vehagn
diff --git a/‎k8s/infra/auth/authelia/values.yaml‎
Lines changed: 4 additions & 5 deletions b/‎k8s/infra/auth/authelia/values.yaml‎
Lines changed: 4 additions & 5 deletions
diff --git a/‎k8s/infra/network/dns/unbound/config/a-records.conf‎
Lines changed: 5 additions & 0 deletions b/‎k8s/infra/network/dns/unbound/config/a-records.conf‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎k8s/infra/network/dns/unbound/config/forward-records.conf‎
Lines changed: 54 additions & 0 deletions b/‎k8s/infra/network/dns/unbound/config/forward-records.conf‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎k8s/infra/network/dns/unbound/config/srv-records.conf‎
Lines changed: 2 additions & 0 deletions b/‎k8s/infra/network/dns/unbound/config/srv-records.conf‎
Lines changed: 2 additions & 0 deletions
@@ -57,11 +57,6 @@ configMap:
       implementation: lldap
       address: ldaps://lldap.stonegarden.dev
       base_dn: DC=stonegarden,DC=dev
-      #additional_users_dn: ""
-      #additional_users_dn: OU=people
-      #additional_groups_dn: OU=groups
-      #users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
-      #groups_filter: (member={DN})
       user: UID=authelia,OU=people,DC=stonegarden,DC=dev
       password: { secret_name: lldap-auth }
       attributes:
@@ -112,6 +107,7 @@ configMap:
             - https://argocd.stonegarden.dev/auth/callback
             - https://argocd.stonegarden.dev/applications
           scopes: [ openid, email, profile, offline_access, groups ]
+          grant_types: [ authorization_code, refresh_token ]
           userinfo_signed_response_alg: none
           id_token_signed_response_alg: ES256
           access_token_signed_response_alg: ES256
@@ -142,6 +138,7 @@ configMap:
             - https://abs.stonegarden.dev/audiobookshelf/auth/openid/mobile-redirect
             - audiobookshelf://oauth
           scopes: [ openid, email, profile, offline_access, audiobookshelf ]
+          grant_types: [ authorization_code, refresh_token ]
           id_token_signed_response_alg: ES256
           access_token_signed_response_alg: ES256
 
@@ -154,6 +151,7 @@ configMap:
           require_pkce: true
           redirect_uris: [ http://localhost:8000, http://localhost:18000 ]
           scopes: [ openid, email, profile, offline_access, groups ]
+          grant_types: [ authorization_code, refresh_token ]
           revocation_endpoint_auth_method: none
           introspection_endpoint_auth_method: none
           pushed_authorization_request_endpoint_auth_method: none
@@ -173,6 +171,7 @@ configMap:
             - https://netbird.stonegarden.dev/callback
             - https://netbird.stonegarden.dev/silent-callback
           scopes: [ openid, profile, email, offline_access ]
+          grant_types: [ authorization_code, refresh_token ]
           token_endpoint_auth_method: client_secret_post
 
 secret:
 
@@ -0,0 +1,5 @@
+# A Record
+     #local-data: "somecomputer.local. A 192.168.1.1"
+
+# PTR Record
+     #local-data-ptr: "192.168.1.1 somecomputer.local."
@@ -0,0 +1,54 @@
+forward-zone:
+    # Forward all queries (except those in cache and local zone) to
+    # upstream recursive servers
+    name: "."
+    # Queries to this forward zone use TLS
+    forward-tls-upstream: yes
+
+    # https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers
+
+    ## Cloudflare
+    forward-addr: 1.1.1.1@853#cloudflare-dns.com
+    forward-addr: 1.0.0.1@853#cloudflare-dns.com
+    #forward-addr: 2606:4700:4700::1111@853#cloudflare-dns.com
+    #forward-addr: 2606:4700:4700::1001@853#cloudflare-dns.com
+
+    ## Cloudflare Malware
+    # forward-addr: 1.1.1.2@853#security.cloudflare-dns.com
+    # forward-addr: 1.0.0.2@853#security.cloudflare-dns.com
+    # forward-addr: 2606:4700:4700::1112@853#security.cloudflare-dns.com
+    # forward-addr: 2606:4700:4700::1002@853#security.cloudflare-dns.com
+
+    ## Cloudflare Malware and Adult Content
+    # forward-addr: 1.1.1.3@853#family.cloudflare-dns.com
+    # forward-addr: 1.0.0.3@853#family.cloudflare-dns.com
+    # forward-addr: 2606:4700:4700::1113@853#family.cloudflare-dns.com
+    # forward-addr: 2606:4700:4700::1003@853#family.cloudflare-dns.com
+
+    ## CleanBrowsing Security Filter
+    # forward-addr: 185.228.168.9@853#security-filter-dns.cleanbrowsing.org
+    # forward-addr: 185.228.169.9@853#security-filter-dns.cleanbrowsing.org
+    # forward-addr: 2a0d:2a00:1::2@853#security-filter-dns.cleanbrowsing.org
+    # forward-addr: 2a0d:2a00:2::2@853#security-filter-dns.cleanbrowsing.org
+
+    ## CleanBrowsing Adult Filter
+    # forward-addr: 185.228.168.10@853#adult-filter-dns.cleanbrowsing.org
+    # forward-addr: 185.228.169.11@853#adult-filter-dns.cleanbrowsing.org
+    # forward-addr: 2a0d:2a00:1::1@853#adult-filter-dns.cleanbrowsing.org
+    # forward-addr: 2a0d:2a00:2::1@853#adult-filter-dns.cleanbrowsing.org
+
+    ## CleanBrowsing Family Filter
+    # forward-addr: 185.228.168.168@853#family-filter-dns.cleanbrowsing.org
+    # forward-addr: 185.228.169.168@853#family-filter-dns.cleanbrowsing.org
+    # forward-addr: 2a0d:2a00:1::@853#family-filter-dns.cleanbrowsing.org
+    # forward-addr: 2a0d:2a00:2::@853#family-filter-dns.cleanbrowsing.org
+
+    ## Quad9
+    # forward-addr: 9.9.9.9@853#dns.quad9.net
+    # forward-addr: 149.112.112.112@853#dns.quad9.net
+    # forward-addr: 2620:fe::fe@853#dns.quad9.net
+    # forward-addr: 2620:fe::9@853#dns.quad9.net
+
+    ## getdnsapi.net
+    # forward-addr: 185.49.141.37@853#getdnsapi.net
+    # forward-addr: 2a04:b900:0:100::37@853#getdnsapi.net
@@ -0,0 +1,2 @@
+# SRV records
+# _service._proto.name. | TTL | class | SRV | priority | weight | port | target.
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# SRV records`
	`2`	`+# _service._proto.name. \| TTL \| class \| SRV \| priority \| weight \| port \| target.`