mirror of
https://github.com/nold360/hive-apps
synced 2024-12-22 21:31:12 +00:00
add(authentik)
This commit is contained in:
parent
a7ddf12087
commit
861218f35b
4 changed files with 19 additions and 38 deletions
|
|
@ -2,7 +2,7 @@ apiVersion: postgresql.cnpg.io/v1
|
||||||
kind: Cluster
|
kind: Cluster
|
||||||
metadata:
|
metadata:
|
||||||
name: authentik-db
|
name: authentik-db
|
||||||
namespace: authentik
|
namespace: auth
|
||||||
spec:
|
spec:
|
||||||
instances: 1
|
instances: 1
|
||||||
imageName: ghcr.io/cloudnative-pg/postgresql:15
|
imageName: ghcr.io/cloudnative-pg/postgresql:15
|
||||||
12
projects/auth/manifests/redis.yaml
Normal file
12
projects/auth/manifests/redis.yaml
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
apiVersion: databases.spotahome.com/v1
|
||||||
|
kind: RedisFailover
|
||||||
|
metadata:
|
||||||
|
name: authentik-redis
|
||||||
|
namespace: auth
|
||||||
|
spec:
|
||||||
|
sentinel:
|
||||||
|
replicas: 1
|
||||||
|
redis:
|
||||||
|
replicas: 1
|
||||||
|
auth:
|
||||||
|
secretPath: redis
|
||||||
|
|
@ -14,3 +14,6 @@ apps:
|
||||||
keys:
|
keys:
|
||||||
- secretkey
|
- secretkey
|
||||||
- accesskey
|
- accesskey
|
||||||
|
- name: redis
|
||||||
|
keys:
|
||||||
|
- password
|
||||||
|
|
@ -23,19 +23,11 @@ image:
|
||||||
repository: ghcr.io/goauthentik/server
|
repository: ghcr.io/goauthentik/server
|
||||||
tag: 2022.11.3
|
tag: 2022.11.3
|
||||||
|
|
||||||
# -- See https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common#values
|
|
||||||
initContainers: {}
|
|
||||||
|
|
||||||
# -- See https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common#values
|
|
||||||
additionalContainers: {}
|
|
||||||
|
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
ingressClassName: "ingress-internal-traefik"
|
ingressClassName: "ingress-internal"
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/cluster-issuer: "vault-issuer"
|
cert-manager.io/cluster-issuer: "vault-issuer"
|
||||||
traefik.ingress.kubernetes.io/router.tls: 'true'
|
|
||||||
labels: {}
|
|
||||||
hosts:
|
hosts:
|
||||||
- host: auth.dc
|
- host: auth.dc
|
||||||
paths:
|
paths:
|
||||||
|
|
@ -90,7 +82,7 @@ authentik:
|
||||||
# -- set the postgresql hostname to talk to
|
# -- set the postgresql hostname to talk to
|
||||||
# if unset and .Values.postgresql.enabled == true, will generate the default
|
# if unset and .Values.postgresql.enabled == true, will generate the default
|
||||||
# @default -- `{{ .Release.Name }}-postgresql`
|
# @default -- `{{ .Release.Name }}-postgresql`
|
||||||
host: 'authentik-db-rw.authentik.svc.cluster.local'
|
host: 'authentik-db-rw.auth.svc.cluster.local'
|
||||||
# -- postgresql Database name
|
# -- postgresql Database name
|
||||||
# @default -- `authentik`
|
# @default -- `authentik`
|
||||||
name: "app"
|
name: "app"
|
||||||
|
|
@ -128,41 +120,15 @@ envValueFrom:
|
||||||
name: authentik
|
name: authentik
|
||||||
|
|
||||||
|
|
||||||
service:
|
|
||||||
# -- Service that is created to access authentik
|
|
||||||
enabled: true
|
|
||||||
type: ClusterIP
|
|
||||||
port: 80
|
|
||||||
name: http
|
|
||||||
protocol: TCP
|
|
||||||
labels: {}
|
|
||||||
annotations: {}
|
|
||||||
|
|
||||||
volumes: []
|
|
||||||
|
|
||||||
volumeMounts: []
|
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
server: {}
|
server: {}
|
||||||
worker: {}
|
worker: {}
|
||||||
|
|
||||||
serviceAccount:
|
|
||||||
# -- Service account is needed for managed outposts
|
|
||||||
create: true
|
|
||||||
|
|
||||||
prometheus:
|
|
||||||
serviceMonitor:
|
|
||||||
create: false
|
|
||||||
interval: 30s
|
|
||||||
scrapeTimeout: 3s
|
|
||||||
rules:
|
|
||||||
create: false
|
|
||||||
|
|
||||||
postgresql:
|
postgresql:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
redis:
|
redis:
|
||||||
enabled: true
|
enabled: false
|
||||||
architecture: standalone
|
architecture: standalone
|
||||||
auth:
|
auth:
|
||||||
enabled: false
|
enabled: false
|
||||||
Loading…
Reference in a new issue