Hane/fukuops
1
0
Fork 0
forked from catalin/fukuops
Code Pull requests Packages 1 Activity
fukuops/k8s/argo-apps/authentik.yaml

94 lines
2.8 KiB
YAML
Raw Blame History

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: authentik
namespace: argocd
spec:
destination:
name: ''
namespace: 'apps-fuku'
server: "https://kubernetes.default.svc"
sources:
- chart: authentik
repoURL: https://charts.goauthentik.io/
targetRevision: 2024.2.*
helm:
valuesObject:
authentik:
secret_key: file:///authentik-creds/secret_key
email:
host: mail.fukurokuju.dev
port: 465
password: file:///authentik-creds/email_password
username: auth@fukurokuju.dev
use_ssl: true
timeout: 30
from: auth@fukurokuju.dev
postgresql:
host: 192.168.1.3
port: 55432
name: auth
user: file:///authentik-creds/pg_username
password: file:///authentik-creds/pg_password
redis:
host: 192.168.1.3
port: 30036
password: file:///authentik-creds/redis_password
error_reporting:
enabled: true
global:
volumeMounts:
- name: authentik-creds
mountPath: /authentik-creds
- name: media
mountPath: /media
volumes:
- name: authentik-creds
secret:
secretName: secrets-authentik
- name: media
persistentVolumeClaim:
claimName: pvc-authentik-media
server:
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 3
pdb:
enabled: true
minAvailable: 1
service:
type: LoadBalancer
servicePortHttp: 9000
servicePortHttps: 9443
annotations:
traefik.ingress.kubernetes.io/service.serversscheme: https
traefik.ingress.kubernetes.io/service.serverstransport: apps-fuku-skipverify-authentik@kubernetescrd
metrics:
enabled: true
service:
type: LoadBalancer
serviceMonitor:
enabled: false
ingress:
enabled: true
ingressClassName: traefik
hosts:
- auth.fukurokuju.dev
tls: []
https: true
worker:
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 6
pdb:
enabled: true
minAvailable: 2
- repoURL: https://git.roboces.dev/catalin/fukuops.git
path: k8s/services/authentik
targetRevision: main
project: fuku
syncPolicy:
automated: { }
View git blame Copy permalink