apiVersion: v1
kind: Secret
metadata:
  name: dex
  namespace: atlantis
type: Opaque
stringData:
  config.yaml: |
    issuer: https://idp.oceanbox.io/dex
    storage:
      type: postgres
      config:
        host: oboxdb-rw
        port: 5432
        database: dex_db
        user: dex
        password: crafter keenness gilled sprinkled
        ssl:
          mode: disable
    web:
      http: 127.0.0.1:5556
    telemetry:
      http: 127.0.0.1:5558
    grpc:
      addr: 127.0.0.1:5557
    frontend:
      dir: /srv/dex/web
      issuer: oceanbox
      extra:
        client_logo_url: "../theme/client-logo.png"
    # enablePasswordDB: true
    # staticPasswords:
    #   - email: "admin@oceanbox.io"
    #     hash: "$2y$12$2AUaWnDEpHxsfFyRzTwx8e8WtJtnhGJOujPjP3BXVVCJe3c.k2PjC"
    #     username: "admin"
    #     userID: "9a15441c-4d66-4b26-a0f6-4e619535ee8f"
    oauth2:
      responseTypes: [ "code" ]
      skipApprovalScreen: true
      alwaysShowLoginScreen: false
    connectors:
    - type: microsoft
      id: oceanbox
      name: oceanbox.io
      config:
        clientID: 43667ac0-37e1-422f-99fc-50a699bb255c
        clientSecret: p1c8Q~H5LsnhUzVGhHxVzqompiC7949QpIqJrcNB
        tenant: 3f737008-e9a0-4485-9d27-40329d288089
        redirectURI: https://idp.oceanbox.io/dex/callback
        onlySecurityGroups: true
        groups:
          - atlantis
    - type: microsoft
      id: salmar
      name: salmar.no
      config:
        clientID: 3f6f1153-e5da-40eb-a2dd-ede6c7bf6058
        clientSecret: rzC8Q~fc9ex6hBglFPAKCU4KJ1o82AQCQYdb~cI2
        tenant: de10159d-2c09-4762-966c-e841d3391feb
        redirectURI: https://idp.oceanbox.io/dex/callback
        onlySecurityGroups: true
        groups:
          - Azure-Grp-App-Cloud-Oceanbox
    - type: microsoft
      id: aqua-kompetanse
      name: aqua-kompetanse.no
      config:
        clientID: 9fd83910-1a21-4869-8a30-19fc32722ee2
        clientSecret: Uer8Q~8LKuDNQVt1vHaMVXAzKSLssvVduH.2HcNC
        tenant: 6cd538cc-6cba-463f-9d22-1e0eda9695e3
        redirectURI: https://idp.oceanbox.io/dex/callback
        onlySecurityGroups: true
        groups:
          - Oceanbox
    - type: oidc
      id: keycloak
      name: default
      config:
        issuer: https://keycloak.dev.oceanbox.io/realms/Oceanbox
        clientID: dex
        clientSecret: 9c9LAMh7feQRNgHGYaUiASuZBd0JpQC4
        redirectURI: https://idp.oceanbox.io/dex/callback
        promptType: login
    staticClients:
      - id: atlantis
        redirectURIs:
          - 'https://maps.oceanbox.io/signin-oidc'
          - 'https://maps.relic.oceanbox.io/signin-oidc'
        name: 'Atlantis'
        secret: KOJ6bDHzE5vdyfSrzgwLjtM5PzA809Zm
      - id: atlantis_dev
        redirectURIs:
          - 'https://atlantis.dev.oceanbox.io/signin-oidc'
          - 'https://jonas-tilt-atlantis.dev.oceanbox.io/signin-oidc'
          - 'https://stig-tilt-atlantis.dev.oceanbox.io/signin-oidc'
          - 'https://simkir-tilt-atlantis.dev.oceanbox.io/signin-oidc'
          - 'https://atlantis.local.oceanbox.io:8080/signin-oidc'
        name: 'Atlantis dev'
        secret: 3QjfSPmAemjn34XVA2o1fvoS7I4gKvOR
      - id: petimeter
        redirectURIs:
          - 'https://petimeter.svc.oceanbox.io/signin-oidc'
        name: 'Petimeter dev'
        secret: kkrKo3mmmseMnorf9qw3eklefkoOKFNs
      - id: petimeter_dev
        redirectURIs:
          - 'https://petimeter.dev.oceanbox.io/signin-oidc'
          - 'https://jonas-tilt-petimeter.dev.oceanbox.io/signin-oidc'
          - 'https://stig-tilt-petimeter.dev.oceanbox.io/signin-oidc'
          - 'https://simkir-tilt-petimeter.dev.oceanbox.io/signin-oidc'
          - 'https://petimeter.local.oceanbox.io:8080/signin-oidc'
        name: 'Petimeter dev'
        secret: kfngKJF9EKVBnnvgkdmPfs0qw3rmjslk
      - id: sorcerer
        redirectURIs:
          - 'https://sorcerer.ekman.oceanbox.io/signin-oidc'
          - 'https://sorcerer.hpc.oceanbox.io/signin-oidc'
        name: 'Sorcerer'
        secret: sIUXxSQLaTJiLCQ9AqBhmEbAL9lubHGB
      - id: sorcerer_dev
        redirectURIs:
          - 'https://dev.sorcerer.ekman.oceanbox.io/signin-oidc'
          - 'https://sorcerer.ekman.oceanbox.io/signin-oidc'
          - 'https://sorcerer.hpc.oceanbox.io/signin-oidc'
          - 'https://jonas-tilt-sorcerer.ekman.oceanbox.io/signin-oidc'
          - 'https://simkir-tilt-sorcerer.ekman.oceanbox.io/signin-oidc'
          - 'https://s.local.oceanbox.io:11080/signin-oidc'
          - 'https://sorcerer.local.oceanbox.io:11080/signin-oidc'
        name: 'Sorcerer dev'
        secret: cyrgDr1UzhQrJn8nRVqEt9BJ9mLk3OBy
      - id: archmeister
        redirectURIs:
          - 'https://archmeister.svc.oceanbox.io/signin-oidc'
        name: 'Archmeister'
        secret: ieK3yak9zoh3yeewee8quahY6seiv7Ro
      - id: archmeister_dev
        redirectURIs:
          - 'https://archmeister.dev.oceanbox.io/signin-oidc'
          - 'https://jonas-archmeister.dev.oceanbox.io/signin-oidc'
          - 'https://simkir-archmeister.dev.oceanbox.io/signin-oidc'
          - 'https://r.local.oceanbox.io:11080/signin-oidc'
          - 'https://archmeister.local.oceanbox.io:9080/signin-oidc'
        name: 'Archmeister dev'
        secret: Dae1eekeedeuKaoCiesh1Jei6aishe8I