Groundwork for OIDC with FreshRSS

It's broken on ARM though
2023-10-30 15:58:16 +00:00 · 2023-10-30 15:58:16 +00:00 · c6ce64ea1d
parent 12dd979483
commit c6ce64ea1d
2 changed files with 18 additions and 4 deletions
--- a/homelab/freshrss-config.yml
+++ b/homelab/freshrss-config.yml
@ -0,0 +1,12 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: freshrss-config
+data:
+  CRON_MIN: "*/15"
+  # OIDC_ENABLED: "1"
+  OIDC_PROVIDER_METADATA_URL: https://authentik.gmem.ca/application/o/freshrss/.well-known/openid-configuration
+  OIDC_REMOTE_USER_CLAIM: preferred_username
+  OIDC_CLIENT_ID: WSZI1tVeDE5FhC6XF3nbmjNh3UhCcpNXll7Zf4bJ
+  OIDC_SCOPES: "openid profile"
+  OIDC_X_FORWARDED_HEADERS: X-Forwarded-Host X-Forwarded-Port X-Forwarded-Proto
--- a/homelab/freshrss.yaml
+++ b/homelab/freshrss.yaml
@ -17,13 +17,15 @@ spec:
        image: freshrss/freshrss:arm
        resources:
          limits:
-            memory: "128Mi"
+            memory: "256Mi"
            cpu: "500m"
        ports:
        - containerPort: 80
-        env:
-          - name: CRON_MIN
-            value: 1,31
+        envFrom:
+          - configMapRef:
+              name: freshrss-config
+          - secretRef:
+              name: freshrss-secrets
        volumeMounts:
        - name: data
          mountPath: /var/www/FreshRSS/data