Argo/apps/templates/authentik.yaml

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: authentik
  namespace: argo-cd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  destination:
    server: https://kubernetes.default.svc
    namespace: authentik
  project: default
  source:
    chart: authentik
    helm:
      values: |

        image:
          repository: ghcr.io/goauthentik/server
          tag: 2022.10.0

        authentik:
          error_reporting:
            enabled: true

        service:
          enabled: true
          type: ClusterIP
          port: 9443
          name: https
          protocol: TCP

        envValueFrom:
          AUTHENTIK_POSTGRESQL__PASSWORD:
            secretKeyRef:
              key: postgresql-password
              name: authentik-postgresql

          AUTHENTIK_SECRET_KEY:
            secretKeyRef:
              key: AUTHENTIK_SECRET_KEY
              name: authentik-secret

        postgresql:
          image:
            registry: ghcr.io
            repository: zcube/bitnami-compat/postgresql
            tag: 11.18.0-debian-11-r39
          enabled: true
          auth:
            existingSecret: authentik-postgresql
          persistence:
            enabled: true
            storageClass: longhorn
            accessModes:
              - ReadWriteOnce
        redis:
          enabled: true
          image:
            registry: ghcr.io
            repository: zcube/bitnami-compat/redis
            tag: 6.2.7-debian-11-r39

    repoURL: https://charts.goauthentik.io
    targetRevision: 2022.09.0
  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    syncOptions:
      - CreateNamespace=true
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: authentik-traefik
  namespace: authentik
spec:
  entryPoints:
    - websecure
  routes:
    - kind: Rule
      match: Host("authentik.roxedus.com")
      services:
        - name: authentik
          port: 9443
          scheme: https
          serversTransport: selfsigned
  tls:
    certResolver: cloudflare
aaaaaaaaaa 2022-11-30 13:32:46 +01:00			`apiVersion: argoproj.io/v1alpha1`
			`kind: Application`
			`metadata:`
			`name: authentik`
			`namespace: argo-cd`
			`finalizers:`
			`- resources-finalizer.argocd.argoproj.io`
			`spec:`
			`destination:`
			`server: https://kubernetes.default.svc`
			`namespace: authentik`
			`project: default`
			`source:`
			`chart: authentik`
			`helm:`
			`values: \|`

			`image:`
			`repository: ghcr.io/goauthentik/server`
			`tag: 2022.10.0`

			`authentik:`
			`error_reporting:`
			`enabled: true`

service 2022-11-30 13:50:44 +01:00			`service:`
			`enabled: true`
			`type: ClusterIP`
			`port: 9443`
huh 2022-11-30 13:56:30 +01:00			`name: https`
service 2022-11-30 13:50:44 +01:00			`protocol: TCP`

aaaaaaaaaa 2022-11-30 13:32:46 +01:00			`envValueFrom:`
			`AUTHENTIK_POSTGRESQL__PASSWORD:`
			`secretKeyRef:`
			`key: postgresql-password`
			`name: authentik-postgresql`

			`AUTHENTIK_SECRET_KEY:`
			`secretKeyRef:`
			`key: AUTHENTIK_SECRET_KEY`
			`name: authentik-secret`

			`postgresql:`
			`image:`
			`registry: ghcr.io`
			`repository: zcube/bitnami-compat/postgresql`
			`tag: 11.18.0-debian-11-r39`
			`enabled: true`
			`auth:`
			`existingSecret: authentik-postgresql`
			`persistence:`
			`enabled: true`
			`storageClass: longhorn`
			`accessModes:`
			`- ReadWriteOnce`
			`redis:`
			`enabled: true`
			`image:`
			`registry: ghcr.io`
			`repository: zcube/bitnami-compat/redis`
			`tag: 6.2.7-debian-11-r39`

			`repoURL: https://charts.goauthentik.io`
			`targetRevision: 2022.09.0`
			`syncPolicy:`
			`automated:`
			`prune: true`
			`selfHeal: true`
			`syncOptions:`
			`- CreateNamespace=true`
LB 2022-11-30 13:44:56 +01:00			`---`
			`apiVersion: traefik.containo.us/v1alpha1`
			`kind: IngressRoute`
			`metadata:`
			`name: authentik-traefik`
			`namespace: authentik`
			`spec:`
			`entryPoints:`
			`- websecure`
			`routes:`
			`- kind: Rule`
			`match: Host("authentik.roxedus.com")`
			`services:`
f 2022-11-30 13:58:18 +01:00			`- name: authentik`
LB 2022-11-30 13:44:56 +01:00			`port: 9443`
			`scheme: https`
			`serversTransport: selfsigned`
			`tls:`
			`certResolver: cloudflare`