authentik: global: env: - name: AUTHENTIK_SECRET_KEY valueFrom: secretKeyRef: name: authentik-key-secret key: key - name: AUTHENTIK_POSTGRESQL__HOST valueFrom: secretKeyRef: name: authentik-postgresql-17-cluster-app key: host - name: AUTHENTIK_POSTGRESQL__NAME valueFrom: secretKeyRef: name: authentik-postgresql-17-cluster-app key: dbname - name: AUTHENTIK_POSTGRESQL__USER valueFrom: secretKeyRef: name: authentik-postgresql-17-cluster-app key: user - name: AUTHENTIK_POSTGRESQL__PASSWORD valueFrom: secretKeyRef: name: authentik-postgresql-17-cluster-app key: password server: name: server replicas: 1 volumes: - name: custom-css configMap: name: authentik-custom-css volumeMounts: - name: custom-css mountPath: /web/dist/custom.css subPath: custom.css metrics: enabled: true serviceMonitor: enabled: true ingress: enabled: false worker: name: worker replicas: 1 prometheus: rules: enabled: true postgresql: enabled: false redis: enabled: true cloudflared: existingSecretName: authentik-cloudflared-secret postgres-17-cluster: mode: standalone cluster: storage: storageClass: local-path walStorage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: true recovery: method: objectStore objectStore: endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster endpointCredentials: authentik-postgresql-17-cluster-backup-secret recoveryIndex: 2 backup: enabled: true endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/authentik/authentik-postgresql-17-cluster endpointCredentials: authentik-postgresql-17-cluster-backup-secret backupIndex: 2 retentionPolicy: "7d"