From 55a2cfcf38d36aa537a3631414f8462af70060dc Mon Sep 17 00:00:00 2001
From: William P <me@williamtpeebles.com>
Date: Sat, 7 Jun 2025 20:44:50 -0400
Subject: [PATCH] add authentik db

---
 postgres/config/authentik_auth.yaml | 25 +++++++++++++++++++++++++
 postgres/config/clusters/main.yaml  |  8 +++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 postgres/config/authentik_auth.yaml

diff --git a/postgres/config/authentik_auth.yaml b/postgres/config/authentik_auth.yaml
new file mode 100644
index 0000000..b18a331
--- /dev/null
+++ b/postgres/config/authentik_auth.yaml
@@ -0,0 +1,25 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: authentik-auth
+spec:
+  data:
+  - remoteRef:
+      conversionStrategy: Default
+      decodingStrategy: None
+      key: cloudnativepg
+      metadataPolicy: None
+      property: authentik_pw
+    secretKey: password
+  refreshInterval: 1h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: weyma-vault
+  target:
+    template:
+      data:
+        username: authentik
+        password: "{{ .password }}"
+    creationPolicy: Owner
+    deletionPolicy: Retain
+    name: authentik-auth
diff --git a/postgres/config/clusters/main.yaml b/postgres/config/clusters/main.yaml
index bd95c74..709a252 100644
--- a/postgres/config/clusters/main.yaml
+++ b/postgres/config/clusters/main.yaml
@@ -35,4 +35,10 @@ spec:
       login: true
       superuser: true
       passwordSecret:
-        name: williamp-auth
\ No newline at end of file
+        name: williamp-auth
+    - name: authentik
+      ensure: present
+      comment: authentik
+      login: true
+      passwordSecret:
+        name: authentik-auth
\ No newline at end of file