add oidc to flux dashboard

flux/olympus/apps/flux-system/external-secret.yaml

@@ -0,0 +1,15 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: weave-gitops
+  namespace: flux-system
+spec:
+  refreshInterval: "5m"
+  secretStoreRef:
+    name: vault
+    kind: ClusterSecretStore
+  target:
+    name: oidc-auth
+  dataFrom:
+    - extract:
+        key: flux-system/weave-gitops

flux/olympus/apps/flux-system/kustomization.yaml

@@ -1,4 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
+  - external-secret.yaml
   - weave-gitops-dashboard.yaml

flux/olympus/apps/flux-system/weave-gitops-dashboard.yaml

@@ -34,6 +34,13 @@ spec:
         name: ww-gitops
   interval: 1h0m0s
   values:
+    ingress:
+      enabled: true
+      hosts:
+      - host: flux.0x76.dev
+        paths:
+          - path: /
+            pathType: ImplementationSpecific
     adminUser:
       create: true
       passwordHash: $2a$10$uIY/YYe.CcRerpVvfk04muX86hLfXRH.K6jATZaVPqp.bnUIu/bsC

nixos/hosts/olympus/default.nix

@@ -52,6 +52,7 @@
     mac = "6E:A5:25:99:FE:68";
     exposes = {
       www.domain = "0x76.dev";
+      flux.domain = "flux.0x76.dev";
       internal.domain = "internal.xirion.net";
       blog.domain = "blog.xirion.net";
     };

nixos/hosts/olympus/dex/configuration.nix

@@ -83,6 +83,12 @@ in {
           redirectURIs = [ "https://md.0x76.dev/auth/oauth2/callback" ];
           secretEnv = "HEDGEDOC_CLIENT_SECRET";
         }
+        {
+          id = "flux";
+          name = "Weave Gitops Flux Dashboard";
+          redirectURIs = [ "https://flux.0x76.dev/oauth2/callback" ];
+          secretEnv = "FLUX_CLIENT_SECRET";
+        }
       ];
     };