2022-11-30 13:32:46 +01:00
|
|
|
apiVersion: argoproj.io/v1alpha1
|
|
|
|
kind: Application
|
|
|
|
metadata:
|
|
|
|
name: authentik
|
|
|
|
namespace: argo-cd
|
|
|
|
finalizers:
|
|
|
|
- resources-finalizer.argocd.argoproj.io
|
|
|
|
spec:
|
|
|
|
destination:
|
|
|
|
server: https://kubernetes.default.svc
|
|
|
|
namespace: authentik
|
|
|
|
project: default
|
|
|
|
source:
|
|
|
|
chart: authentik
|
|
|
|
helm:
|
|
|
|
values: |
|
|
|
|
|
|
|
|
image:
|
|
|
|
repository: ghcr.io/goauthentik/server
|
2022-12-06 02:22:05 +01:00
|
|
|
tag: 2022.11.3
|
2022-11-30 13:32:46 +01:00
|
|
|
|
|
|
|
authentik:
|
|
|
|
error_reporting:
|
|
|
|
enabled: true
|
|
|
|
|
2022-12-01 00:43:06 +01:00
|
|
|
ingress:
|
2022-11-30 13:50:44 +01:00
|
|
|
enabled: true
|
2022-12-01 00:43:06 +01:00
|
|
|
ingressClassName: traefik
|
2022-12-01 00:50:45 +01:00
|
|
|
annotations:
|
|
|
|
cert-manager.io/acme-challenge-type: dns01
|
|
|
|
cert-manager.io/cluster-issuer: roxedus.com-cloudflare
|
2022-12-01 00:43:06 +01:00
|
|
|
hosts:
|
|
|
|
- host: authentik.roxedus.com
|
|
|
|
paths:
|
|
|
|
- path: "/"
|
|
|
|
pathType: Prefix
|
2022-11-30 13:50:44 +01:00
|
|
|
|
2022-12-01 00:45:58 +01:00
|
|
|
tls:
|
|
|
|
- hosts:
|
|
|
|
- authentik.roxedus.com
|
|
|
|
secretName: authentik-roxedus-com-cert
|
|
|
|
|
2022-11-30 13:32:46 +01:00
|
|
|
envValueFrom:
|
2022-12-06 03:42:04 +01:00
|
|
|
POSTGRES_PASSWORD:
|
|
|
|
secretKeyRef:
|
|
|
|
key: postgresql-password
|
|
|
|
name: authentik-postgresql
|
|
|
|
|
2022-12-06 03:29:01 +01:00
|
|
|
AUTHENTIK_POSTGRESQL__PASSWORD:
|
|
|
|
secretKeyRef:
|
2022-12-06 03:39:49 +01:00
|
|
|
key: postgresql-postgres-password
|
2022-12-06 03:29:01 +01:00
|
|
|
name: authentik-postgresql
|
|
|
|
|
2022-11-30 13:32:46 +01:00
|
|
|
AUTHENTIK_SECRET_KEY:
|
|
|
|
secretKeyRef:
|
|
|
|
key: AUTHENTIK_SECRET_KEY
|
|
|
|
name: authentik-secret
|
|
|
|
|
|
|
|
postgresql:
|
|
|
|
image:
|
|
|
|
registry: ghcr.io
|
|
|
|
repository: zcube/bitnami-compat/postgresql
|
|
|
|
tag: 11.18.0-debian-11-r39
|
|
|
|
enabled: true
|
|
|
|
auth:
|
|
|
|
existingSecret: authentik-postgresql
|
|
|
|
persistence:
|
|
|
|
enabled: true
|
|
|
|
storageClass: longhorn
|
|
|
|
accessModes:
|
|
|
|
- ReadWriteOnce
|
|
|
|
redis:
|
|
|
|
enabled: true
|
|
|
|
image:
|
|
|
|
registry: ghcr.io
|
|
|
|
repository: zcube/bitnami-compat/redis
|
|
|
|
tag: 6.2.7-debian-11-r39
|
|
|
|
|
|
|
|
repoURL: https://charts.goauthentik.io
|
2022-12-06 02:25:40 +01:00
|
|
|
targetRevision: 2022.11.3
|
2022-11-30 13:32:46 +01:00
|
|
|
syncPolicy:
|
|
|
|
automated:
|
|
|
|
prune: true
|
|
|
|
selfHeal: true
|
|
|
|
syncOptions:
|
|
|
|
- CreateNamespace=true
|