marco/veda
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor authentik configuration to use mounted secrets for PostgreSQL credentials

Browse Source
This commit is contained in:
Marco van Zijl 2025-05-10 17:29:12 +02:00
parent f7fe6ff832
commit d5534e07fd
1 changed files with 22 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
applications/templates/authentik.yaml
View File

@ -21,29 +21,13 @@ spec:
valuesObject: valuesObject:
global: global:
priorityClassName: homelab-critical priorityClassName: homelab-critical
env:
- name: AUTHENTIK_DATABASE__HOST
valueFrom:
secretKeyRef:
name: pg-authentik-cluster-app
key: host
- name: AUTHENTIK_POSTGRESQL__NAME
valueFrom:
secretKeyRef:
name: pg-authentik-cluster-app
key: dbname
- name: AUTHENTIK_POSTGRESQL__PASSWORD
valueFrom:
secretKeyRef:
name: pg-authentik-cluster-app
key: password
- name: AUTHENTIK_POSTGRESQL__USER
valueFrom:
secretKeyRef:
name: pg-authentik-cluster-app
key: username
authentik: authentik:
secret_key: bGd7nChCpPQmypR64rgF secret_key: bGd7nChCpPQmypR64rgF
postgresql:
host: file:///postgres-creds/host
name: file:///postgres-creds/dbname
user: file:///postgres-creds/username
password: file:///postgres-creds/password
server: server:
metrics: metrics:
enabled: true enabled: true
@ -56,6 +40,23 @@ spec:
- authentik.noxxos.nl - authentik.noxxos.nl
annotations: annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web traefik.ingress.kubernetes.io/router.entrypoints: web
volumes:
- name: postgres-creds
secret:
secretName: pg-authentik-cluster-app
volumeMounts:
- name: postgres-creds
mountPath: /postgres-creds
readOnly: true
worker:
volumes:
- name: postgres-creds
secret:
secretName: pg-authentik-cluster-app
volumeMounts:
- name: postgres-creds
mountPath: /postgres-creds
readOnly: true
postgresql: postgresql:
enabled: false enabled: false
redis: redis: