Skip to content

Commit

Permalink
Merge pull request #26 from loft-sh/update-docs
Browse files Browse the repository at this point in the history 
docs for upcoming release
  • Loading branch information
Lukas Gentele authored Jul 22, 2020
2 parents 46e6542 + 5d5878d commit 2b5c760
Show file tree
Hide file tree
Showing 42 changed files with 1,503 additions and 96 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/docs.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ jobs:
yarn
node ./node_modules/mdx-link-checker/index.js pages
yarn build
mv public/* $OUT_DIR/
working-directory: ./docs
- name: Prepare Deployment
run: |
Expand Down
26 changes: 14 additions & 12 deletions docs/pages/auth/oidc.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,9 @@ OpenID Connect allows users to authenticate using a third-party provider which i

OpenID Connect authentication is a paid feature of loft, so please make sure this feature is enabled in your loft instance.

## Optional: Setup Dex for Single Sign On
## Setup Dex for Single Sign-On

If you do not already have an OIDC provider, such as dex, Okta or KeyCloak, this section will show you how to deploy dex to let your users authenticate through external OAuth providers, such as Github, Google or Microsoft.
Please make sure you have access to a Kubernetes cluster and `kubectl` and `helm` installed and configured.

Depending on your preferred OAuth provider, you'll have to create a different dex-values.yaml locally:

<Tabs
groupId="oidc-connectors"
Expand All @@ -37,7 +34,7 @@ Depending on your preferred OAuth provider, you'll have to create a different de
}>
<TabItem value="github">

For an extensive github dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/github.md).
For an extensive GitHub dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/github.md).

In order to configure Github for dex, you'll have to create a new Github Application for dex and copy the client id and secret to a file called `dex-values.yaml`:
```yaml
Expand Down Expand Up @@ -76,7 +73,7 @@ config:
</TabItem>
<TabItem value="gitlab">
For an extensive gitlab dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/gitlab.md).
For an extensive GitLab dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/gitlab.md).
In order to configure Gitlab for dex, you'll have to create a new Gitlab Application for dex and copy the client id and secret to a file called `dex-values.yaml`:
```yaml
Expand Down Expand Up @@ -124,7 +121,7 @@ config:
</TabItem>
<TabItem value="google">
For an extensive google dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/google.md).
For an extensive Google dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/google.md).
In order to configure Google for dex, you'll have create a file called `dex-values.yaml` with a google connector specified:
```yaml
Expand Down Expand Up @@ -186,7 +183,7 @@ config:
</TabItem>
<TabItem value="microsoft">

For an extensive microsoft dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/microsoft.md).
For an extensive Microsoft dex configuration take a look at the official [dex documentation](https://github.com/dexidp/dex/blob/master/Documentation/connectors/microsoft.md).

In order to configure Microsoft for dex, you'll have create a file called `dex-values.yaml` with a microsoft connector specified:
```yaml
Expand Down Expand Up @@ -243,7 +240,7 @@ For more details, click on the respective provider and [click here for a full li
</TabItem>
</Tabs>

After you have configured the correct dex values for your OAuth provider, you can install dex via helm:
After creating the `dex-values.yaml` for your OAuth provider (see above), you can now install dex via helm:
```
helm install dex dex --repo https://kubernetes-charts.storage.googleapis.com \
--create-namespace \
Expand Down Expand Up @@ -281,15 +278,18 @@ data:
type: "github" # Optional: if specified, changes the button appearance in the loft UI login page (default: '')
```

loft reloads this configuration periodically and you should be able to login via your preferred OIDC provider after some minutes.
loft reloads this configuration periodically and you should be able to login via your preferred OIDC provider after a couple of minutes.

For each new user that logs into loft that has not yet logged into loft, loft will create a new user object.
You can automatically assign users based on their ID Token groups to teams, by configuring the Kubernetes Groups in a loft team.

You can automatically assign users based on their ID Token groups to teams ([see below](#mirror-team-memberships)), by configuring the Kubernetes Groups in a loft team.


