sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-06 07:21:36 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(helmfile): Prefix NATS passwords as workaround for upstream issue and add documentation to gettings-started.md [#185, #202]

Browse Source
This commit is contained in:
Axel Lender
2025-05-20 09:35:45 +02:00
committed by Thorsten Roßner
parent 3df9342b31
commit 7f478bffd6
2 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docs/getting-started.md
View File

@@ -381,6 +381,18 @@ To prevent others from using your openDesk instance, you must set your individua
export MASTER_PASSWORD="your_individual_master_password"
```
> **Note**<br>
> Currently a [documented](https://docs.software-univention.de/nubus-kubernetes-operation/1.x/en/configuration/nats.html#configure-the-secrets) upstream [bug](https://forge.univention.org/bugzilla/show_bug.cgi?id=58357) causes a failure when passwords/secrets beginning with certain numbers are using for the Nubus subcomponent NATS.
> With openDesk 1.6.0 an update-aware workaround was implemented that prefixes the affected secrets in the openDesk included `secrets.yaml.gotmpl` that derives all secrets from the previously mentioned `MASTER_PASSWORD`.
> When you are using externally provided passwords/secrets you best ensure that non of the ones listed below are starting with a number:
>
> - `secrets.nubus.provisioning.api.natsPassword`
> - `secrets.nubus.provisioning.dispatcherNatsPassword`
> - `secrets.nubus.provisioning.prefillNatsPassword`
> - `secrets.nubus.provisioning.udmListenerNatsPassword`
> - `secrets.nubus.provisioning.udmTransformerNatsPassword`
> - `secrets.nats.natsAdminPassword`
## Install
After setting your environment-specific values in `dev` environment, you can start deployment by: