add authentik
This commit is contained in:
@@ -1,26 +1,22 @@
|
|||||||
apiVersion: networking.k8s.io/v1
|
apiVersion: networking.k8s.io/v1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: authentik-local
|
name: authentik-tailscale
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: authentik-local
|
app.kubernetes.io/name: authentik-tailscale
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||||
app.kubernetes.io/component: web
|
app.kubernetes.io/component: web
|
||||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||||
annotations:
|
|
||||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
||||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-issuer
|
|
||||||
spec:
|
spec:
|
||||||
ingressClassName: traefik
|
ingressClassName: tailscale
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- authentik.alexlebens.net
|
- auth-cl01tl
|
||||||
secretName: authentik-tls-secret
|
secretName: auth-cl01tl
|
||||||
rules:
|
rules:
|
||||||
- host: authentik.alexlebens.net
|
- host: auth-cl01tl
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
@@ -43,17 +43,15 @@ authentik:
|
|||||||
enabled: true
|
enabled: true
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
ingressClassName: tailscale
|
ingressClassName: traefik
|
||||||
annotations:
|
|
||||||
tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true"
|
|
||||||
hosts:
|
hosts:
|
||||||
- auth-cl01tl
|
- authentik.alexlebens.net
|
||||||
paths:
|
paths:
|
||||||
- /
|
- /
|
||||||
tls:
|
tls:
|
||||||
- secretName: auth-cl01tl
|
- secretName: authentik-tls-secret
|
||||||
hosts:
|
hosts:
|
||||||
- auth-cl01tl
|
- authentik.alexlebens.net
|
||||||
worker:
|
worker:
|
||||||
name: worker
|
name: worker
|
||||||
replicas: 1
|
replicas: 1
|
||||||
@@ -76,8 +74,8 @@ postgres-17-cluster:
|
|||||||
monitoring:
|
monitoring:
|
||||||
enabled: true
|
enabled: true
|
||||||
backup:
|
backup:
|
||||||
enabled: true
|
enabled: false
|
||||||
endpointURL: https://nyc3.digitaloceanspaces.com
|
endpointURL: https://nyc3.digitaloceanspaces.com
|
||||||
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster
|
||||||
endpointCredentials: authentik-postgresql-17-cluster-backup-secret
|
endpointCredentials: authentik-postgresql-17-cluster-backup-secret
|
||||||
backupIndex: 1
|
backupIndex: 2
|
||||||
Reference in New Issue
Block a user