flux-charts/mycloud-mail-stalwart/templates/authentik-application.yaml

---
apiVersion: source.toolkit.fluxcd.io/v1                                                                                                     
kind: GitRepository
metadata:
  name: wrenix-helm-charts
spec:
  url: https://codeberg.org/wrenix/helm-charts.git
  ref:
    branch: "authentik-application/ldap"
  interval: 10m
---
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: {{ .Release.Name }}-auth
spec:
  chart:
    spec:
      sourceRef:
        kind: GitRepository
        name: "wrenix-helm-charts"
        # namespace: "flux-system"
      chart: "./authentik-application"
      reconcileStrategy: "Revision"
  install:
    {{- toYaml .Values.commons.helm.release.install | nindent 4 }}
  test:
    {{- toYaml .Values.commons.helm.release.test | nindent 4 }}
  upgrade:
    {{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
  driftDetection:
    {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
  interval: 10m
  values:
    {{- $host := .Values.ingress.host | default (printf "mail.%s" .Values.commons.ingress.domain) }}
    blueprint:
      authentik:
        domain: "https://{{ .Values.commons.auth.host | default (printf "auth.%s" .Values.commons.ingress.domain) }}"
      provider:
        type: "ldap"
        name: "Mail-Stalwart"
        ldap:
          token: {{ .Values.auth.ldap.token | default (derivePassword 1 "long" .Values.commons.masterPassword "stalwart-mail" "auth.token") | quote }}

      groups:
        - slug: "mycloud - users"
          bindID: "4525d9a3-1853-45dc-adc0-6d411a3a907e"
      users:
        - username: {{ .Values.auth.ldap.bind.username | default (printf "%s-ldap" .Release.Name) | quote }}
          groups:
            - "mycloud - users"

      application:
        policyEngineMode: "any"
        openInNewTab: true
        publisher: "WrenIX's myCloud"
        slug: "mycloud-mail-stalwart"
        group: "Communication"
        name: "Mail Stalwart"
        launchURL: "https://{{ $host }}/"
        icon: "https://{{ $host }}/logo.svg"
        description: "Unlock the future of email with Stalwart (Management)"