mirror of
https://github.com/michaelthomson0797/fleet-infra.git
synced 2026-02-04 04:59:54 +00:00
61 lines
1.6 KiB
YAML
61 lines
1.6 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: authentik
|
|
namespace: authentik
|
|
spec:
|
|
chart:
|
|
spec:
|
|
chart: authentik
|
|
version: 2025.6.1
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: authentik
|
|
interval: 15m
|
|
releaseName: immich
|
|
values:
|
|
authentik:
|
|
secret_key: file:///secret-key/key
|
|
postgresql:
|
|
host: authentik-postgres-rw
|
|
user: file:///postgres-creds/username
|
|
password: file:///postgres-creds/password
|
|
server:
|
|
ingress:
|
|
enabled: true
|
|
ingressClassName: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
hosts:
|
|
- authentik.michaelthomson.dev
|
|
tls:
|
|
- secretName: letsencrypt-wildcard-cert-michaelthomson.dev
|
|
hosts:
|
|
- authentik.michaelthomson.dev
|
|
volumes:
|
|
- name: postgres-creds
|
|
secret:
|
|
secretName: authentik-postgres-credentials
|
|
- name: secret-key
|
|
secret:
|
|
secretName: authentik-secret-key
|
|
volumeMounts:
|
|
- name: postgres-creds
|
|
mountPath: /postgres-creds
|
|
readOnly: true
|
|
- name: secret-key
|
|
mountPath: /secret-key
|
|
readOnly: true
|
|
worker:
|
|
volumes:
|
|
- name: postgres-creds
|
|
secret:
|
|
secretName: authentik-postgres-credentials
|
|
volumeMounts:
|
|
- name: postgres-creds
|
|
mountPath: /postgres-creds
|
|
readOnly: true
|
|
redis:
|
|
enabled: true
|