forked from mintel/dex-k8s-authenticator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.yaml
80 lines (64 loc) · 2.34 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
clusters:
# Specify 1 or more clusters
- name: example-cluster
# Descriptions used in the WebUI
short_description: "Example Cluster"
description: "Example Cluster Long Description..."
# Redirect Url pointing to dex-k8s-authenticator callback for this cluster
# This should be configured in Dex as part of the staticClients
# redirectURIs option
redirect_uri: http://127.0.0.1:5555/callback/example-cluster
# Client Secret - should match value in Dex
client_secret: ZXhhbXBsZS1hcHAtc2VjcmV0
# Client ID - should match value in Dex
client_id: example-cluster-client-id
# Dex Issuer - Must be resolvable
issuer: http://127.0.0.1:5556
# Url to k8s API endpoint - used in WebUI instructions for generating
# kubeconfig
k8s_master_uri: https://your-k8s-master.cluster
# CA for your k8s cluster - used in WebUI instructions for generating
# kubeconfig
# Both k8s_ca_uri and k8s_ca_pem are optional - you typically specifiy
# one or the other if required
#
# Provides a link to the CA from a hosted site
# k8s_ca_uri: http://url-to-your-ca.crt
#
# Provides abililty to specify CA inline
# k8s_ca_pem: |
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
# Specify multiple extra root CA files to be loaded
# trusted_root_ca:
# -|
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
# Specify path to tls_cert and tls_key - if enabled, set liten to use https
# tls_cert: /path/to/dex-client.crt
# tls_key: /path/to/dex-client.key
# CA for your IDP - used in WebUI instructions for generating
# kubeconfig
# Both idp_ca_uri and idp_ca_pem are optional - you typically specifiy
# one or the other if required
#
# Provides a link to the CA from a hosted site
# idp_ca_uri: http://url-to-your-ca.crt
#
# Provides abililty to specify CA inline
# idp_ca_pem: |
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
# Which address to listen on (set to https if tls configured)
listen: http://127.0.0.1:5555
# A path-prefix from which to serve requests and assets
web_path_prefix: /
# Optional kubectl version which provides a download link to the the binary
kubectl_version: v1.11.2
# Optional Url to display a logo image
# logo_uri: http://<path-to-your-logo.png>
# Enable more debug
debug: false