diff --git a/share/authentik/index.yaml b/share/authentik/index.yaml index fa94c00..9323482 100644 --- a/share/authentik/index.yaml +++ b/share/authentik/index.yaml @@ -6,10 +6,104 @@ metadata: name: authentik description: authentik is an open-source Identity Provider focused on flexibility and versatility options: - loglevel: - default: info + admin: + default: + email: auth-admin examples: - - info + - email: auth-admin + properties: + email: + default: auth-admin + type: string + type: object + backups: + default: + enable: false + endpoint: '' + key_id_key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + examples: + - enable: false + endpoint: '' + key_id_key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret_key: s3-secret + secret_name: backup-settings + use_barman: false + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key_id_key: + default: s3-id + type: string + retention: + default: + db: 30d + properties: + db: + default: 30d + type: string + type: object + schedule: + default: + db: 0 3 * * * + properties: + db: + default: 0 3 * * * + type: string + type: object + secret_key: + default: s3-secret + type: string + secret_name: + default: backup-settings + type: string + use_barman: + default: false + type: boolean + type: object + customisation: + default: + configmap_name: '' + use_custom_css: false + use_icon_left: false + examples: + - configmap_name: '' + use_custom_css: false + use_icon_left: false + properties: + configmap_name: + default: '' + type: string + use_custom_css: + default: false + type: boolean + use_icon_left: + default: false + type: boolean + type: object + domain: + default: your-company + examples: + - your-company + type: string + domain_name: + default: your_company.com + examples: + - your_company.com type: string email: default: @@ -36,11 +130,6 @@ options: default: false type: boolean type: object - sub_domain: - default: auth - examples: - - auth - type: string error_reporting: default: enabled: false @@ -61,21 +150,6 @@ options: default: false type: boolean type: object - admin: - default: - email: auth-admin - examples: - - email: auth-admin - properties: - email: - default: auth-admin - type: string - type: object - domain: - default: your-company - examples: - - your-company - type: string geoip: default: /geoip/GeoLite2-City.mmdb examples: @@ -248,6 +322,21 @@ options: type: string type: object type: object + ingress_class: + default: traefik + examples: + - traefik + type: string + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + loglevel: + default: info + examples: + - info + type: string postgres: default: replicas: 1 @@ -258,11 +347,6 @@ options: default: 1 type: integer type: object - ingress_class: - default: traefik - examples: - - traefik - type: string redis: default: exporter: @@ -309,95 +393,11 @@ options: type: string type: object type: object - backups: - default: - enable: false - endpoint: '' - key_id_key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret_key: s3-secret - secret_name: backup-settings - use_barman: false + sub_domain: + default: auth examples: - - enable: false - endpoint: '' - key_id_key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret_key: s3-secret - secret_name: backup-settings - use_barman: false - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key_id_key: - default: s3-id - type: string - retention: - default: - db: 30d - properties: - db: - default: 30d - type: string - type: object - schedule: - default: - db: 0 3 * * * - properties: - db: - default: 0 3 * * * - type: string - type: object - secret_key: - default: s3-secret - type: string - secret_name: - default: backup-settings - type: string - use_barman: - default: false - type: boolean - type: object - domain_name: - default: your_company.com - examples: - - your_company.com + - auth type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - customisation: - default: - configmap_name: '' - use_custom_css: