global:
  image:
    tag: "2025.12.0"

authentik:
    error_reporting:
        enabled: true
    postgresql:
        name: "authentik"
        host: "psql.psql.svc"
        port: 5432
worker:
  envFrom:
    - secretRef:
        name: authentik-creds
# volumes:
#   - name: dshm
#     emptyDir:
#       medium: Memory
#       sizeLimit: 512Mi
# volumeMounts:
#   - name: dshm
#     mountPath: /dev/shm
# livenessProbe:
#   exec:
#     command: ["/bin/sh", "-c", "kill -0 1"]
#   initialDelaySeconds: 5
#   periodSeconds: 10
#   failureThreshold: 3
#   timeoutSeconds: 3
# readinessProbe:
#   exec:
#     command: ["/bin/sh", "-c", "kill -0 1"]
#   initialDelaySeconds: 5
#   periodSeconds: 10
#   failureThreshold: 3
#   timeoutSeconds: 3
# startupProbe:
#   exec:
#     command: ["/bin/sh", "-c", "kill -0 1"]
#   initialDelaySeconds: 30
#   periodSeconds: 10
#   failureThreshold: 60
#   timeoutSeconds: 3
server:
  envFrom:
    - secretRef:
        name: authentik-creds
  ingress:
      enabled: true
      ingressClassName: traefik
      annotations: 
        cert-manager.io/cluster-issuer: letsencrypt
        traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd
      hosts:
        - idm.hexor.cy
        - nas.hexor.cy       # TrueNAS Limassol
        - nc.hexor.cy        # NaxtCloud
        - of.hexor.cy        # Outfleet-v2
        - k8s.hexor.cy       # k8s dashboard
        - qbt.hexor.cy       # qBittorent for Jellyfin
        - prom.hexor.cy      # Prometheus
        - khm.hexor.cy       # Known Hosts keys Manager
        - backup.hexor.cy    # Kopia Backup UI
        - fm.hexor.cy        # Filemanager
        - minecraft.hexor.cy # Minecraft UI and server
        - pass.hexor.cy      # k8s-secret for openai
        - ps.hexor.cy        # pasarguard UI
#       - rw.hexor.cy        # RemnaWave UI
      tls:
        - secretName: idm-tls
          hosts:
            - '*.hexor.cy'
redis:
    enabled: false