Allow existing secrets for passwords (#170)

Allow admin user and password to be configured via existing secrets Allow LDAP bindDn and bindPassword to be configured via existing secrets Update Readme Fixes: #169 Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de> Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/170 Reviewed-by: techknowlogick <techknowlogick@gitea.io> Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: luhahn <luhahn@noreply.gitea.io> Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2021-06-10 19:13:33 +08:00
parent 6e841e6e26
commit c49dc047a4
5 changed files with 93 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -262,6 +262,25 @@ You cannot use `admin` as username.
      email: "gi@tea.com"
 ```

+You can also use an existing Secret to configure the admin user:
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gitea-admin-secret
+type: Opaque
+stringData:
+  username: MyAwesomeGiteaAdmin
+  password: AReallyAwesomeGiteaPassword
+```
+
+```yaml
+gitea:
+    admin:
+      existingSecret: gitea-admin-secret
+```
+
 ### LDAP Settings

 Like the admin user the LDAP settings can be updated, but also disabled or deleted.
@ -306,6 +325,26 @@ kebab-case:
      bind-password: JustAnotherBindPw
      username-attribute: CN
 ```
+
+You can also use an existing secret to set the bindDn and bindPassword:
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gitea-ldap-secret
+type: Opaque
+stringData:
+  bindDn: CN=ldap read,OU=Spezial,DC=example,DC=com
+  bindPassword: JustAnotherBindPw
+```
+
+```yaml
+gitea:
+    ldap:
+      existingSecret: gitea-ldap-secret
+```
+
 ### OAuth2 Settings

 Like the admin user the OAuth2 settings can be updated but also disabled or deleted.