Configure status page

A minimal configuration of the status page deployment.

API server

Configure the allowed origins via api/api.env to include the domain from the web frontend. CORS origins need to include the protocol, too. Example: https://frontend.<your-domain>.

Database

Set a password for the database at database/db-secrets.env and configure the connection string in api/api-secrets.env

Dex

Dex needs a GitHub Applications Client Secret in dex/dex-secrets.env, please refer to dex/dex-secrets-example.env.

Set the issuer and redirectURI at dex/config.yaml to your domain. Keep in mind, that dex needs it's own domain or subdomain.

Other Dex related configuration is located in dex/dex.env, web/web-secrets.env and web/web.env to fill the configuration template dex/config.yaml.

Oathkeeper

Set your domain in oathkeeper/config.yaml at authenticators.jwt.config.jwks_urls and authenticators.jwt.config.trusted_issuers to point towards Dex.

Web frontend

In web/web.env configure the OIDC authentication callback and the API url. The API URL must be pointing to the external domain, not the K8s service name.

Ingress

In ingress.yaml set your domains for Dex, Oathkeeper and the web frontend respectively. Oathkeeper acts as the auth proxy for the API server. Exposing the API server directly, opens up the possibility of unsupervised write actions.

Issuer

Set the e-mail address in issuer.yaml to your desired e-mail address.

API server​

Database​

Dex​

Oathkeeper​

Web frontend​

Ingress​

Issuer​