From 9f6d088bf3228885ce68aa667c57702a8f0fe31e Mon Sep 17 00:00:00 2001 From: alexlebens Date: Fri, 23 Aug 2024 16:41:00 -0500 Subject: [PATCH] enable authentik auth --- .../cl01tl/applications/directus/values.yaml | 72 +++++++------------ 1 file changed, 26 insertions(+), 46 deletions(-) diff --git a/clusters/cl01tl/applications/directus/values.yaml b/clusters/cl01tl/applications/directus/values.yaml index f81d0ad6b..9616fd96e 100644 --- a/clusters/cl01tl/applications/directus/values.yaml +++ b/clusters/cl01tl/applications/directus/values.yaml @@ -30,7 +30,7 @@ directus: pullPolicy: IfNotPresent env: - name: PUBLIC_URL - value: https://directus.alexlebens.net + value: https://directus.alexlebens.dev - name: WEBSOCKETS_ENABLED value: true - name: ADMIN_EMAIL @@ -83,7 +83,7 @@ directus: - name: REDIS_ENABLED value: false - name: REDIS_HOST - value: site-profile-valkey-master + value: directus-valkey-master - name: REDIS_PORT value: 6379 - name: REDIS_USERNAME @@ -102,30 +102,30 @@ directus: value: local - name: STORAGE_LOCAL_ROOT value: /directus/data - # - name: AUTH_PROVIDERS - # value: AUTHENTIK - # - name: AUTH_AUTHENTIK_DRIVER - # value: openid - # - name: AUTH_AUTHENTIK_CLIENT_ID - # valueFrom: - # secretKeyRef: - # name: directus-oidc-secret - # key: OIDC_CLIENT_ID - # - name: AUTH_AUTHENTIK_CLIENT_SECRET - # valueFrom: - # secretKeyRef: - # name: directus-oidc-secret - # key: OIDC_CLIENT_SECRET - # - name: AUTH_AUTHENTIK_SCOPE - # value: openid profile email - # - name: AUTH_AUTHENTIK_ISSUER_URL - # value: https://auth.alexlebens.net/application/o/directus/.well-known/openid-configuration - # - name: AUTH_AUTHENTIK_IDENTIFIER_KEY - # value: email - # - name: AUTH_AUTHENTIK_ALLOW_PUBLIC_REGISTRATION - # value: true - # - name: AUTH_AUTHENTIK_LABEL - # value: Authentik Login + - name: AUTH_PROVIDERS + value: AUTHENTIK + - name: AUTH_AUTHENTIK_DRIVER + value: openid + - name: AUTH_AUTHENTIK_CLIENT_ID + valueFrom: + secretKeyRef: + name: directus-oidc-secret + key: OIDC_CLIENT_ID + - name: AUTH_AUTHENTIK_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: directus-oidc-secret + key: OIDC_CLIENT_SECRET + - name: AUTH_AUTHENTIK_SCOPE + value: openid profile email + - name: AUTH_AUTHENTIK_ISSUER_URL + value: https://auth.alexlebens.dev/application/o/directus/.well-known/openid-configuration + - name: AUTH_AUTHENTIK_IDENTIFIER_KEY + value: email + - name: AUTH_AUTHENTIK_ALLOW_PUBLIC_REGISTRATION + value: true + - name: AUTH_AUTHENTIK_LABEL + value: Authentik Login - name: TELEMETRY value: false resources: @@ -142,26 +142,6 @@ directus: port: 80 targetPort: 8055 protocol: TCP - ingress: - traefik: - enabled: true - className: traefik - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - cert-manager.io/cluster-issuer: letsencrypt-issuer - hosts: - - host: directus.alexlebens.net - paths: - - path: / - pathType: Prefix - service: - name: directus - port: 80 - tls: - - hosts: - - directus.alexlebens.net - secretName: directus-tls-secret persistence: data: storageClass: ceph-block