mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-30 23:45:25 +02:00
67 lines
1.7 KiB
YAML
67 lines
1.7 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: authentik
|
|
namespace: networking
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
# renovate: registryUrl=https://charts.goauthentik.io
|
|
chart: authentik
|
|
version: 2.1.0
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: authentik-charts
|
|
namespace: flux-system
|
|
interval: 5m
|
|
values:
|
|
image:
|
|
repository: ghcr.io/goauthentik/server
|
|
tag: 2021.8.3
|
|
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: "nginx"
|
|
# annotations:
|
|
# traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
|
|
hosts:
|
|
- host: "id.${SECRET_CLUSTER_DOMAIN}"
|
|
paths:
|
|
- path: /
|
|
tls:
|
|
- hosts:
|
|
- "id.${SECRET_CLUSTER_DOMAIN}"
|
|
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
|
|
geoip:
|
|
enabled: false
|
|
authentik:
|
|
email:
|
|
host: smtp.fastmail.com
|
|
port: 587
|
|
username: ${SECRET_SMTP_USERNAME}
|
|
password: ${SECRET_AUTHENTIK_SMTP_PASSWORD}
|
|
use_ssl: true
|
|
from: authentik@${SECRET_CLUSTER_DOMAIN_ROOT}
|
|
secret_key: ${SECRET_AUTHENTIK_SECRET_KEY}
|
|
log_level: debug
|
|
|
|
outposts:
|
|
docker_image_base: ghcr.io/goauthentik/%(type)s:%(version)s
|
|
|
|
postgresql:
|
|
host: postgresql-kube.data.svc.cluster.local.
|
|
name: authentik
|
|
user: authentik
|
|
password: ${SECRET_AUTHENTIK_POSTGRES_PASSWORD}
|
|
redis:
|
|
host: '{{ .Release.Name }}-redis-master'
|
|
password: ${SECRET_AUTHENTIK_REDIS_PASSWORD}
|
|
|
|
redis:
|
|
enabled: true
|
|
auth:
|
|
enabled: true
|
|
password: ${SECRET_AUTHENTIK_REDIS_PASSWORD}
|