diff --git a/share/authentik/datas.tf b/share/authentik/datas.tf index ea86bf7..4992ccb 100644 --- a/share/authentik/datas.tf +++ b/share/authentik/datas.tf @@ -1,6 +1,4 @@ locals { - authentik_url = "http://authentik.${var.domain}-auth.svc" - authentik_token = data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"] common-labels = { "vynil.solidite.fr/owner-name" = var.instance "vynil.solidite.fr/owner-namespace" = var.namespace @@ -12,13 +10,6 @@ locals { } } -data "kubernetes_secret_v1" "authentik" { - metadata { - name = "authentik" - namespace = var.namespace - } -} - data "kustomization_overlay" "data" { namespace = var.namespace common_labels = local.common-labels diff --git a/share/authentik/index.yaml b/share/authentik/index.yaml index 70333a2..8f57b94 100644 --- a/share/authentik/index.yaml +++ b/share/authentik/index.yaml @@ -6,137 +6,11 @@ metadata: name: authentik description: authentik is an open-source Identity Provider focused on flexibility and versatility options: - sub_domain: - default: auth - examples: - - auth - type: string - geoip: - default: /geoip/GeoLite2-City.mmdb - examples: - - /geoip/GeoLite2-City.mmdb - type: string - admin: - default: - email: auth-admin - examples: - - email: auth-admin - properties: - email: - default: auth-admin - type: string - type: object loglevel: default: info examples: - info type: string - error_reporting: - default: - enabled: false - environment: k8s - send_pii: false - examples: - - enabled: false - environment: k8s - send_pii: false - properties: - enabled: - default: false - type: boolean - environment: - default: k8s - type: string - send_pii: - default: false - type: boolean - type: object - email: - default: - port: 587 - timeout: 30 - use_ssl: false - use_tls: false - examples: - - port: 587 - timeout: 30 - use_ssl: false - use_tls: false - properties: - port: - default: 587 - type: integer - timeout: - default: 30 - type: integer - use_ssl: - default: false - type: boolean - use_tls: - default: false - type: boolean - type: object - redis: - default: - exporter: - enabled: true - examples: - - exporter: - enabled: true - properties: - exporter: - default: - enabled: true - properties: - enabled: - default: true - type: boolean - type: object - type: object - storage: - default: - postgres: - size: 8Gi - redis: - size: 8Gi - examples: - - postgres: - size: 8Gi - redis: - size: 8Gi - properties: - postgres: - default: - size: 8Gi - properties: - size: - default: 8Gi - type: string - type: object - redis: - default: - size: 8Gi - properties: - size: - default: 8Gi - type: string - type: object - type: object - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - ingress_class: - default: traefik - examples: - - traefik - type: string - domain: - default: your-company - examples: - - your-company - type: string postgres: default: replicas: 1 @@ -147,11 +21,21 @@ options: default: 1 type: integer type: object - domain_name: - default: your_company.com + sub_domain: + default: auth examples: - - your_company.com + - auth type: string + admin: + default: + email: auth-admin + examples: + - email: auth-admin + properties: + email: + default: auth-admin + type: string + type: object images: default: app: @@ -289,6 +173,65 @@ options: type: string type: object type: object + error_reporting: + default: + enabled: false + environment: k8s + send_pii: false + examples: + - enabled: false + environment: k8s + send_pii: false + properties: + enabled: + default: false + type: boolean + environment: + default: k8s + type: string + send_pii: + default: false + type: boolean + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + storage: + default: + postgres: + size: 8Gi + redis: + size: 8Gi + examples: + - postgres: + size: 8Gi + redis: + size: 8Gi + properties: + postgres: + default: + size: 8Gi + properties: + size: + default: 8Gi + type: string + type: object + redis: + default: + size: 8Gi + properties: + size: + default: 8Gi + type: string + type: object + type: object + ingress_class: + default: traefik + examples: + - traefik + type: string backups: default: enable: false @@ -348,6 +291,63 @@ options: default: false type: boolean type: object + domain: + default: your-company + examples: + - your-company + type: string + email: + default: + port: 587 + timeout: 30 + use_ssl: false + use_tls: false + examples: + - port: 587 + timeout: 30 + use_ssl: false + use_tls: false + properties: + port: + default: 587 + type: integer + timeout: + default: 30 + type: integer + use_ssl: + default: false + type: boolean + use_tls: + default: false + type: boolean + type: object + domain_name: + default: your_company.com + examples: + - your_company.com + type: string + redis: + default: + exporter: + enabled: true + examples: + - exporter: + enabled: true + properties: + exporter: + default: + enabled: true + properties: + enabled: + default: true + type: boolean + type: object + type: object + geoip: + default: /geoip/GeoLite2-City.mmdb + examples: + - /geoip/GeoLite2-City.mmdb + type: string dependencies: - dist: null category: core diff --git a/share/authentik/presentation.tf b/share/authentik/presentation.tf index 7c5a7bd..2862ba5 100644 --- a/share/authentik/presentation.tf +++ b/share/authentik/presentation.tf @@ -65,4 +65,3 @@ module "ingress" { kubectl = kubectl } } -