diff --git a/clusters/cl01tl/platform/authentik/Chart.yaml b/clusters/cl01tl/platform/authentik/Chart.yaml deleted file mode 100644 index c319ca94f..000000000 --- a/clusters/cl01tl/platform/authentik/Chart.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: v2 -name: authentik -version: 1.0.0 -description: Authentik -keywords: - - authentik - - sso - - oidc - - ldap - - idp - - authentication -home: https://wiki.alexlebens.dev/doc/authentik-q2d4WDhqpe -sources: - - https://github.com/goauthentik/authentik - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - - https://github.com/goauthentik/helm - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared - - https://github.com/alexlebens/helm-charts/tree/main/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: authentik - version: 2024.12.3 - repository: https://charts.goauthentik.io/ - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.13.0 - - name: postgres-cluster - alias: postgres-17-cluster - version: 4.1.4 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/authentik.png -appVersion: 2024.10.5 diff --git a/clusters/cl01tl/platform/authentik/templates/config-map.yaml b/clusters/cl01tl/platform/authentik/templates/config-map.yaml deleted file mode 100644 index f749d50f5..000000000 --- a/clusters/cl01tl/platform/authentik/templates/config-map.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: authentik-custom-css - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: {{ .Release.Name }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -data: - custom.css: | - /* Change sign button color */ - .pf-c-button.pf-m-primary { - color: black; - background-color: white; - } - - /* Remove background */ - .pf-c-login__main { - background-color: rgba(3, 3, 3, 0.16); - } - - /* Remove specific height */ - .pf-c-brand { - height: auto; - } - - /* Center text */ - .pf-c-title { - text-align: center; - } - - /* Match text field to login button */ - .pf-c-form-control { - border-radius: 3px; - background-color: white; - color: black; - } - - /* Force border color */ - .pf-c-form-control { - border-color: white; - } - - /* Use default cursor on this div */ - .pf-c-form__label { - cursor: default; - } - - /* Hide required asterik */ - .pf-c-form__label-required { - display: none; - } - - /* Change link color to white */ - .a { - color: white; - } diff --git a/clusters/cl01tl/platform/authentik/templates/external-secret.yaml b/clusters/cl01tl/platform/authentik/templates/external-secret.yaml deleted file mode 100644 index 17ba4cf91..000000000 --- a/clusters/cl01tl/platform/authentik/templates/external-secret.yaml +++ /dev/null @@ -1,80 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: authentik-key-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-key-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: key - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/authentik/key - metadataPolicy: None - property: key - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: authentik-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/authentik - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: authentik-postgresql-17-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-postgresql-17-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: access - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /digital-ocean/home-infra/postgres-backups - metadataPolicy: None - property: secret diff --git a/clusters/cl01tl/platform/authentik/templates/ingress.yaml b/clusters/cl01tl/platform/authentik/templates/ingress.yaml deleted file mode 100644 index b0a72161e..000000000 --- a/clusters/cl01tl/platform/authentik/templates/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: authentik-local - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: authentik-local - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - cert-manager.io/cluster-issuer: letsencrypt-issuer -spec: - ingressClassName: traefik - tls: - - hosts: - - authentik.alexlebens.net - secretName: authentik-tls-secret - rules: - - host: authentik.alexlebens.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: authentik-server - port: - number: 80 diff --git a/clusters/cl01tl/platform/authentik/values.yaml b/clusters/cl01tl/platform/authentik/values.yaml deleted file mode 100644 index 52e3f22c5..000000000 --- a/clusters/cl01tl/platform/authentik/values.yaml +++ /dev/null @@ -1,83 +0,0 @@ -authentik: - global: - env: - - name: AUTHENTIK_SECRET_KEY - valueFrom: - secretKeyRef: - name: authentik-key-secret - key: key - - name: AUTHENTIK_POSTGRESQL__HOST - valueFrom: - secretKeyRef: - name: authentik-postgresql-17-cluster-app - key: host - - name: AUTHENTIK_POSTGRESQL__NAME - valueFrom: - secretKeyRef: - name: authentik-postgresql-17-cluster-app - key: dbname - - name: AUTHENTIK_POSTGRESQL__USER - valueFrom: - secretKeyRef: - name: authentik-postgresql-17-cluster-app - key: user - - name: AUTHENTIK_POSTGRESQL__PASSWORD - valueFrom: - secretKeyRef: - name: authentik-postgresql-17-cluster-app - key: password - server: - name: server - replicas: 1 - volumes: - - name: custom-css - configMap: - name: authentik-custom-css - volumeMounts: - - name: custom-css - mountPath: /web/dist/custom.css - subPath: custom.css - metrics: - enabled: true - serviceMonitor: - enabled: true - ingress: - enabled: true - ingressClassName: tailscale - annotations: - tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" - hosts: - - auth-cl01tl - paths: - - / - tls: - - secretName: auth-cl01tl - hosts: - - auth-cl01tl - worker: - name: worker - replicas: 1 - prometheus: - rules: - enabled: true - postgresql: - enabled: false - redis: - enabled: true -cloudflared: - existingSecretName: authentik-cloudflared-secret -postgres-17-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - backup: - enabled: true - endpointURL: https://nyc3.digitaloceanspaces.com - destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster - endpointCredentials: authentik-postgresql-17-cluster-backup-secret - backupIndex: 1