add authentik

Signed-off-by: Michael Thomson <michael@michaelthomson.dev>
2026-02-04 21:09:58 +00:00 · 2024-10-04 20:18:31 -04:00
parent 163d3e75ed
commit 4efea3cfdd
8 changed files with 161 additions and 0 deletions
--- a/authentik/helmrelease-authentik.yaml
+++ b/authentik/helmrelease-authentik.yaml
@@ -0,0 +1,53 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta2
+kind: HelmRelease
+metadata:
+  name: authentik
+  namespace: authentik
+spec:
+  chart:
+    spec:
+      chart: authentik
+      version: 2024.8.3
+      sourceRef:
+        kind: HelmRepository
+        name: authentik
+        namespace: flux-system
+  interval: 15m
+  timeout: 5m
+  releaseName: authentik
+  values:
+    global:
+      envFrom:
+        - secretRef:
+            name: authentik-postgresql-password
+        - secretRef:
+            name: authentik-secret-key
+        - secretRef:
+            name: authentik-email-password
+
+    server:
+      ingress:
+        enabled: true
+        ingressClassName: traefik
+        annotations:
+          traefik.ingress.kubernetes.io/router.tls: "true"
+          traefik.ingress.kubernetes.io/router.entrypoints: websecure
+        hosts:
+          - authentik.michaelthomson.dev
+        tls:
+          - secretName: letsencrypt-wildcard-cert-michaelthomson.dev
+            hosts:
+              - authentik.michaelthomson.dev
+
+    postgresql:
+      enabled: true
+
+    redis:
+      enabled: true
+
+    email:
+      host: mail.michaelthomson.dev
+      port: 465
+      username: server@michaelthomson.dev
+      use_tls: true
+      from: "Michael's Server <server@michaelthomson.dev>"