add(authentik)

2024-05-18 01:49:38 +00:00 · 2023-08-07 20:57:47 +02:00 · 2023-08-07 20:57:47 +02:00 · 861218f35b
parent a7ddf12087
commit 861218f35b
4 changed files with 19 additions and 38 deletions
--- a/.archive/authentik/manifests/postgre.yaml
+++ b/.archive/authentik/manifests/postgre.yaml
@ -2,7 +2,7 @@ apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
  name: authentik-db
-  namespace: authentik
+  namespace: auth
 spec:
  instances: 1
  imageName: ghcr.io/cloudnative-pg/postgresql:15
--- a/projects/auth/manifests/redis.yaml
+++ b/projects/auth/manifests/redis.yaml
@ -0,0 +1,12 @@
+apiVersion: databases.spotahome.com/v1
+kind: RedisFailover
+metadata:
+  name: authentik-redis
+  namespace: auth
+spec:
+  sentinel:
+    replicas: 1
+  redis:
+    replicas: 1
+  auth:
+    secretPath: redis
--- a/.archive/authentik/project.yml
+++ b/.archive/authentik/project.yml
@ -14,3 +14,6 @@ apps:
      keys:
        - secretkey
        - accesskey
+    - name: redis
+      keys:
+        - password
--- a/.archive/authentik/values/authentik.yaml
+++ b/.archive/authentik/values/authentik.yaml
@ -23,19 +23,11 @@ image:
  repository: ghcr.io/goauthentik/server
  tag: 2022.11.3

-# -- See https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common#values
-initContainers: {}
-
-# -- See https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common#values
-additionalContainers: {}
-
 ingress:
  enabled: true
-  ingressClassName: "ingress-internal-traefik"
+  ingressClassName: "ingress-internal"
  annotations:
    cert-manager.io/cluster-issuer: "vault-issuer"
-    traefik.ingress.kubernetes.io/router.tls: 'true'
-  labels: {}
  hosts:
    - host: auth.dc
      paths:
@ -90,7 +82,7 @@ authentik:
    # -- set the postgresql hostname to talk to
    # if unset and .Values.postgresql.enabled == true, will generate the default
    # @default -- `{{ .Release.Name }}-postgresql`
-    host: 'authentik-db-rw.authentik.svc.cluster.local'
+    host: 'authentik-db-rw.auth.svc.cluster.local'
    # -- postgresql Database name
    # @default -- `authentik`
    name: "app"
@ -128,41 +120,15 @@ envValueFrom:
      name: authentik


-service:
-  # -- Service that is created to access authentik
-  enabled: true
-  type: ClusterIP
-  port: 80
-  name: http
-  protocol: TCP
-  labels: {}
-  annotations: {}
-
-volumes: []
-
-volumeMounts: []
-
 resources:
  server: {}
  worker: {}

-serviceAccount:
-  # -- Service account is needed for managed outposts
-  create: true
-
-prometheus:
-  serviceMonitor:
-    create: false
-    interval: 30s
-    scrapeTimeout: 3s
-  rules:
-    create: false
-
 postgresql:
  enabled: false

 redis:
-  enabled: true
+  enabled: false
  architecture: standalone
  auth:
    enabled: false