60 lines
2.5 KiB
YAML
60 lines
2.5 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: {{ .Release.Name }}-auth
|
|
spec:
|
|
chart:
|
|
spec:
|
|
sourceRef:
|
|
kind: GitRepository
|
|
name: "wrenix-helm-charts"
|
|
namespace: "flux-system"
|
|
chart: "./authentik-application"
|
|
reconcileStrategy: "Revision"
|
|
install:
|
|
{{- toYaml .Values.commons.helm.release.install | nindent 4 }}
|
|
test:
|
|
{{- toYaml .Values.commons.helm.release.test | nindent 4 }}
|
|
upgrade:
|
|
{{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
|
|
driftDetection:
|
|
{{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
|
|
interval: 10m
|
|
values:
|
|
{{- $clientHost := .Values.server.auth.webClient | default (printf "element.%s" .Values.commons.ingress.domain) }}
|
|
blueprint:
|
|
authentik:
|
|
domain: "https://{{ include "mycloud-matrix.domain.auth" . }}"
|
|
provider:
|
|
type: "oidc"
|
|
name: "Matrix"
|
|
oidc:
|
|
clientType: "confidential"
|
|
{{- if .Values.server.authenticationService.enabled }}
|
|
redirectURL: "https://{{ include "mycloud-matrix.host.authenticationService" . }}/upstream/callback/0000000000000000000MYC10VD"
|
|
{{- else }}
|
|
redirectURL: "https://{{ include "mycloud-matrix.host.server" . }}/_synapse/client/oidc/callback"
|
|
{{- end }}
|
|
clientID: {{ .Values.server.auth.clientID | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix" "auth.clientID") | sha256sum }}
|
|
clientSecret: {{ .Values.server.auth.clientSecret | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix" "auth.clientSecret") | sha256sum }}
|
|
signingKey: "authentik Self-signed Certificate"
|
|
scopes:
|
|
- name: "authentik default OAuth Mapping: OpenID 'openid'"
|
|
- name: "authentik default OAuth Mapping: OpenID 'email'"
|
|
- name: "authentik default OAuth Mapping: OpenID 'profile'"
|
|
|
|
groups:
|
|
- slug: "mycloud - users"
|
|
bindID: "c261fd19-dbe2-43c6-9de8-e7265c1d57fd"
|
|
|
|
application:
|
|
policyEngineMode: "any"
|
|
openInNewTab: true
|
|
publisher: "WrenIX's myCloud"
|
|
slug: "mycloud-matrix"
|
|
group: "Chat"
|
|
name: "Matrix"
|
|
launchURL: "https://{{ $clientHost }}/"
|
|
icon: "https://{{ $clientHost }}/themes/element/img/logos/element-logo.svg"
|
|
description: "Matrix is an open standard and communication protocol for real-time communication. It aims to make real-time communication work seamlessly between different service providers."
|