15 lines
579 B
YAML
15 lines
579 B
YAML
# OIDC with Authentik — credentials live in Secret **headlamp-oidc** (envFrom), created by **noble_authentik**.
|
|
#
|
|
# With **externalSecret**, the Headlamp chart only adds **-oidc-callback-url** / **-oidc-use-pkce** args when these
|
|
# values are set here (or under **env:**). The Secret alone is not enough — without them, login can fail or Authentik returns errors.
|
|
|
|
config:
|
|
oidc:
|
|
secret:
|
|
create: false
|
|
externalSecret:
|
|
enabled: true
|
|
name: headlamp-oidc
|
|
callbackURL: "https://headlamp.apps.noble.lab.pcenicni.dev/oidc-callback"
|
|
usePKCE: true
|