diff --git a/Mealie/README.md b/Mealie/README.md index e69de29..132d94a 100644 --- a/Mealie/README.md +++ b/Mealie/README.md @@ -0,0 +1,9 @@ +# Mealie +Mealie is a recipe management service with features for creating shopping lists from recipes and a meal planner. + +## Using this kubernetes config +Firstly, you will need to create a generic kubernetes secret with the database username and password. You can do this with the command `kubectl create secret generic mealie-db --from-literal=username= --from-literal='password='`. Make sure to use a secure password. + +Then you will need to set mealie's hostname in `deployment.yml` under the env variables and in `ingress.yml`. Ensure the one in `deployment.yml` contains `https://` and that the one in `ingress.yml` is just the hostname (no `https://`). This config assumes you have cert-manager installed on your cluster, so if you want to provide HTTPS another way, feel free to comment out the `spec.tls` section (the annotation shouldn't affect anything, but you can comment it out as well if you want) + +If you want to use OIDC to log into mealie, uncomment the OIDC environment variables and fill in the provider name and OIDC configuration url (the one with `.well-known/...` in the path). [put here a section about what callback urls to use in your provider]. Also, create another kubernetes generic secret to hold the OIDC sensitive config. You can do this with the command `kubectl create secret generic mealie-oidc --from-literal=client-id= --from-literal=client-secret= --from-literal=admin-group=` \ No newline at end of file diff --git a/Mealie/deployment.yml b/Mealie/deployment.yml index 91cfff6..24f2126 100644 --- a/Mealie/deployment.yml +++ b/Mealie/deployment.yml @@ -33,7 +33,7 @@ spec: - name: TZ value: Europe/London - name: BASE_URL - value: https://mealie.foxhawk.co.uk + value: - name: DB_ENGINE value: postgres - name: POSTGRES_USER @@ -52,31 +52,31 @@ spec: value: "5432" - name: POSTGRES_DB value: mealie - - name: OIDC_AUTH_ENABLED - value: "true" - - name: OIDC_SIGNUP_ENABLED - value: "true" - - name: OIDC_CONFIGURATION_URL - value: "https://authentik.foxhawk.co.uk/application/o/mealie/.well-known/openid-configuration" - - name: OIDC_CLIENT_ID - valueFrom: - secretKeyRef: - name: mealie-oidc - key: client-id - - name: OIDC_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: mealie-oidc - key: client-secret - - name: OIDC_ADMIN_GROUP - valueFrom: - secretKeyRef: - name: mealie-oidc - key: admin-group - - name: OIDC_AUTO_REDIRECT - value: "false" - - name: OIDC_PROVIDER_NAME - value: "Authentik" + # - name: OIDC_AUTH_ENABLED + # value: "true" + # - name: OIDC_SIGNUP_ENABLED + # value: "true" + # - name: OIDC_CONFIGURATION_URL + # value: + # - name: OIDC_CLIENT_ID + # valueFrom: + # secretKeyRef: + # name: mealie-oidc + # key: client-id + # - name: OIDC_CLIENT_SECRET + # valueFrom: + # secretKeyRef: + # name: mealie-oidc + # key: client-secret + # - name: OIDC_ADMIN_GROUP + # valueFrom: + # secretKeyRef: + # name: mealie-oidc + # key: admin-group + # - name: OIDC_AUTO_REDIRECT + # value: "false" + # - name: OIDC_PROVIDER_NAME + # value: volumes: - name: mealie-pvc persistentVolumeClaim: diff --git a/Mealie/ingress.yml b/Mealie/ingress.yml index 91facde..6434709 100644 --- a/Mealie/ingress.yml +++ b/Mealie/ingress.yml @@ -7,10 +7,10 @@ metadata: spec: tls: - hosts: - - mealie.foxhawk.co.uk + - secretName: mealie-tls rules: - - host: mealie.foxhawk.co.uk + - host: http: paths: - pathType: Prefix