added argocd config

stages/delivery/.envs/.argocd-oidc-secret.template

@@ -0,0 +1 @@
+{{ pw "46289080-39de-4e5e-bae5-6be41b08e25b" }}

stages/delivery/values/argocd.values.yaml

@@ -1,9 +1,32 @@
 global:
   domain: argo.kropcloud.net
 
+secret:
+  extra:
+    dex.kropcloud-idp.clientSecret: {{ readFile ../.envs}}
+
 configs:
   params:
     server.insecure: true
+  cm:
+    dex.config: |
+      connectors:
+      - id: authentik
+        type: oidc
+        name: KropCloud IDP
+        config:
+          issuer: https://idp.kropcloud.net/application/o/argocd/
+          clientID: R6KnCiwgsevzTkWhB9dopV80sHxL8kS4QjVlMmqI
+          clientSecret: $oidc.kropcloud-idp.clientSecret
+        insecureEnableGroups: true
+        scopes:
+          - openid
+          - profile
+          - email
+          - groups
+  rbac:
+    policy.csv: |
+      g, ArgoCD Admins, role:admin
 
 redis-ha:
   enabled: true
@@ -18,9 +41,9 @@ server:
     ingressClassName: nginx
     annotations:
         nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
-        nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+        nginx.ingress.kubernetes.io/ssl-passthrough: "true"
         cert-manager.io/cluster-issuer: cloudflare-issuer
-    extraTls:
+    tls:
       - hosts:
           - argo.kropcloud.net
         secretName: argocd-tls