Authentik + Postgrescluster
This commit is contained in:
parent
61f316b8e4
commit
92380a3b4b
48
homelab/authentik.yml
Normal file
48
homelab/authentik.yml
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
authentik:
|
||||||
|
# This sends anonymous usage-data, stack traces on errors and
|
||||||
|
# performance data to sentry.io, and is fully opt-in
|
||||||
|
error_reporting:
|
||||||
|
enabled: false
|
||||||
|
envValueFrom:
|
||||||
|
AUTHENTIK_SECRET_KEY:
|
||||||
|
secretKeyRef:
|
||||||
|
name: authentik-secrets
|
||||||
|
key: secret-key
|
||||||
|
AUTHENTIK_POSTGRESQL__HOST:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hippo-pguser-authentik
|
||||||
|
key: host
|
||||||
|
AUTHENTIK_POSTGRESQL__PASSWORD:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hippo-pguser-authentik
|
||||||
|
key: password
|
||||||
|
AUTHENTIK_POSTGRESQL__USER:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hippo-pguser-authentik
|
||||||
|
key: user
|
||||||
|
AUTHENTIK_POSTGRESQL__PORT:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hippo-pguser-authentik
|
||||||
|
key: port
|
||||||
|
|
||||||
|
prometheus:
|
||||||
|
serviceMonitor:
|
||||||
|
create: true
|
||||||
|
|
||||||
|
ingress:
|
||||||
|
# Specify kubernetes ingress controller class name
|
||||||
|
ingressClassName: nginx
|
||||||
|
enabled: true
|
||||||
|
hosts:
|
||||||
|
# Specify external host name
|
||||||
|
- host: authentik.gmem.ca
|
||||||
|
paths:
|
||||||
|
- path: "/"
|
||||||
|
pathType: Prefix
|
||||||
|
# Specify external host name
|
||||||
|
- host: prometheus.gmem.ca
|
||||||
|
paths:
|
||||||
|
- path: "/"
|
||||||
|
pathType: Prefix
|
||||||
|
redis:
|
||||||
|
enabled: true
|
49
homelab/postgres-cluster.yml
Normal file
49
homelab/postgres-cluster.yml
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
apiVersion: postgres-operator.crunchydata.com/v1beta1
|
||||||
|
kind: PostgresCluster
|
||||||
|
metadata:
|
||||||
|
name: hippo
|
||||||
|
spec:
|
||||||
|
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-15.4-1
|
||||||
|
postgresVersion: 15
|
||||||
|
databaseInitSQL:
|
||||||
|
key: init.sql
|
||||||
|
name: init-sql
|
||||||
|
instances:
|
||||||
|
- name: instance1
|
||||||
|
replicas: 3
|
||||||
|
dataVolumeClaimSpec:
|
||||||
|
accessModes:
|
||||||
|
- "ReadWriteOnce"
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
|
backups:
|
||||||
|
pgbackrest:
|
||||||
|
image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.47-1
|
||||||
|
repos:
|
||||||
|
- name: repo1
|
||||||
|
volume:
|
||||||
|
volumeClaimSpec:
|
||||||
|
accessModes:
|
||||||
|
- "ReadWriteOnce"
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 1Gi
|
||||||
|
monitoring:
|
||||||
|
pgmonitor:
|
||||||
|
exporter:
|
||||||
|
image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.4.3-0
|
||||||
|
|
||||||
|
users:
|
||||||
|
- name: authentik
|
||||||
|
databases:
|
||||||
|
- authentik
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: init-sql
|
||||||
|
data:
|
||||||
|
init.sql: |
|
||||||
|
\c authentik
|
||||||
|
GRANT CREATE ON SCHEMA public TO "authentik";
|
Loading…
Reference in a new issue