From 2da4d7c0cf6d3754fdac6698ab5e41901947e119 Mon Sep 17 00:00:00 2001 From: Stig Otnes Kolstad Date: Fri, 27 Mar 2026 11:04:09 +0100 Subject: [PATCH] fix(docs): use new custom secret config keys --- docs/hydra/self-hosted/kubernetes-helm-chart.mdx | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/hydra/self-hosted/kubernetes-helm-chart.mdx b/docs/hydra/self-hosted/kubernetes-helm-chart.mdx index 8b0576a2a4..b8702f15c0 100644 --- a/docs/hydra/self-hosted/kubernetes-helm-chart.mdx +++ b/docs/hydra/self-hosted/kubernetes-helm-chart.mdx @@ -16,7 +16,7 @@ To install Ory Hydra, the following [configuration values](../reference/configur - `hydra.config.urls.consent` - `hydra.config.secrets.system` -> **NOTE:** If no `hydra.config.secrets.system` secrets is supplied and `hydra.existingSecret` is empty, a secret is generated +> **NOTE:** If no `hydra.config.secrets.system` secrets is supplied and `secret.enabled` is `false`, a secret is generated > automatically. The generated secret is cryptographically secure, and 32 signs long. If you wish to install Ory Hydra with an in-memory database, a cryptographically strong secret, a Login and Consent provider @@ -43,7 +43,8 @@ helm install \ ``` Alternatively, you can use an existing [Kubernetes Secret](https://kubernetes.io/docs/concepts/configuration/secret/) instead of -letting the Helm Chart create one for you: +letting the Helm Chart create one for you, by setting `secret.enabled` to `false`. You can customize the expected name of the +custom secret using `secret.nameOverride`. ```sh @@ -53,7 +54,8 @@ kubectl create secret generic my-secure-secret --from-literal=dsn=postgres://foo helm install \ ... - --set 'hydra.existingSecret=my-secure-secret' \ + --set 'secret.enabled=false` \ + --set 'secret.nameOverride=my-secure-secret' \ ... ory/hydra ```