From 912d95caeca697bc6e14bbfc984c4d7642bc14c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?c=C4=83t=C4=83lin?= Date: Sat, 6 Jan 2024 00:53:53 +0100 Subject: [PATCH] feat(k8s/services/authentik): add pvc --- k8s/argo-apps/authentik.yaml | 133 +++++++++++++++++--------------- k8s/services/authentik/pvc.yaml | 12 +++ 2 files changed, 82 insertions(+), 63 deletions(-) create mode 100644 k8s/services/authentik/pvc.yaml diff --git a/k8s/argo-apps/authentik.yaml b/k8s/argo-apps/authentik.yaml index 772b9ca..fa04d40 100644 --- a/k8s/argo-apps/authentik.yaml +++ b/k8s/argo-apps/authentik.yaml @@ -8,70 +8,77 @@ spec: name: '' namespace: 'apps-fuku' server: "https://kubernetes.default.svc" - source: - chart: authentik - repoURL: https://charts.goauthentik.io/ - targetRevision: 2023.10.* - helm: - valuesObject: - authentik: - secret_key: file:///authentik-creds/secret_key - reporting_enabled: false - email: - host: mail.fukurokuju.dev - port: 465 - password: file:///authentik-creds/email_password - username: auth@fukurokuju.dev - use_ssl: true - timeout: 30 - from: auth@fukurokuju.dev - postgresql: - host: 192.168.1.13 - name: auth - user: file:///authentik-creds/pg_username - password: file:///authentik-creds/pg_password - redis: - host: 192.168.1.3 - port: 30036 - password: file:///authentik-creds/redis_password - volumeMounts: - - name: authentik-creds - mountPath: /authentik-creds - volumes: - - name: authentik-creds - secret: - secretName: secrets-authentik - autoscaling: - server: + sources: + - chart: authentik + repoURL: https://charts.goauthentik.io/ + targetRevision: 2023.10.* + helm: + valuesObject: + authentik: + secret_key: file:///authentik-creds/secret_key + reporting_enabled: false + email: + host: mail.fukurokuju.dev + port: 465 + password: file:///authentik-creds/email_password + username: auth@fukurokuju.dev + use_ssl: true + timeout: 30 + from: auth@fukurokuju.dev + postgresql: + host: 192.168.1.13 + name: auth + user: file:///authentik-creds/pg_username + password: file:///authentik-creds/pg_password + redis: + host: 192.168.1.3 + port: 30036 + password: file:///authentik-creds/redis_password + volumeMounts: + - name: authentik-creds + mountPath: /authentik-creds + - name: media + mountPath: /media + volumes: + - name: authentik-creds + secret: + secretName: secrets-authentik + - name: media + persistentVolumeClaim: + claimName: pvc-authentik-media + autoscaling: + server: + enabled: true + maxScaling: 3 + worker: + enabled: true + pdb: + server: + enabled: true + maxUnavailable: 2 + worker: + enabled: + maxUnavailable: 4 + service: + type: LoadBalancer + port: 9000 + name: http + ingress: enabled: true - maxScaling: 3 - worker: - enabled: true - pdb: - server: - enabled: true - maxUnavailable: 2 - worker: - enabled: - maxUnavailable: 4 - service: - type: LoadBalancer - port: 9000 - name: http - ingress: - enabled: true - ingressClassName: traefik - hosts: - - host: auth.fukurokuju.dev - paths: - - path: "/" - pathType: Prefix - backend: - service: - name: authentik - port: - number: 9000 + ingressClassName: traefik + hosts: + - host: auth.fukurokuju.dev + paths: + - path: "/" + pathType: Prefix + backend: + service: + name: authentik + port: + number: 9000 + - repoURL: https://git.roboces.dev/catalin/fukuops.git + path: k8s/services/authentik + targetRevision: main project: fuku - sources: [] syncPolicy: automated: { } diff --git a/k8s/services/authentik/pvc.yaml b/k8s/services/authentik/pvc.yaml new file mode 100644 index 0000000..5516597 --- /dev/null +++ b/k8s/services/authentik/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-authentik-media + namespace: apps-fuku +spec: + accessModes: + - ReadWriteMany + storageClassName: "truenas-nfs-csi" + resources: + requests: + storage: 3Gi \ No newline at end of file