#5593 Update configuration pages for OpenShift

docs/self-hosted-appcircle/install-server/helm-chart/configuration/advanced-configuration.md

@@ -1,13 +1,15 @@
 ---
 title: Helm Advanced Configuration
 description: Learn how to fully configure the Appcircle server Helm chart
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openhift]
 sidebar_position: 110
 sidebar_label: Advanced Configuration
 ---
 
 import NeedHelp from '@site/docs/\_need-help.mdx';
 import ApplyHelmConfigurationChanges from '@site/docs/self-hosted-appcircle/install-server/helm-chart/configuration/\_apply-helm-configuration-changes.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
 
 For advanced configuration options, open the `values.yaml` file with your preferred text editor and modify the settings as needed.
 
@@ -46,12 +48,27 @@ After updating the `values.yaml` file, create a TLS secret for the custom domain
 - The private key (`key`) **should not be password-protected**.
   :::
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl create secret tls k8s-dist-spacetech-com-tls \
 --cert=fullchain.crt \
 --key=private.key
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc create secret tls k8s-dist-spacetech-com-tls \
+--cert=fullchain.crt \
+--key=private.key
+```
+
+  </TabItem>
+</Tabs>
+
 ## Increase the Replica Counts
 
 With the default Helm values, the Appcircle server services being deployed with one replica. If you want to increase this number for high availability, you can do so by updating your `values.yaml` file:

docs/self-hosted-appcircle/install-server/helm-chart/configuration/ca-certificates.md

@@ -1,7 +1,7 @@
 ---
 title: Adding CA Certificates
 description: Learn how to configure CA license for the Appcircle Self Hosted server
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openshift]
 sidebar_position: 50
 ---
 

docs/self-hosted-appcircle/install-server/helm-chart/configuration/enterprise-store-configuration.md

@@ -1,7 +1,7 @@
 ---
 title: Enterprise App Store Customization
 description: Learn how to configure Enterprise App Store
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openshift]
 sidebar_position: 70
 ---
 

docs/self-hosted-appcircle/install-server/helm-chart/configuration/git-providers-configuration.md

@@ -1,7 +1,7 @@
 ---
 title: Git Providers Configuration
 description: Learn how to configure git providers
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openshift]
 sidebar_position: 70
 ---
 

docs/self-hosted-appcircle/install-server/helm-chart/configuration/ldap-configuration.md

@@ -1,7 +1,7 @@
 ---
 title: LDAP Configuration
 description: Learn how to configure LDAP configuration
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openshift]
 sidebar_position: 80
 ---
 

docs/self-hosted-appcircle/install-server/helm-chart/configuration/sensitive-configuration.md

@@ -1,16 +1,18 @@
 ---
 title: Sensitive Values
 description: Learn how to configure the sensitive values for Appcircle server Helm chart
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openshift]
 sidebar_position: 40
 ---
 
 import NeedHelp from '@site/docs/\_need-help.mdx';
 import ApplyHelmConfigurationChanges from '@site/docs/self-hosted-appcircle/install-server/helm-chart/configuration/\_apply-helm-configuration-changes.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
 
 ## Secrets for Sensitive Values
 
-To manage sensitive information such as the Appcircle initial user password, SSL certificates, and other secrets, it is recommended to use Kubernetes secrets. This ensures that sensitive data is stored securely and can be accessed by applications running within the cluster in a controlled manner. Some settings like SMTP can be configured either through Kubernetes secrets during initial deployment or directly from the Appcircle Dashboard after installation.
+To manage sensitive information such as the Appcircle initial user password, SSL certificates, and other secrets, it is recommended to use Kubernetes/Openshift secrets. This ensures that sensitive data is stored securely and can be accessed by applications running within the cluster in a controlled manner. Some settings like SMTP can be configured either through Kubernetes/Openshift secrets during initial deployment or directly from the Appcircle Dashboard after installation.
 
