fix(netbird): change oidc clientId

2025-11-02 19:08:03 +00:00 · 2025-01-08 20:31:07 +01:00
parent 0195f99252
commit fee02d4b16
4 changed files with 11 additions and 12 deletions
--- a/k8s/infra/vpn/netbird/dashboard/kustomization.yaml
+++ b/k8s/infra/vpn/netbird/dashboard/kustomization.yaml
@@ -6,11 +6,11 @@ configMapGenerator:
    namespace: netbird
    literals:
      # variables: https://github.com/netbirdio/dashboard/blob/main/config.json
-      - AUTH_AUDIENCE="netbird-dashboard"
+      - AUTH_AUDIENCE="netbird"
      - AUTH_AUTHORITY="https://keycloak.stonegarden.dev/realms/homelab"
      - AUTH_CLIENT_ID="netbird"
      - AUTH_REDIRECT_URI="/callback"
      - AUTH_SILENT_REDIRECT_URI="/silent-callback"
      - AUTH_CLIENT_ID="netbird-dashboard"
      - AUTH_SUPPORTED_SCOPES="openid profile email offline_access netbird-api"
      - USE_AUTH0="false"
      - NETBIRD_MGMT_API_ENDPOINT="https://netbird.stonegarden.dev"
--- a/k8s/infra/vpn/netbird/dashboard/x-oidc-client.yaml
+++ b/k8s/infra/vpn/netbird/dashboard/x-oidc-client.yaml
@@ -1,12 +1,12 @@
 apiVersion: oidc.homelab.olav.ninja/v1alpha1
 kind: XOidcClient
 metadata:
-  name: netbird-dashboard
+  name: netbird
 spec:
  realm: homelab
-  clientId: netbird-dashboard
+  clientId: netbird
-  displayName: Netbird Dashboard
+  displayName: Netbird
-  description: Netbird Dashboard Client
+  description: Netbird OIDC client
  type: PUBLIC
  defaultScopes:
    - acr
--- a/k8s/infra/vpn/netbird/management/config/management.json.tmpl
+++ b/k8s/infra/vpn/netbird/management/config/management.json.tmpl
@@ -66,7 +66,7 @@
  },
  "PKCEAuthorizationFlow": {
    "ProviderConfig": {
-      "Audience": "${NETBIRD_AUTH_PKCE_AUDIENCE}",
+      "Audience": "${NETBIRD_AUTH_AUDIENCE}",
      "ClientID": "${NETBIRD_AUTH_CLIENT_ID}",
      "ClientSecret": "${NETBIRD_AUTH_CLIENT_SECRET}",
      "Domain": "",
--- a/k8s/infra/vpn/netbird/management/kustomization.yaml
+++ b/k8s/infra/vpn/netbird/management/kustomization.yaml
@@ -12,16 +12,15 @@ configMapGenerator:
    literals:
      - NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT="https://keycloak.stonegarden.dev/realms/homelab/.well-known/openid-configuration"
      - NETBIRD_AUTH_DEVICE_AUTH_PROVIDER="hosted"
-      - NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE="netbird-dashboard"
+      - NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE="netbird"
      - NETBIRD_AUTH_DEVICE_AUTH_AUTHORITY="https://keycloak.stonegarden.dev/realms/homelab"
-      - NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID="netbird-dashboard"
+      - NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID="netbird"
      - NETBIRD_AUTH_DEVICE_AUTH_DEVICE_AUTHORIZATION_ENDPOINT="https://keycloak.stonegarden.dev/realms/homelab/protocol/openid-connect/auth"
      - NETBIRD_AUTH_DEVICE_AUTH_TOKEN_ENDPOINT="https://keycloak.stonegarden.dev/realms/homelab/protocol/openid-connect/token"
      - NETBIRD_AUTH_DEVICE_AUTH_SCOPE="openid"
      - NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN="false"
-      - NETBIRD_AUTH_AUDIENCE="netbird-dashboard"
+      - NETBIRD_AUTH_AUDIENCE="netbird"
-      - NETBIRD_AUTH_PKCE_AUDIENCE="netbird-dashboard"
+      - NETBIRD_AUTH_CLIENT_ID="netbird"
      - NETBIRD_AUTH_CLIENT_ID="netbird-dashboard"
      - NETBIRD_AUTH_PKCE_REDIRECT_URLS='[ "http://localhost:53000" ]'
      - NETBIRD_AUTH_SUPPORTED_SCOPES="openid profile email offline_access netbird-api"
  - name: management-connection-config