83 lines
2.0 KiB
YAML
83 lines
2.0 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: authentik
|
|
namespace: argo-cd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: authentik
|
|
project: default
|
|
source:
|
|
chart: authentik
|
|
helm:
|
|
values: |
|
|
|
|
image:
|
|
repository: ghcr.io/goauthentik/server
|
|
|
|
authentik:
|
|
error_reporting:
|
|
enabled: true
|
|
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
cert-manager.io/acme-challenge-type: dns01
|
|
cert-manager.io/cluster-issuer: roxedus.com-cloudflare
|
|
hosts:
|
|
- host: authentik.roxedus.com
|
|
paths:
|
|
- path: "/"
|
|
pathType: Prefix
|
|
|
|
tls:
|
|
- hosts:
|
|
- authentik.roxedus.com
|
|
secretName: authentik-roxedus-com-cert
|
|
|
|
envValueFrom:
|
|
AUTHENTIK_SECRET_KEY:
|
|
secretKeyRef:
|
|
key: AUTHENTIK_SECRET_KEY
|
|
name: authentik-secret
|
|
|
|
AUTHENTIK_POSTGRESQL__PASSWORD:
|
|
secretKeyRef:
|
|
key: password
|
|
name: postgres-secret
|
|
|
|
prometheus.rules.create: true
|
|
|
|
postgresql:
|
|
image:
|
|
registry: ghcr.io
|
|
repository: zcube/bitnami-compat/postgresql
|
|
tag: 11.18.0-debian-11-r39
|
|
enabled: true
|
|
# auth:
|
|
# existingSecret: authentik-postgresql
|
|
persistence:
|
|
enabled: true
|
|
storageClass: longhorn
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
redis:
|
|
enabled: true
|
|
image:
|
|
registry: ghcr.io
|
|
repository: zcube/bitnami-compat/redis
|
|
tag: 6.2.7-debian-11-r39
|
|
|
|
repoURL: https://charts.goauthentik.io
|
|
targetRevision: 2023.1.2
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
syncOptions:
|
|
- CreateNamespace=true
|