charts: headscale oidc

commit: cc56ae935092ab4400484b31057261aab131f523 [log] [tgz]
author: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Wed May 31 17:50:39 2023 +0400
committer: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Wed May 31 17:50:39 2023 +0400
tree: 7b2fbb694a4482d095e250fa7654c3ab3bd13b17
parent: 0c5b8bebda895075dfc6d8ffb2c61329a0438542 [diff] [blame]
diff --git a/charts/headscale/templates/oauth2-client.yaml b/charts/headscale/templates/oauth2-client.yaml
new file mode 100644
index 0000000..c05b69a
--- /dev/null
+++ b/charts/headscale/templates/oauth2-client.yaml

@@ -0,0 +1,20 @@
+{{- $secret := include "clientSecret" . -}}
+apiVersion: hydra.ory.sh/v1alpha1
+kind: OAuth2Client
+metadata:
+  name: headscale
+  namespace: {{ .Release.Namespace }}
+spec:
+  grantTypes:
+  - authorization_code
+  responseTypes:
+  - code
+  scope: "openid profile email"
+  secretName: {{ .Values.oauth2.secretName }}
+  redirectUris:
+  - https://headscale.{{ .Values.domain }}/oidc/callback
+  hydraAdmin:
+    url: {{ .Values.oauth2.hydraAdmin }}
+    port: 80
+    endpoint: /clients
+    forwardedProto: https
commit	cc56ae935092ab4400484b31057261aab131f523	[log] [tgz]
author	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Wed May 31 17:50:39 2023 +0400
committer	Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>	Wed May 31 17:50:39 2023 +0400
tree	7b2fbb694a4482d095e250fa7654c3ab3bd13b17
parent	0c5b8bebda895075dfc6d8ffb2c61329a0438542 [diff] [blame]