-
Notifications
You must be signed in to change notification settings - Fork 14
/
config.yaml
45 lines (44 loc) · 1.79 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# Copyright 2023 Canonical Ltd.
# See LICENSE file for licensing details.
options:
enable-password-db:
type: boolean
default: true
description: Allows dex to keep a list of passwords which can be used to login to dex
issuer-url:
type: string
default: ''
description: |
Format http(s)://<publicly-accessible-dns-name>/dex
(Also referred to as issuer or OIDC provider ) This is the canonical URL that OIDC clients
MUST use to refer to dex. If not specified, it defaults to dex-auth's local
endpoint constructed from dex-auth's Kubernetes Service DNS name, the
Service port and Dex's endpoint, that is http://<dex-auth-app-name>.<namespace>.svc:5556/dex.
The default is set by the charm code, not the configuration option.
This configuration must be set when using a Dex connector that will try to reach Dex from outside
the cluster, thus it should be a publicly accessible endpoint, for example https://my-instance.in-my-cloud.some-cloud.com/dex
port:
type: int
default: 5556
description: Listening port
connectors:
type: string
default: ''
description: |
List of connectors in YAML format, as shown
in https://github.com/dexidp/dex#connectors
static-username:
type: string
default: ''
description: Static username for logging in without an external auth service
static-password:
type: string
default: ''
description: Static password for logging in without an external auth service
public-url:
type: string
default: ''
description: |
DEPRECATED - Please leave empty or use issuer-url instead. This configuration option will be removed soon.
It has been preserved to avoid breaking compatibility with existing deployments.
Publicly-accessible endpoint for cluster