diff --git a/share/authentik/index.yaml b/share/authentik/index.yaml index 3721c39..1eaa036 100644 --- a/share/authentik/index.yaml +++ b/share/authentik/index.yaml @@ -6,31 +6,151 @@ metadata: name: authentik description: authentik is an open-source Identity Provider focused on flexibility and versatility options: - error_reporting: - default: - enabled: false - environment: k8s - send_pii: false + loglevel: + default: info examples: - - enabled: false - environment: k8s - send_pii: false + - info + type: string + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + redis: + default: + exporter: + enabled: true + examples: + - exporter: + enabled: true properties: - enabled: - default: false - type: boolean - environment: - default: k8s - type: string - send_pii: - default: false - type: boolean + exporter: + default: + enabled: true + properties: + enabled: + default: true + type: boolean + type: object + type: object + geoip: + default: /geoip/GeoLite2-City.mmdb + examples: + - /geoip/GeoLite2-City.mmdb + type: string + storage: + default: + postgres: + size: 8Gi + redis: + size: 8Gi + examples: + - postgres: + size: 8Gi + redis: + size: 8Gi + properties: + postgres: + default: + size: 8Gi + properties: + size: + default: 8Gi + type: string + type: object + redis: + default: + size: 8Gi + properties: + size: + default: 8Gi + type: string + type: object type: object sub_domain: default: auth examples: - auth type: string + postgres: + default: + replicas: 1 + examples: + - replicas: 1 + properties: + replicas: + default: 1 + type: integer + type: object + admin: + default: + email: auth-admin + examples: + - email: auth-admin + properties: + email: + default: auth-admin + type: string + type: object + backups: + default: + enable: false + endpoint: '' + key_id_key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + examples: + - enable: false + endpoint: '' + key_id_key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key_id_key: + default: s3-id + type: string + retention: + default: + db: 30d + properties: + db: + default: 30d + type: string + type: object + schedule: + default: + db: 0 3 * * * + properties: + db: + default: 0 3 * * * + type: string + type: object + secret_key: + default: s3-secret + type: string + secret_name: + default: backup-settings + type: string + use_barman: + default: false + type: boolean + type: object images: default: app: @@ -168,6 +288,41 @@ options: type: string type: object type: object + ingress_class: + default: traefik + examples: + - traefik + type: string + domain: + default: your-company + examples: + - your-company + type: string + error_reporting: + default: + enabled: false + environment: k8s + send_pii: false + examples: + - enabled: false + environment: k8s + send_pii: false + properties: + enabled: + default: false + type: boolean + environment: + default: k8s + type: string + send_pii: + default: false + type: boolean + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string email: default: port: 587 @@ -193,161 +348,6 @@ options: default: false type: boolean type: object - redis: - default: - exporter: - enabled: true - examples: - - exporter: - enabled: true - properties: - exporter: - default: - enabled: true - properties: - enabled: - default: true - type: boolean - type: object - type: object - storage: - default: - postgres: - size: 8Gi - redis: - size: 8Gi - examples: - - postgres: - size: 8Gi - redis: - size: 8Gi - properties: - postgres: - default: - size: 8Gi - properties: - size: - default: 8Gi - type: string - type: object - redis: - default: - size: 8Gi - properties: - size: - default: 8Gi - type: string - type: object - type: object - admin: - default: - email: auth-admin - examples: - - email: auth-admin - properties: - email: - default: auth-admin - type: string - type: object - domain_name: - default: your_company.com - examples: - - your_company.com - type: string - postgres: - default: - replicas: 1 - examples: - - replicas: 1 - properties: - replicas: - default: 1 - type: integer - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - backups: - default: - enable: false - endpoint: '' - key_id_key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret_key: s3-secret - secret_name: backup-settings - use_barman: false - examples: - - enable: false - endpoint: '' - key_id_key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret_key: s3-secret - secret_name: backup-settings - use_barman: false - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key_id_key: - default: s3-id - type: string - retention: - default: - db: 30d - properties: - db: - default: 30d - type: string - type: object - schedule: - default: - db: 0 3 * * * - properties: - db: - default: 0 3 * * * - type: string - type: object - secret_key: - default: s3-secret - type: string - secret_name: - default: backup-settings - type: string - use_barman: - default: false - type: boolean - type: object - geoip: - default: /geoip/GeoLite2-City.mmdb - examples: - - /geoip/GeoLite2-City.mmdb - type: string - domain: - default: your-company - examples: - - your-company - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - loglevel: - default: info - examples: - - info - type: string dependencies: - dist: null category: core diff --git a/share/authentik/redis.tf b/share/authentik/redis.tf index 5f9e19a..855c2c8 100644 --- a/share/authentik/redis.tf +++ b/share/authentik/redis.tf @@ -1,6 +1,6 @@ resource "kubectl_manifest" "authentik_redis" { yaml_body = <<-EOF - apiVersion: "redis.redis.opstreelabs.in/v1beta1" + apiVersion: "redis.redis.opstreelabs.in/v1beta2" kind: "Redis" metadata: name: "${var.name}-${var.component}-redis" @@ -23,7 +23,7 @@ resource "kubectl_manifest" "authentik_redis" { redisExporter: enabled: ${var.redis.exporter.enabled} image: "${var.images.redis_exporter.registry}/${var.images.redis_exporter.repository}:${var.images.redis_exporter.tag}" - securityContext: + podSecurityContext: runAsUser: 1000 fsGroup: 1000 EOF