infrastructure/black-start
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add authentik

Browse Source
This commit is contained in:
William Peebles
2026-04-08 11:20:06 -04:00
parent 8c5641e8eb
commit 58bb6ffac4
6 changed files with 231 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
kubernetes/secrets/authentik/authentik-credentials.nix Normal file
View File

@@ -0,0 +1,40 @@
{ config, ... }:
{
sops.templates."authentik-credentials.yaml" = {
mode = "0444";
content = ''
apiVersion: v1
kind: Secret
metadata:
name: authentik-credentials
namespace: authentik
type: Opaque
stringData:
admin-password: ${config.sops.placeholder.authentik_admin_password}
authentik-secret-key: ${config.sops.placeholder.authentik_secret_key}
replication-password: ${config.sops.placeholder.authentik_replication_password}
smtp-password: ${config.sops.placeholder.authentik_smtp_password}
user-password: ${config.sops.placeholder.authentik_user_password}
---
apiVersion: v1
kind: Secret
metadata:
name: authentik-db-auth
namespace: authentik
type: Opaque
stringData:
password: ${config.sops.placeholder.authentik_db_password}
---
apiVersion: v1
kind: Secret
metadata:
name: authentik-files
namespace: authentik
type: Opaque
stringData:
AWS_ACCESS_KEY_ID: ${config.sops.placeholder.authentik_files_keyid}
AWS_SECRET_ACCESS_KEY: ${config.sops.placeholder.authentik_files_keysecret}
'';
path = "/var/lib/rancher/k3s/server/manifests/secrets/authentik-credentials.yaml";
};
}

1
kubernetes/secrets/default.nix
View File

@@ -3,5 +3,6 @@
./cloudnativepg/s3-backup-creds.nix
./cloudnativepg/weyma-pgsql-replication.nix
./cert-manager/cloudflare-api-token.nix
./authentik/authentik-credentials.nix
];
}