 :::caution
 The configurations for secret values should be **done before the first deployment** and **cannot be changed later**. To modify these settings, you should **[uninstall Appcircle](/self-hosted-appcircle/install-server/helm-chart/uninstallation)** and redeploy it.
@@ -19,11 +21,25 @@ The configurations for secret values should be **done before the first deploymen
 :::info
 The commands below assume you have already created a namespace for Appcircle. If you haven’t yet, you can create the Appcircle namespace using the following commands:
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 # Create the namespace
 kubectl create namespace appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+# Create the namespace
+oc create namespace appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 Make sure to replace `appcircle` with your preferred namespace name if necessary.
 :::
 
@@ -41,13 +57,29 @@ If the `HISTCONTROL` environment variable is set to `ignoreboth`, commands with
 In the example, **`appcircle-server`** is used as the **release name**. Make sure to replace it with your actual release name if it's different.
 :::
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl create secret generic appcircle-server-auth-keycloak-passwords \
   --from-literal=initialPassword=Test1234 \
   --from-literal=adminPassword=KeycloakAdminPassword1234 \
   -n appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc create secret generic appcircle-server-auth-keycloak-passwords \
+  --from-literal=initialPassword=Test1234 \
+  --from-literal=adminPassword=KeycloakAdminPassword1234 \
+  -n appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 - Remove the `.auth.auth-keycloak.initialPassword` and `.auth.auth-keycloak.adminPassword` keys from the `values.yaml` file if they exist.
 
 #### SMTP password
@@ -68,12 +100,27 @@ If you prefer to configure SMTP via Kubernetes secrets during initial deployment
 In the example, **`appcircle-server`** is used as the **release name**. Make sure to replace it with your actual release name if it's different.
 :::
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl create secret generic appcircle-server-smtp \
   --from-literal=password="superSecretSMTPPassword" \
   -n appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc create secret generic appcircle-server-smtp \
+  --from-literal=password="superSecretSMTPPassword" \
+  -n appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 - Remove the `.global.mail.smtp.password` key from the `values.yaml` file if it exists.
 
 :::tip
@@ -90,6 +137,9 @@ But **keep in mind that** beforehand you should remove the relevant settings fro
 The name **`appcircle-tls-wildcard`** is **reserved** and **cannot be changed**.
 :::
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl create secret generic appcircle-tls-wildcard \
   --from-file=tls.crt='fullchain.crt' \
@@ -99,6 +149,28 @@ kubectl create secret generic appcircle-tls-wildcard \
   -n appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+# Option 1:
+# oc create secret tls appcircle-tls-wildcard \
+#   --cert=fullchain.crt \
+#   --key=private.key \
+#   -n appcircle
+
+# Option 2:
+# oc create secret generic appcircle-tls-wildcard \
+#   --from-file=tls.crt='fullchain.crt' \
+#   --from-file=tls.key='private.key' \
+#   --from-file=ca.crt='root-ca.crt' \
+#   --type=kubernetes.io/tls \
+#   -n appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 - Remove the `.global.tlsWildcard` key from the `values.yaml` file if it exists.
 
 #### Apply Configuration Changes

docs/self-hosted-appcircle/install-server/helm-chart/configuration/ssl-configuration.md

@@ -1,12 +1,14 @@
 ---
 title: Helm SSL Configuration
 description: Learn how to configure SSL certificate for HTTPS connections
-tags: [self-hosted, helm, configuration, kubernetes]
+tags: [self-hosted, helm, configuration, kubernetes, openshift]
 sidebar_position: 90
 sidebar_label: SSL Configuration
 ---
 
 import NeedHelp from '@site/docs/\_need-help.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
 
 # Overview
 
@@ -21,7 +23,7 @@ Appcircle must be installed with HTTPS from the initial installation. If you ini
 You have two options for configuring SSL certificates:
 
 1. **Trial Purposes**: Define the SSL certificate directly in the `values.yaml` by following [this section](#define-the-ssl-certificate-in-valuesyaml).
-2. **Production**: Create a Kubernetes secret for better security and manageability by following [this section](#define-the-ssl-certificate-in-secrets).
+2. **Production**: Create a Kubernetes/Openshift secret for better security and manageability by following [this section](#define-the-ssl-certificate-in-secrets).
 
