Update folder location

2025-01-06 05:01:00 -06:00
parent dc324a2d8b
commit c39f20e371
170 changed files with 8461 additions and 25 deletions
--- a/master/authentik/templates/authentik-pv.yaml
+++ b/master/authentik/templates/authentik-pv.yaml
@@ -0,0 +1,24 @@
+#apiVersion: v1
+#kind: PersistentVolume
+#metadata:
+#  annotations:
+#    pv.kubernetes.io/provisioned-by: durp.info/nfs
+#  finalizers:
+#  - kubernetes.io/pv-protection
+#  name: authentik-pv
+#spec:
+#  accessModes:
+#  - ReadWriteMany
+#  capacity:
+#    storage: 10Gi
+#  claimRef:
+#    apiVersion: v1
+#    kind: PersistentVolumeClaim
+#    name: authentik-pvc
+#    namespace: authentik
+#  nfs:
+#    path: /mnt/user/k3s/authentik
+#    server: 192.168.20.253
+#  persistentVolumeReclaimPolicy: Retain
+#  storageClassName: nfs-storage
+#  volumeMode: Filesystem
--- a/master/authentik/templates/authentik-pvc.yaml
+++ b/master/authentik/templates/authentik-pvc.yaml
@@ -0,0 +1,18 @@
+#apiVersion: v1
+#kind: PersistentVolumeClaim
+#metadata:
+#  labels:
+#    app.kubernetes.io/component: app
+#    app.kubernetes.io/instance: authentik
+#    app.kubernetes.io/managed-by: Helm
+#    app.kubernetes.io/name: authentik
+#    helm.sh/chart: authentik-2.14.4
+#  name: authentik-pvc
+#  namespace: authentik
+#spec:
+#  accessModes:
+#    - ReadWriteMany
+#  resources:
+#    requests:
+#      storage: 10Gi
+#  storageClassName: nfs-storage
--- a/master/authentik/templates/ingress.yaml
+++ b/master/authentik/templates/ingress.yaml
@@ -0,0 +1,42 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: authentik-ingress
+spec:
+  entryPoints:
+    - websecure
+  routes:
+  - match: Host(`authentik.durp.info`) && PathPrefix(`/`) 
+    kind: Rule
+    services:
+    - name: authentik-server
+      port: 80
+  tls:
+    secretName: authentik-tls
+
+---
+
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: authentik-tls
+spec:
+  secretName: authentik-tls
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "authentik.durp.info"
+  dnsNames:
+  - "authentik.durp.info" 
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: authentik-external-dns
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: authentik.durp.info
+spec:
+  type: ExternalName
+  externalName: durp.info
--- a/master/authentik/templates/secrets.yaml
+++ b/master/authentik/templates/secrets.yaml
@@ -0,0 +1,28 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: authentik-secret
+spec:
+  secretStoreRef:
+    name: vault
+    kind: ClusterSecretStore
+  target:
+    name: db-pass
+  data:
+  - secretKey: dbpass
+    remoteRef:
+      key: secrets/authentik/database
+      property: dbpass
+  - secretKey: secretkey
+    remoteRef:
+      key: secrets/authentik/database
+      property: secretkey     
+  - secretKey: postgresql-postgres-password 
+    remoteRef:
+      key: secrets/authentik/database
+      property: dbpass
+  - secretKey: postgresql-password 
+    remoteRef:
+      key: secrets/authentik/database
+      property: dbpass
+