update

dmz/authentik/Chart.yaml

@@ -0,0 +1,12 @@
+apiVersion: v2
+name: authentik
+description: A Helm chart for Kubernetes
+type: application
+
+version: 0.1.0
+appVersion: "1.16.0"
+
+dependencies:
+- name: authentik-remote-cluster
+  repository: https://charts.goauthentik.io
+  version: 2.0.0

dmz/authentik/values.yaml

@@ -0,0 +1,30 @@
+authentik-remote-cluster:
+  # -- Provide a name in place of `authentik`. Prefer using global.nameOverride if possible
+  nameOverride: ""
+  # -- String to fully override `"authentik.fullname"`. Prefer using global.fullnameOverride if possible
+  fullnameOverride: ""
+  # -- Override the Kubernetes version, which is used to evaluate certain manifests
+  kubeVersionOverride: ""
+
+  ## Globally shared configuration for authentik components.
+  global:
+    # -- Provide a name in place of `authentik`
+    nameOverride: ""
+    # -- String to fully override `"authentik.fullname"`
+    fullnameOverride: ""
+    # -- A custom namespace to override the default namespace for the deployed resources.
+    namespaceOverride: ""
+    # -- Common labels for all resources.
+    additionalLabels: {}
+      # app: authentik
+
+  # -- Annotations to apply to all resources
+  annotations: {}
+
+  serviceAccountSecret:
+    # -- Create a secret with the service account credentials
+    enabled: true
+
+  clusterRole:
+    # -- Create a clusterole in addition to a namespaced role.
+    enabled: true

dmz/internalproxy/templates/redlib.yaml

@@ -36,19 +36,19 @@ spec:
     - websecure
   routes:
   - match: Host(`redlib.durp.info`) && PathPrefix(`/`)
-      #    middlewares:
+    middlewares:
-      #    - name: authentik-proxy-provider
+    - name: authentik-proxy-provider
-      #      namespace: traefik  
+      namespace: traefik  
     kind: Rule
     services:
     - name: redlib
       port: 8082
-    #  - match: Host(`redlib.durp.info`) && PathPrefix(`/outpost.goauthentik.io`)
+  - match: Host(`redlib.durp.info`) && PathPrefix(`/outpost.goauthentik.io`)
-    #    kind: Rule
+    kind: Rule
-    #    services:
+    services:
-    #    - name: ak-outpost-master-embedded-outpost
+    - name: ak-outpost-master-embedded-outpost
-    #      namespace: authentik
+      namespace: authentik
-    #      port: 9000
+      port: 9000
   tls:
     secretName: redlib-tls
 

infra/argocd/templates/authentik.yaml

@@ -22,3 +22,26 @@ spec:
     syncOptions:
       - CreateNamespace=true 
 
+---
+
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: authentik-dmz
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://gitlab.com/developerdurp/homelab.git
+    targetRevision: main
+    path: dmz/authentik
+  destination:
+    namespace: authentik
+    name: in-cluster
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true  
+    syncOptions:
+      - CreateNamespace=true 
+