScreen: true
web:
http: 0.0.0.0:5556
tlsCert: /etc/dex/tls/tls.crt
tlsKey: /etc/dex/tls/tls.key
frontend:
theme: custom
telemetry:
http: 0.0.0.0:5558
staticClients:
- id: oidc-auth-client
redirectURIs:
- https://kubectl.172.30.2.2.nip.io/callback
- http://dashboard.172.30.2.2.nip.io/oauth2/callback
name: oidc-auth-client
secret: secret
connectors:
- type: ldap
id: ldap
name: LDAP
config:
host: 172.16.16.16:389
insecureNoSSL: true
insecureSkipVerify: true
bindDN: admin
bindPW: 'StrongAdminPassw0rd'
userSearch:
baseDN: OU=Cloudcafe Organisation,DC=cloudcafe,DC=org
username: sAMAccountName
idAttr: sn
nameAttr: givenName
emailAttr: mail
groupSearch:
baseDN: CN=groups,OU=cloudcafe,DC=cloudcafe,DC=org
userMatchers:
- userAttr: sAMAccountName
groupAttr: memberOf
nameAttr: givenName