Sienna Meridian Satterwhite
1147b1a5aa
- Add readiness/liveness probes to Collabora (GET /hosting/discovery) - Add init container to Drive backend that waits for Collabora and runs trigger_wopi_configuration on every pod start — fixes WOPI silently breaking after server restarts (chart Job only ran on sunbeam apply) - Add OIDC_RESPONSE_MODE=query to Projects config
45 lines
1.4 KiB
YAML
45 lines
1.4 KiB
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: projects-config
|
|
namespace: lasuite
|
|
data:
|
|
BASE_URL: "https://projects.DOMAIN_SUFFIX"
|
|
TRUST_PROXY: "1"
|
|
NODE_ENV: "production"
|
|
|
|
# OIDC — Hydra as the identity provider
|
|
OIDC_ISSUER: "https://auth.DOMAIN_SUFFIX/"
|
|
OIDC_SCOPES: "openid email profile"
|
|
OIDC_ENFORCED: "true"
|
|
OIDC_IGNORE_USERNAME: "true"
|
|
OIDC_IGNORE_ROLES: "true"
|
|
OIDC_ADMIN_ROLES: "*"
|
|
OIDC_FULLNAME_ATTRIBUTES: "given_name,family_name"
|
|
# Planka defaults to response_mode=fragment, which returns the auth code in the
|
|
# URL hash (#code=...). The SPA callback handler doesn't parse fragments correctly,
|
|
# causing a silent auth loop. Use query mode so the code comes as ?code=...
|
|
OIDC_RESPONSE_MODE: "query"
|
|
|
|
# S3 file storage via SeaweedFS
|
|
S3_ENDPOINT: "http://seaweedfs-filer.storage.svc.cluster.local:8333"
|
|
S3_BUCKET: "projects"
|
|
S3_REGION: "us-east-1"
|
|
S3_FORCE_PATH_STYLE: "true"
|
|
|
|
# SMTP via in-cluster Postfix relay
|
|
SMTP_HOST: "postfix.lasuite.svc.cluster.local"
|
|
SMTP_PORT: "25"
|
|
SMTP_SECURE: "false"
|
|
SMTP_FROM: "Projects <noreply@DOMAIN_SUFFIX>"
|
|
|
|
# La Gaufre waffle menu widget
|
|
REACT_APP_LAGAUFRE_WIDGET_API_URL: "https://integration.DOMAIN_SUFFIX/api/v2/services.json"
|
|
REACT_APP_LAGAUFRE_WIDGET_PATH: "https://integration.DOMAIN_SUFFIX/api/v2/"
|
|
|
|
# Default language for new OIDC users (browser detection fallback if unset)
|
|
DEFAULT_LANGUAGE: "en-US"
|
|
|
|
# Permissions
|
|
ALLOW_ALL_TO_CREATE_PROJECTS: "true"
|