false - use_icon_left: false - examples: - - configmap_name: '' - use_custom_css: false - use_icon_left: false - properties: - configmap_name: - default: '' - type: string - use_custom_css: - default: false - type: boolean - use_icon_left: - default: false - type: boolean - type: object dependencies: - dist: null category: core diff --git a/share/authentik/postgresql.tf b/share/authentik/postgresql.tf index e951e56..64972dc 100644 --- a/share/authentik/postgresql.tf +++ b/share/authentik/postgresql.tf @@ -15,9 +15,6 @@ resource "kubectl_manifest" "prj_pg" { name: "${var.instance}-${var.component}-pg" namespace: "${var.namespace}" labels: ${jsonencode(local.pg-labels)} - annotations: - "k8up.io/backupcommand": "pg_dump -U postgres -d ${var.component} --clean" - "k8up.io/file-extension": ".sql" spec: instances: ${var.postgres.replicas} imageName: "${var.images.postgresql.registry}/${var.images.postgresql.repository}:${var.images.postgresql.tag}" @@ -29,6 +26,15 @@ resource "kubectl_manifest" "prj_pg" { owner: "${var.component}" monitoring: enablePodMonitor: true + inheritedMetadata: + annotations: + "k8up.io/backup": "false" + template: + metadata: + annotations: + "k8up.io/backupcommand": "pg_dump -U postgres -d ${var.component} --clean" + "k8up.io/file-extension": ".sql" + "k8up.io/backup": "true" EOF ], var.backups.enable&&var.backups.use_barman?[<<-EOF backup: diff --git a/share/authentik/redis.tf b/share/authentik/redis.tf index 855c2c8..94e0cad 100644 --- a/share/authentik/redis.tf +++ b/share/authentik/redis.tf @@ -15,6 +15,9 @@ resource "kubectl_manifest" "authentik_redis" { key: "AUTHENTIK_REDIS__PASSWORD" storage: volumeClaimTemplate: + metadata: + annotations: + k8up.io/backup: "false" spec: accessModes: ["ReadWriteOnce"] resources: diff --git a/share/dataset-pg/postgresql.tf b/share/dataset-pg/postgresql.tf index 06e4281..d41470a 100644 --- a/share/dataset-pg/postgresql.tf +++ b/share/dataset-pg/postgresql.tf @@ -16,9 +16,6 @@ resource "kubectl_manifest" "prj_pg" { name: "${var.instance}-${var.component}" namespace: "${var.namespace}" labels: ${jsonencode(local.pg-labels)} - annotations: - "k8up.io/backupcommand": "pg_dumpall -U postgres -w --clean" - "k8up.io/file-extension": ".sql" spec: instances: ${var.postgres.replicas} imageName: "${var.images.postgresql.registry}/${var.images.postgresql.repository}:${var.images.postgresql.tag}" @@ -31,6 +28,15 @@ resource "kubectl_manifest" "prj_pg" { initdb: database: "${var.instance}" owner: "${var.instance}" + inheritedMetadata: + annotations: + "k8up.io/backup": "false" + template: + metadata: + annotations: + "k8up.io/backupcommand": "pg_dumpall -U postgres -w --clean" + "k8up.io/file-extension": ".sql" + "k8up.io/backup": "true" EOF ], var.backups.enable?[<<-EOF backup: diff --git a/share/dataset-redis/index.yaml b/share/dataset-redis/index.yaml index d0d7e35..e57d332 100644 --- a/share/dataset-redis/index.yaml +++ b/share/dataset-redis/index.yaml @@ -6,11 +6,16 @@ metadata: name: dataset-redis description: null options: - storage: - default: 8Gi + exporter: + default: + enable: true examples: - - 8Gi - type: string + - enable: true + properties: + enable: + default: true + type: boolean + type: object images: default: redis: @@ -74,16 +79,11 @@ options: type: string type: object type: object - exporter: - default: - enable: true + storage: + default: 8Gi examples: - - enable: true - properties: - enable: - default: true - type: boolean - type: object + - 8Gi + type: string dependencies: - dist: null category: dbo diff --git a/share/dataset-redis/redis.tf b/share/dataset-redis/redis.tf index c4e7958..00f81be 100644 --- a/share/dataset-redis/redis.tf +++ b/share/dataset-redis/redis.tf @@ -17,6 +17,9 @@ resource "kubectl_manifest" "prj_redis" { imagePullPolicy: "${var.images.redis.pull_policy}" storage: volumeClaimTemplate: + metadata: + annotations: + k8up.io/backup: "false" spec: accessModes: ["ReadWriteOnce"] resources: