Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dex Cannot Access Headlamp via Public URL #2625

Open
yildizozan opened this issue Dec 2, 2024 · 1 comment
Open

Dex Cannot Access Headlamp via Public URL #2625

yildizozan opened this issue Dec 2, 2024 · 1 comment
Labels
bug Something isn't working dex Dex the Federated OpenID Connect Provider helm Related to helm and app-catalog

Comments

@yildizozan
Copy link

yildizozan commented Dec 2, 2024
edited
Loading

Describe the bug

I installed Headlamp and Dex using Helm in a Kubernetes environment. My goal is to integrate LDAP and enable LDAP login similar to ArgoCD. While Headlamp accesses Dex through the address headlamp.dashboard.svc.cluster.local, Dex cannot respond back to this address, so the process cannot be completed. How can I make Headlamp access Dex through a public URL (https://dashboard.company.com) ?

Note: This cannot be resolved with Dex redirectURIs.

To Reproduce

Headlamp Helm Values

config:
  oidc:
    clientID: headlamp
    clientSecret: 86cf07f5-a3f4-4401-9ad1-7e7dc9cbdae6
    issuerURL: https://dex.company.com
    scopes: "email"

ingress:
  enabled: true
  ingressClassName: nginx
  hosts:
    - host: dashboard.company.com
      paths:
      - path: /
        type: Prefix

Dex Helm Values

config:
  issuer: https://dex.company.com
  storage:
    type: kubernetes
    config:
      inCluster: true
  logger:
    level: debug
  staticClients:
    - id: headlamp
      name: 'Headlamp'
      redirectURIs:
        - https://dashboard.company.com/oidc-callback
      secret: t0pS3cr3t
  connectors:
  - id: ldap
    name: Company
    type: ldap
    config:
      bindDN: [email protected]
      bindPW: "XXXXX"
      groupSearch:
        baseDN: OU=XXXX,DC=company,DC=com
        filter: ""
        nameAttr: name
        userMatchers:
        - groupAttr: member
          userAttr: dn
      host: 10.0.0.1:389
      insecureNoSSL: true
      insecureSkipVerify: true
      userSearch:
        baseDN: OU=XXXX,DC=company,DC=com
        emailAttr: mail
        filter: ""
        idAttr: employeeNumber
        nameAttr: name
        preferredUsernameAttr: sAMAccountName
        username: sAMAccountName
      usernamePrompt: Username

If I enter my username password Dex not access headlamp.dashboard.svc.cluster.local

Environment (please provide info about your environment):

  • Installation type: Container-Image/In-Cluster/Helm
  • Kubernetes Version: v1.27.6
  • Headlamp Helm Chart 0.26.0
  • Dex Helm Chart 0.19.1

Are you able to fix this issue?

Maybe

Do you want to help fix this issue? Please see our contribution docs. For any non-trivial contributions, we advise you to join our our slack channel to discuss the implementation with Headlamp's core developers.

Additional Context

Result
Screenshot from 2024-11-30 00-22-12

If I add headlamp.dashboard.svc.cluster.local redirectURIs to dex config, here is result
Screenshot from 2024-11-29 23-43-58
@yildizozan yildizozan added the bug Something isn't working label Dec 2, 2024
@yildizozan yildizozan changed the title Headlamp Cannot Access Dex via Public URL Dex Cannot Access Headlamp via Public URL Dec 2, 2024
@dosubot dosubot bot added dex Dex the Federated OpenID Connect Provider helm Related to helm and app-catalog labels Dec 2, 2024
@joaquimrocha
Copy link
Collaborator

cc/ @yolossn / @ashu8912

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working dex Dex the Federated OpenID Connect Provider helm Related to helm and app-catalog
Projects
Release Plan / Roadmap
Status: Queued
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joaquimrocha @yildizozan