Skip to content

camaeel/proxmox-oidc-credential-helper

BranchesTags

Repository files navigation

proxmox-oidc-credential-helper

This small utility allows to obtain credentials from Proxmox's UI using OIDC and exports them to the shell as env variables.

Instalation

MacOS / Linux

architecture=`uname -m`
if [[ $architecture == "x86_64" ]]; then 
  architecture=amd64; 
elif [[ $architecture == "aarch64" ]]; then 
  architecture=arm64;
fi
LATEST_VERSION=` curl -s https://api.github.com/repos/camaeel/proxmox-oidc-credential-helper/releases/latest | jq -r '.tag_name'`

wget "https://github.com/camaeel/proxmox-oidc-credential-helper/releases/download/${LATEST_VERSION}/proxmox-oidc-credential-helper_`uname -o`_${architecture}.tar.gz" -O proxmox-oidc-credential-helper.tar.gz
tar -xzvf proxmox-oidc-credential-helper.tar.gz

Windows

Download binary from releases page & unzip

Prerequisites

  1. Should be able to properly login to proxmox UI with OIDC provider
  2. OIDC provider should have additional allowed callback set to: http://localhost:8996/oidc/callback (default can be changed with configuration flags).

Usage:

Download binary and put somewhere in $PATH.

Shell

Run proxmox-oidc-credential-helper -proxmox-url https://proxmox.example.com:8006 -realm OIDC-REALM-NAME. By default this application will output export commands to be executed to set credentials in the shell. Alternatively run:

eval $(proxmox-oidc-credential-helper -proxmox-url https://proxmox.example.com:8006 -realm OIDC-REALM-NAME)

Terragrunt

For automated use with Terragrunt and bpg/proxmox terraform provider add following code:

terragrunt {
  extra_arguments "proxmox_oidc_helper" {
    commands = [
      "apply",
      "refresh",
      "import",
      "plan",
      "taint",
      "untaint",
      "destroy",
      "state",
      "output",
      "console",
    ]
    env_vars = {
      PROXMOX_VE_AUTH_TICKET = jsondecode(local.proxmox_creds)["data"]["ticket"]
      PROXMOX_VE_CSRF_PREVENTION_TOKEN = jsondecode(local.proxmox_creds)["data"]["CSRFPreventionToken"]
    }
  }
}

locals {
  proxmox_creds = run_cmd("--terragrunt-quiet", "proxmox-oidc-credential-helper","-proxmox-url=https://proxmox.example.com:8006","-realm=REALM_NAME", "-output=json")
}

Proxmoxer

Proxmoxer can utilize proxmox-oidc-credential-helper to obtain credentials from OIDC using web browser. Example script can be found in this repo in this example

For additional configuration options please check proxmox-oidc-credential-helper -h

Compatibility

This application should work well on all OSes, but due to limited resources it is only tested on MacOS.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v0.4.0 Latest
Oct 21, 2024
+ 4 releases

Packages

No packages published

Languages