seth
/
video-iac
mirror of https://bitbucket.org/jamkazam/video-iac.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

fix authelia attempt

This commit is contained in:
Seth Call 2026-02-16 14:09:53 -06:00
parent 5dc7f3df6f
commit 2df3783565
5 changed files with 108 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
k8s/authelia/values-production.yaml
View File

@ -1,9 +1,10 @@
ingress:
enabled: true
hosts:
- host: idp.jamkazam.com
paths:
- path: /
pathType: ImplementationSpecific
pathType: Prefix
authelia_url: https://idp.jamkazam.com
domain: jamkazam.com

10
k8s/console/templates/deployment.yaml
View File

@ -19,9 +19,15 @@ spec:
- containerPort: 80
volumeMounts:
- name: html
mountPath: /usr/share/nginx/html/index.html
subPath: index.html
mountPath: /usr/share/nginx/html
volumes:
- name: html
secret:
secretName: console-html
items:
- key: index.html
path: index.html
- key: docs-index.html
path: docs/index.html
- key: docs-deployment.html
path: docs/deployment/index.html

96
k8s/console/templates/secret.yaml
View File

@ -16,6 +16,8 @@ stringData:
.links { margin-top: 30px; display: grid; gap: 15px; }
a { display: block; padding: 10px; background: #007bff; color: white; text-decoration: none; border-radius: 4px; transition: background 0.2s; }
a:hover { background: #0056b3; }
.wiki-link { background: #28a745 !important; }
.wiki-link:hover { background: #218838 !important; }
</style>
</head>
<body>
@ -26,7 +28,101 @@ stringData:
<a href="{{ .Values.links.authelia }}">Identity Provider (Authelia)</a>
<a href="{{ .Values.links.monitoring }}">Monitoring (Grafana)</a>
<a href="{{ .Values.links.argocd }}">Deployment (ArgoCD)</a>
<a href="/docs" class="wiki-link">Internal Documentation (Wiki)</a>
</div>
</div>
</body>
</html>
docs-index.html: |
<!DOCTYPE html>
<html>
<head>
<title>JamKazam Internal Documentation</title>
<style>
body { font-family: sans-serif; padding: 50px; background: #f4f4f4; color: #333; line-height: 1.6; }
.container { max-width: 800px; margin: 0 auto; background: white; padding: 40px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }
h1 { border-bottom: 2px solid #eee; padding-bottom: 10px; }
.nav { margin-bottom: 20px; }
.nav a { color: #007bff; text-decoration: none; }
.pages { list-style: none; padding: 0; }
.pages li { margin: 10px 0; }
.pages a { font-size: 1.2em; color: #007bff; text-decoration: none; }
.pages a:hover { text-decoration: underline; }
</style>
</head>
<body>
<div class="container">
<div class="nav"><a href="/">&larr; Back to Console</a></div>
<h1>JamKazam Internal Documentation</h1>
<p>Welcome to the technical wiki for JamKazam infrastructure and development.</p>
<ul class="pages">
<li><a href="/docs/deployment">Deployment Architecture (HTTP Request Flow)</a></li>
</ul>
<hr style="margin: 40px 0; border: 0; border-top: 1px solid #eee;">
<p style="color: #666; font-size: 0.9em;">To add more pages, update <code>secret.yaml</code> and map them in <code>deployment.yaml</code>.</p>
</div>
</body>
</html>
docs-deployment.html: |
<!DOCTYPE html>
<html>
<head>
<title>Deployment Architecture - JamKazam Docs</title>
<style>
body { font-family: sans-serif; padding: 50px; background: #f4f4f4; color: #333; line-height: 1.6; }
.container { max-width: 1000px; margin: 0 auto; background: white; padding: 40px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }
h1 { border-bottom: 2px solid #eee; padding-bottom: 10px; }
.nav { margin-bottom: 20px; }
.nav a { color: #007bff; text-decoration: none; }
pre { background: #2d2d2d; color: #ccc; padding: 20px; border-radius: 4px; overflow-x: auto; font-family: monospace; line-height: 1.2; }
</style>
</head>
<body>
<div class="container">
<div class="nav"><a href="/docs">&larr; Back to Documentation</a></div>
<h1>Deployment Architecture</h1>
<p>This diagram shows how an HTTP request for <code>console.jamkazam.com</code> is routed through our Kubernetes environment.</p>
<pre>
1. Request: https://console.jamkazam.com/
┌─────────┐ ────────────────────────────────────────▶
│ │
│ BROWSER │ 6. Response: 200 OK (Console HTML)
│ │ ◀───────────────────────────────────────
└────┬────┘
┌─────────────────────────┐
│ INGRESS CONTROLLER │
│ (Nginx Ingress) │
└────────┬───────▲────────┘
│ │
│ │ 2. Sub-request: Check Auth?
│ │ (auth-url: idp.jamkazam.com/api/authz/auth-request)
│ └───────────────────────┐
│ │
│ ┌─────────────────────▼──────────────────────┐
│ │ AUTHELIA (idp.jamkazam.com) │
│ │ │
│ │ 3. Check Session Cookie / Auth Status │
│ └─────────────────────┬──────────────────────┘
│ │
│ 4. Auth Result:
│ 200 OK (Authorized)│ OR 401/302 (Redirect to Login)
│ ◀─────────────────────┘
│ 5. Forward Request (if 200 OK)
│ (service: console, port: 80)
┌─────────────────────────┐
│ CONSOLE SERVICE │
│ (Nginx Container) │
│ │
│ Mount: /usr/share/ │
│ nginx/html/ │
└─────────────────────────┘
</pre>
</div>
</body>
</html>

2
k8s/console/values-production.yaml
View File

@ -14,7 +14,7 @@ ingress:
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-nginx-production
nginx.ingress.kubernetes.io/auth-url: "https://idp.jamkazam.com/api/authz/auth-request"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.authelia.svc.cluster.local:9091/api/authz/auth-request"
nginx.ingress.kubernetes.io/auth-signin: "https://idp.jamkazam.com/?rd=$escaped_request_uri"
nginx.ingress.kubernetes.io/auth-response-headers: "Remote-User,Remote-Groups,Remote-Name,Remote-Email"
tls:

2
k8s/console/values-staging.yaml
View File

@ -14,7 +14,7 @@ ingress:
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-nginx-production
nginx.ingress.kubernetes.io/auth-url: "https://idp.staging.jamkazam.com/api/authz/auth-request"
nginx.ingress.kubernetes.io/auth-url: "http://authelia.authelia.svc.cluster.local:9091/api/authz/auth-request"
nginx.ingress.kubernetes.io/auth-signin: "https://idp.staging.jamkazam.com/?rd=$escaped_request_uri"
nginx.ingress.kubernetes.io/auth-response-headers: "Remote-User,Remote-Groups,Remote-Name,Remote-Email"
tls: