fix

2024-04-09 14:27:42 +02:00
parent 2ebd36f29c
commit 737820335d
6 changed files with 152 additions and 134 deletions
--- a/share/authentik/index.yaml
+++ b/share/authentik/index.yaml
@@ -6,10 +6,104 @@ metadata:
  name: authentik
  description: authentik is an open-source Identity Provider focused on flexibility and versatility
 options:
-  loglevel:
+  admin:
-    default: info
+    default:
      email: auth-admin
    examples:
-    - info
+    - email: auth-admin
    properties:
      email:
        default: auth-admin
        type: string
    type: object
  backups:
    default:
      enable: false
      endpoint: ''
      key_id_key: s3-id
      retention:
        db: 30d
      schedule:
        db: 0 3 * * *
      secret_key: s3-secret
      secret_name: backup-settings
      use_barman: false
    examples:
    - enable: false
      endpoint: ''
      key_id_key: s3-id
      retention:
        db: 30d
      schedule:
        db: 0 3 * * *
      secret_key: s3-secret
      secret_name: backup-settings
      use_barman: false
    properties:
      enable:
        default: false
        type: boolean
      endpoint:
        default: ''
        type: string
      key_id_key:
        default: s3-id
        type: string
      retention:
        default:
          db: 30d
        properties:
          db:
            default: 30d
            type: string
        type: object
      schedule:
        default:
          db: 0 3 * * *
        properties:
          db:
            default: 0 3 * * *
            type: string
        type: object
      secret_key:
        default: s3-secret
        type: string
      secret_name:
        default: backup-settings
        type: string
      use_barman:
        default: false
        type: boolean
    type: object
  customisation:
    default:
      configmap_name: ''
      use_custom_css: false
      use_icon_left: false
    examples:
    - configmap_name: ''
      use_custom_css: false
      use_icon_left: false
    properties:
      configmap_name:
        default: ''
        type: string
      use_custom_css:
        default: false
        type: boolean
      use_icon_left:
        default: false
        type: boolean
    type: object
  domain:
    default: your-company
    examples:
    - your-company
    type: string
  domain_name:
    default: your_company.com
    examples:
    - your_company.com
    type: string
  email:
    default:
@@ -36,11 +130,6 @@ options:
        default: false
        type: boolean
    type: object
  sub_domain:
    default: auth
    examples:
    - auth
    type: string
  error_reporting:
    default:
      enabled: false
@@ -61,21 +150,6 @@ options:
        default: false
        type: boolean
    type: object
  admin:
    default:
      email: auth-admin
    examples:
    - email: auth-admin
    properties:
      email:
        default: auth-admin
        type: string
    type: object
  domain:
    default: your-company
    examples:
    - your-company
    type: string
  geoip:
    default: /geoip/GeoLite2-City.mmdb
    examples:
@@ -248,6 +322,21 @@ options:
            type: string
        type: object
    type: object
  ingress_class:
    default: traefik
    examples:
    - traefik
    type: string
  issuer:
    default: letsencrypt-prod
    examples:
    - letsencrypt-prod
    type: string
  loglevel:
    default: info
    examples:
    - info
    type: string
  postgres:
    default:
      replicas: 1
@@ -258,11 +347,6 @@ options:
        default: 1
        type: integer
    type: object
  ingress_class:
    default: traefik
    examples:
    - traefik
    type: string
  redis:
    default:
      exporter:
@@ -309,95 +393,11 @@ options:
            type: string
        type: object
    type: object
-  backups:
+  sub_domain:
-    default:
+    default: auth
      enable: false
      endpoint: ''
      key_id_key: s3-id
      retention:
        db: 30d
      schedule:
        db: 0 3 * * *
      secret_key: s3-secret
      secret_name: backup-settings
      use_barman: false
    examples:
-    - enable: false
+    - auth
      endpoint: ''
      key_id_key: s3-id
      retention:
        db: 30d
      schedule:
        db: 0 3 * * *
      secret_key: s3-secret
      secret_name: backup-settings
      use_barman: false
    properties:
      enable:
        default: false
        type: boolean
      endpoint:
        default: ''
        type: string
      key_id_key:
        default: s3-id
        type: string
      retention:
        default:
          db: 30d
        properties:
          db:
            default: 30d
            type: string
        type: object
      schedule:
        default:
          db: 0 3 * * *
        properties:
