Added authentik

2025-04-06 00:28:24 +01:00
parent 37a55aaf30
commit 69e01aaa92
5 changed files with 128 additions and 0 deletions
--- a/k8s/core/authentik/external-secrets.yaml
+++ b/k8s/core/authentik/external-secrets.yaml
@ -0,0 +1,46 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: authentik-creds
+  namespace: authentik
+spec:
+  target:
+    name: authentik-creds
+    deletionPolicy: Delete
+    template:
+      type: Opaque
+      data:
+        AUTHENTIK_HOST: "https://idm.hexor.cy"
+        AUTHENTIK_COOKIE_DOMAIN: "hexor.cy"
+        AUTHENTIK_POSTGRESQL__USER: |-
+          {{ .username }}
+        AUTHENTIK_POSTGRESQL__PASSWORD: |-
+          {{ .password }}
+        AUTHENTIK_SECRET_KEY: |-
+          {{ .secret_key }}
+  data:
+    - secretKey: password
+      sourceRef:
+        storeRef:
+          name: vaultwarden-login
+          kind: ClusterSecretStore
+      remoteRef:
+        key: 279c2c1f-c147-4b6b-a511-36c3cd764f9d
+        property: login.password
+    - secretKey: username
+      sourceRef:
+        storeRef:
+          name: vaultwarden-login
+          kind: ClusterSecretStore
+      remoteRef:
+        key: 279c2c1f-c147-4b6b-a511-36c3cd764f9d
+        property: login.username
+    - secretKey: secret_key
+      sourceRef:
+        storeRef:
+          name: vaultwarden-login
+          kind: ClusterSecretStore
+      remoteRef:
+        key: 279c2c1f-c147-4b6b-a511-36c3cd764f9d
+        property: fields[0].value
+