lasuite: declarative pre-work for La Suite app deployments

- Add find user and find_db to postgres-cluster.yaml (11th database) - Add sunbeam-messages-imports and sunbeam-people buckets to SeaweedFS - Configure Hydra Maester with enabledNamespaces: [lasuite] so it can create and update OAuth2Client secrets in the lasuite namespace - Add find to Kratos allowed_return_urls - Add shared ConfigMaps: lasuite-postgres, lasuite-valkey, lasuite-s3, lasuite-oidc-provider — single source of truth for all app env vars - Add HydraOAuth2Client CRDs for all nine La Suite apps (docs, drive, meet, conversations, messages, people, find, gitea, hive); Maester will create oidc-<app> secrets with CLIENT_ID and CLIENT_SECRET
2026-03-01 18:03:13 +00:00
parent cdddc334ff
commit 5e36322a3b
7 changed files with 255 additions and 57 deletions
--- a/base/ory/hydra-values.yaml
+++ b/base/ory/hydra-values.yaml
@@ -30,6 +30,12 @@ hydra:
 secret:
  enabled: false

+# Allow Maester to create/update OAuth2Client secrets in the lasuite namespace.
+# 'hydra-maester' is the subchart alias — values flow down under this key.
+hydra-maester:
+  enabledNamespaces:
+    - lasuite
+
 deployment:
  resources:
    limits:
--- a/base/ory/kratos-values.yaml
+++ b/base/ory/kratos-values.yaml
@@ -20,6 +20,7 @@ kratos:
        - https://chat.DOMAIN_SUFFIX/
        - https://people.DOMAIN_SUFFIX/
        - https://src.DOMAIN_SUFFIX/
+        - https://find.DOMAIN_SUFFIX/
      flows:
        login:
          ui_url: https://auth.DOMAIN_SUFFIX/login