## Mirror Team Memberships

<DynamicMembershipFragment/>


## Disable Password Auth
To disable password authentication, upgrade your loft instance using helm:
```bash
Expand All @@ -298,9 +298,11 @@ helm upgrade -n loft loft loft --repo https://charts.devspace.sh \
--set config.auth.disablePassword=true
```


## loft as OIDC Provider
Loft can also act as an OIDC provider for other services, e.g. a self-hosted container registry using [Harbor](https://goharbor.io/docs/2.0.0/administration/configure-authentication/oidc-auth/).
To configure loft to act as an OIDC provider you'll have to edit the `loft-config` configmap in the `loft` namespace (or the namespace you have installed loft to):

To configure loft to act as an OIDC provider you will have to edit the configmap `loft-config` in the namespace you installed loft into:

```bash
kubectl edit configmap loft-config -n loft
Expand Down
30 changes: 30 additions & 0 deletions docs/pages/commands/loft.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
---
title: "Command - loft"
sidebar_label: loft
---

## loft

Welcome to Loft!

### Synopsis

Loft root command

### Options

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
-h, --help help for loft
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

```
```


## Flags
## Global & Inherited Flags
34 changes: 34 additions & 0 deletions docs/pages/commands/loft_connect.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
---
title: "Command - loft connect"
sidebar_label: loft connect
---


Connects to loft resources

## Synopsis


```
#######################################################
#################### loft connect #####################
#######################################################
```


## Flags

```
-h, --help help for connect
```


## Global & Inherited Flags

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

50 changes: 50 additions & 0 deletions docs/pages/commands/loft_connect_vcluster.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
---
title: "Command - loft connect vcluster"
sidebar_label: loft connect vcluster
---


Connects to a virtual cluster in the given parent cluster

## Synopsis


```
loft connect vcluster [flags]
```

```
#######################################################
############### loft connect vcluster #################
#######################################################
This command connects to a virtual cluster directly via
port-forwarding and writes a kube config to the specified
location.
Example:
loft connect vcluster test
loft connect vcluster test --namespace test
#######################################################
```


## Flags

```
-h, --help help for vcluster
--local-port int The local port to forward the virtual cluster to (default 8443)
-n, --namespace string The namespace to use (default "default")
--out-kube-config string The path to write the resulting kube config to (default "kubeconfig.yaml")
--print When enabled prints the context to stdout
```


## Global & Inherited Flags

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

34 changes: 34 additions & 0 deletions docs/pages/commands/loft_create.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
---
title: "Command - loft create"
sidebar_label: loft create
---


Creates loft resources

## Synopsis


```
#######################################################
##################### loft create #####################
#######################################################
```


## Flags

```
-h, --help help for create
```


## Global & Inherited Flags

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

50 changes: 50 additions & 0 deletions docs/pages/commands/loft_create_space.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
---
title: "Command - loft create space"
sidebar_label: loft create space
---


Creates a new space in the given cluster

## Synopsis


```
loft create space [flags]
```

```
#######################################################
################## loft create space ##################
#######################################################
Creates a new kube context for the given cluster, if
it does not yet exist.
Example:
loft create space myspace
loft create space myspace --cluster mycluster
loft create space myspace --cluster mycluster --account myaccount
#######################################################
```


## Flags

```
--account string The cluster account to use
--cluster string The cluster to use
--create-context If loft should create a kube context for the space (default true)
-h, --help help for space
--switch-context If loft should switch the current context to the new context (default true)
```


## Global & Inherited Flags

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

52 changes: 52 additions & 0 deletions docs/pages/commands/loft_create_vcluster.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
---
title: "Command - loft create vcluster"
sidebar_label: loft create vcluster
---


Creates a new virtual cluster in the given parent cluster

## Synopsis


```
loft create vcluster [flags]
```

```
#######################################################
################ loft create vcluster #################
#######################################################
Creates a new virtual cluster in a given space and
cluster. If no space or cluster is specified the user
will be asked.
Example:
loft create vcluster test
loft create vcluster test --cluster mycluster
loft create vcluster test --cluster mycluster --space myspace
#######################################################
```


## Flags

```
--account string The cluster account to create the space with if it doesn't exist
--cluster string The cluster to create the virtual cluster in
--create-context If loft should create a kube context for the space (default true)
-h, --help help for vcluster
--space string The space to create the virtual cluster in
--switch-context If loft should switch the current context to the new context (default true)
```


## Global & Inherited Flags

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

34 changes: 34 additions & 0 deletions docs/pages/commands/loft_delete.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
---
title: "Command - loft delete"
sidebar_label: loft delete
---


Deletes loft resources

## Synopsis


```
#######################################################
##################### loft delete #####################
#######################################################
```


## Flags

```
-h, --help help for delete
```


## Global & Inherited Flags

```
--config string The loft config to use (will be created if it does not exist) (default "C:\\Users\\gente\\.loft\\config.json")
--debug Prints the stack trace if an error occurs
--log-flush-frequency duration Maximum number of seconds between log flushes (default 5s)
--silent Run in silent mode and prevents any devspace log output except panics & fatals
```

Loading

0 comments on commit 2b5c760

Please sign in to comment.