update readme
This commit is contained in:
@@ -18,7 +18,7 @@ Jump to docs: [inventory-app](hackerspace/README.md) / [cameras](camtiler/README
|
|||||||
- [Slack bots](SLACK.md) and Kubernetes [CLUSTER.md](CLUSTER.md) itself.
|
- [Slack bots](SLACK.md) and Kubernetes [CLUSTER.md](CLUSTER.md) itself.
|
||||||
|
|
||||||
[^nonginx]: No nginx annotations! Use `kind: Ingress` instead. `IngressRoute` is not used as it doesn't support [`external-dns`](bind/README.md) out of the box.
|
[^nonginx]: No nginx annotations! Use `kind: Ingress` instead. `IngressRoute` is not used as it doesn't support [`external-dns`](bind/README.md) out of the box.
|
||||||
[^authz]: Applications should prefer `Remote-User` (`kind: OIDCGWMiddlewareClient`), which gates app exposure to the public internet. Where not applicable or possible, use OpenID Connect (`kind: OIDCClient`) for authentication.
|
[^authz]: Applications should use OpenID Connect (`kind: OIDCClient`) for authentication, whereever possible. If not possible, use `kind: OIDCMiddlewareClient` client, which will provide authentication via a Traefik middleware (`traefik.ingress.kubernetes.io/router.middlewares: passmower-proxmox@kubernetescrd`). Sometimes you might use both for extra security.
|
||||||
|
|
||||||
### Databases / -stores:
|
### Databases / -stores:
|
||||||
- KeyDB: `kind: KeydbClaim` (replaces Redis[^redisdead])
|
- KeyDB: `kind: KeydbClaim` (replaces Redis[^redisdead])
|
||||||
|
|||||||
Reference in New Issue
Block a user