--- # yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: authentik namespace: security spec: interval: 30m chart: spec: chart: authentik version: 2023.8.3 interval: 30m sourceRef: kind: HelmRepository name: authentik namespace: flux-system values: annotations: secret.reloader.stakater.com/reload: authentik-secret,authentik-pguser-authentik,authentik-redis-secret authentik: log_level: info email: port: 587 use_tls: true error_reporting: enabled: false send_pii: false redis: host: "authentik-redis.security.svc.cluster.local" password: "" envValueFrom: AUTHENTIK_SECRET_KEY: secretKeyRef: name: authentik-secret key: authentik_secret_key AUTHENTIK_EMAIL__HOST: secretKeyRef: name: authentik-secret key: authentik_email_host AUTHENTIK_EMAIL__USERNAME: secretKeyRef: name: authentik-secret key: authentik_email_username AUTHENTIK_EMAIL__PASSWORD: secretKeyRef: name: authentik-secret key: authentik_email_password AUTHENTIK_EMAIL__FROM: secretKeyRef: name: authentik-secret key: authentik_email_from AUTHENTIK_POSTGRESQL__HOST: secretKeyRef: name: authentik-pguser-authentik key: host AUTHENTIK_POSTGRESQL__NAME: secretKeyRef: name: authentik-pguser-authentik key: dbname AUTHENTIK_POSTGRESQL__USER: secretKeyRef: name: authentik-pguser-authentik key: user AUTHENTIK_POSTGRESQL__PASSWORD: secretKeyRef: name: authentik-pguser-authentik key: password AUTHENTIK_REDIS__PASSWORD: secretKeyRef: name: authentik-redis-secret key: AUTHENTIK_REDIS_PASSWORD ingress: enabled: true ingressClassName: nginx annotations: external-dns.alpha.kubernetes.io/target: ingress.valinor.social nginx.ingress.kubernetes.io/proxy-read-timeout: "3600" nginx.ingress.kubernetes.io/proxy-send-timeout: "3600" hosts: - host: &host auth.valinor.social paths: - path: / tls: - hosts: - *host postgresql: enabled: false prometheus: rules: create: true serviceMonitor: create: true redis: enabled: false