 :::info
 When configuring Appcircle with HTTPS, you have the option to use self-signed or untrusted root certificates. However, if you choose to do so, it is essential to add the certificate or the root CA certificate to the trusted certificates. Failure to do this may result in connection errors. For detailed instructions about adding trusted CA certificates, refer to the [Adding Trusted CA Certificates](/self-hosted-appcircle/install-server/helm-chart/configuration/ca-certificates) documentation.
@@ -97,17 +99,44 @@ helm upgrade appcircle-server appcircle/appcircle -n appcircle -f values.yaml
 
 3. To restart the Redis service after updating the SSL certificate, you need to first filter and find the names of the stateful sets, as the names might change according to the release name. Use the following command to get the stateful sets:
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl get statefulset -n appcircle | grep webeventredis
 ````
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc get statefulset -n appcircle | grep webeventredis
+````
+
+  </TabItem>
+</Tabs>
+
 4. Restart the Redis StatefulSets to apply the changes:
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl rollout restart statefulset/appcircle-server-webeventredis-master -n appcircle
 kubectl rollout restart statefulset/appcircle-server-webeventredis-replicas -n appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc rollout restart statefulset/appcircle-server-webeventredis-master -n appcircle
+oc rollout restart statefulset/appcircle-server-webeventredis-replicas -n appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 ## Define the SSL Certificate in Secrets
 
 ### Initial SSL Configuration
@@ -145,6 +174,9 @@ The private key (`key`) should not be password-protected.
 The name **`appcircle-tls-wildcard`** is **reserved** and **cannot be changed**.
 :::
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl create secret generic appcircle-tls-wildcard \
   --from-file=tls.crt='fullchain.crt' \
@@ -154,12 +186,30 @@ kubectl create secret generic appcircle-tls-wildcard \
   -n appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc create secret generic appcircle-tls-wildcard \
+  --from-file=tls.crt='fullchain.crt' \
+  --from-file=tls.key='private.key' \
+  --from-file=ca.crt='root-ca.crt' \
+  --type=kubernetes.io/tls \
+  -n appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 ### Updating the Certificate
 
 To update an existing SSL certificate, use the following commands.
 
 1. Update the secret with the new certificate.
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl create secret generic appcircle-tls-wildcard \
   -n appcircle \
@@ -170,19 +220,62 @@ kubectl create secret generic appcircle-tls-wildcard \
   --save-config --dry-run=client -o yaml | kubectl apply -f -
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc create secret generic appcircle-tls-wildcard \
+  -n appcircle \
+  --from-file=tls.crt='fullchain.crt' \
+  --from-file=tls.key='private.key' \
+  --from-file=ca.crt='root-ca.crt' \
+  --type=kubernetes.io/tls \
+  --save-config --dry-run=client -o yaml | oc apply -f -
+```
+
+  </TabItem>
+</Tabs>
+
 2. To restart the Redis service after updating the SSL certificate, you need to first filter and find the names of the stateful sets, as the names might change according to the release name. Use the following command to get the stateful sets:
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl get statefulset -n appcircle | grep webeventredis
 ````
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc get statefulset -n appcircle | grep webeventredis
+````
+
+  </TabItem>
+</Tabs>
+
 3. Restart the Redis StatefulSets to apply the changes:
 
+<Tabs>
+  <TabItem value="kubernetes" label="Kubernetes" default>
+
 ```bash
 kubectl rollout restart statefulset/appcircle-server-webeventredis-master -n appcircle
 kubectl rollout restart statefulset/appcircle-server-webeventredis-replicas -n appcircle
 ```
 
+  </TabItem>
+  <TabItem value="openshift" label="Openshift">
+
+```bash
+oc rollout restart statefulset/appcircle-server-webeventredis-master -n appcircle
+oc rollout restart statefulset/appcircle-server-webeventredis-replicas -n appcircle
+```
+
+  </TabItem>
+</Tabs>
+
 ## Final Steps
 
 Verify the SSL configuration by accessing the Appcircle server over HTTPS.