gsdavidp/home-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add CA certificates bundle and update Headlamp configuration for OIDC

Browse Source
This commit is contained in:
Nikholas Pcenicni
2026-05-14 18:59:47 -04:00
parent 2321209626
commit 817849ee3c
4 changed files with 2979 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
clusters/noble/bootstrap/headlamp/README.md
View File

@@ -4,6 +4,7 @@
- **Chart:** `headlamp/headlamp` **0.42.0** (`config.sessionTTL: null` still omits **`-session-ttl`** if needed — [issue #4883](https://github.com/kubernetes-sigs/headlamp/issues/4883))
- **Namespace:** `headlamp`
- **OIDC TLS:** **`cacert.pem`** (Mozilla bundle from [curl CA extract](https://curl.se/ca/cacert.pem)) is baked into ConfigMap **`headlamp-oidc-ca-bundle`** via **`kustomization.yaml`** and mounted at **`/etc/ssl/headlamp/oidc-ca-bundle.pem`** for **`-oidc-ca-file`** (stops empty-PEM log noise; refresh the file occasionally). If Authentik used a **private** CA, append that PEM to **`cacert.pem`** (or replace) before sync.
## Install