#添加dex的helm仓库 root@i-tsfhx8p6:~/qke-k8s/dex# helm repo add dex https://charts.dexidp.io "dex" has been added to your repositories #下载dex的chart 文件到本地 root@i-tsfhx8p6:~/qke-k8s/dex# helm pull dex/dex root@i-tsfhx8p6:~/qke-k8s/dex# ls dex-0.5.0.tgz root@i-tsfhx8p6:~/qke-k8s/dex# tar xf dex-0.5.0.tgz root@i-tsfhx8p6:~/qke-k8s/dex# ls dex dex-0.5.0.tgz root@i-tsfhx8p6:~/qke-k8s/dex# ls dex Chart.yaml LICENSE README.md ci templates values.yaml
https: # -- Enable the HTTPS endpoint. enabled:false
grpc: # -- Enable the gRPC endpoint. # Read more in the [documentation](https://dexidp.io/docs/api/). enabled:false
configSecret: # -- Enable creating a secret from the values passed to `config`. # If set to false, name must point to an existing secret. create:true
# -- The name of the secret to mount as configuration in the pod. # If not set and create is true, a name is generated using the fullname template. # Must point to secret that contains at least a `config.yaml` key. name:""
apiVersion:installer.kubesphere.io/v1alpha1 kind:ClusterConfiguration metadata: name:ks-installer namespace:kubesphere-system labels: version:v3.1.1 spec: persistence: storageClass:"longhorn"# If there is no default StorageClass in your cluster, you need to specify an existing StorageClass here. authentication: jwtSecret:"" authenticateRateLimiterMaxTries:10 authenticateRateLimiterDuration:10m0s oauthOptions: accessTokenMaxAge:1h accessTokenInactivityTimeout:30m identityProviders: -name:dex type:OIDCIdentityProvider mappingMethod:auto provider: clientID:'dex-k8s-authenticator' clientSecret:'generatedLongRandomPhrase' issuer:https://dex-qke.lishuai.fun redirectURL:http://kubesphere.lishuai.fun/oauth/redirect/dex scopes: -openid -email ......