          db:
            default: 0 3 * * *
            type: string
        type: object
      secret_key:
        default: s3-secret
        type: string
      secret_name:
        default: backup-settings
        type: string
      use_barman:
        default: false
        type: boolean
    type: object
  domain_name:
    default: your_company.com
    examples:
    - your_company.com
    type: string
  issuer:
    default: letsencrypt-prod
    examples:
    - letsencrypt-prod
    type: string
  customisation:
    default:
      configmap_name: ''
      use_custom_css: false
      use_icon_left: false
    examples:
    - configmap_name: ''
      use_custom_css: false
      use_icon_left: false
    properties:
      configmap_name:
        default: ''
        type: string
      use_custom_css:
        default: false
        type: boolean
      use_icon_left:
        default: false
        type: boolean
    type: object
 dependencies:
 - dist: null
  category: core
--- a/share/authentik/postgresql.tf
+++ b/share/authentik/postgresql.tf
@@ -15,9 +15,6 @@ resource "kubectl_manifest" "prj_pg" {
      name: "${var.instance}-${var.component}-pg"
      namespace: "${var.namespace}"
      labels: ${jsonencode(local.pg-labels)}
      annotations:
        "k8up.io/backupcommand": "pg_dump -U postgres -d ${var.component} --clean"
        "k8up.io/file-extension": ".sql"
    spec:
      instances: ${var.postgres.replicas}
      imageName: "${var.images.postgresql.registry}/${var.images.postgresql.repository}:${var.images.postgresql.tag}"
@@ -29,6 +26,15 @@ resource "kubectl_manifest" "prj_pg" {
          owner: "${var.component}"
      monitoring:
        enablePodMonitor: true
      inheritedMetadata:
        annotations:
          "k8up.io/backup": "false"
      template:
        metadata:
          annotations:
            "k8up.io/backupcommand": "pg_dump -U postgres -d ${var.component} --clean"
            "k8up.io/file-extension": ".sql"
            "k8up.io/backup": "true"
  EOF
  ], var.backups.enable&&var.backups.use_barman?[<<-EOF
      backup:
--- a/share/authentik/redis.tf
+++ b/share/authentik/redis.tf
@@ -15,6 +15,9 @@ resource "kubectl_manifest" "authentik_redis" {
          key: "AUTHENTIK_REDIS__PASSWORD"
      storage:
        volumeClaimTemplate:
          metadata:
            annotations:
              k8up.io/backup: "false"
          spec:
            accessModes: ["ReadWriteOnce"]
            resources:
--- a/share/dataset-pg/postgresql.tf
+++ b/share/dataset-pg/postgresql.tf
@@ -16,9 +16,6 @@ resource "kubectl_manifest" "prj_pg" {
      name: "${var.instance}-${var.component}"
      namespace: "${var.namespace}"
      labels: ${jsonencode(local.pg-labels)}
      annotations:
        "k8up.io/backupcommand": "pg_dumpall -U postgres -w --clean"
        "k8up.io/file-extension": ".sql"
    spec:
      instances: ${var.postgres.replicas}
      imageName: "${var.images.postgresql.registry}/${var.images.postgresql.repository}:${var.images.postgresql.tag}"
@@ -31,6 +28,15 @@ resource "kubectl_manifest" "prj_pg" {
        initdb:
          database: "${var.instance}"
          owner: "${var.instance}"
      inheritedMetadata:
        annotations:
          "k8up.io/backup": "false"
      template:
        metadata:
          annotations:
            "k8up.io/backupcommand": "pg_dumpall -U postgres -w --clean"
            "k8up.io/file-extension": ".sql"
            "k8up.io/backup": "true"
  EOF
  ], var.backups.enable?[<<-EOF
      backup:
--- a/share/dataset-redis/index.yaml
+++ b/share/dataset-redis/index.yaml
@@ -6,11 +6,16 @@ metadata:
  name: dataset-redis
  description: null
 options:
-  storage:
+  exporter:
-    default: 8Gi
+    default:
      enable: true
    examples:
-    - 8Gi
+    - enable: true
-    type: string
+    properties:
      enable:
        default: true
        type: boolean
    type: object
  images:
    default:
      redis:
@@ -74,16 +79,11 @@ options:
            type: string
        type: object
    type: object
-  exporter:
+  storage:
-    default:
+    default: 8Gi
      enable: true
    examples:
-    - enable: true
+    - 8Gi
-    properties:
+    type: string
      enable:
        default: true
        type: boolean
    type: object
 dependencies:
 - dist: null
  category: dbo
--- a/share/dataset-redis/redis.tf
+++ b/share/dataset-redis/redis.tf
@@ -17,6 +17,9 @@ resource "kubectl_manifest" "prj_redis" {
        imagePullPolicy: "${var.images.redis.pull_policy}"
      storage:
        volumeClaimTemplate:
          metadata:
            annotations:
              k8up.io/backup: "false"
          spec:
            accessModes: ["ReadWriteOnce"]
            resources: