Patch in authelia access rules

apps/authelia/release.yaml

@@ -72,6 +72,6 @@ spec:
 
       access_control:
         rules:
-          - domain: traefik.${domain}
+          # Deny by default, mainly a placeholder to allow patching in other rules
-            policy: one_factor
+          - domain: "*"
-            subject: "group:lldap_admin"
+            policy: deny

apps/kustomization.yaml

@@ -1,7 +1,9 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ./traefik-dashboard
   - ./lldap
   - ./authelia
   - ./whoami.yaml
+
+components:
+  - ./traefik-dashboard

apps/traefik-dashboard/access.yaml

@@ -0,0 +1,6 @@
+- op: add
+  path: /spec/values/configMap/access_control/rules/0
+  value:
+    domain: traefik.${domain}
+    policy: one_factor
+    subject: "group:lldap_admin"

apps/traefik-dashboard/kustomization.yaml

@@ -1,4 +1,10 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
+apiVersion: kustomize.config.k8s.io/v1alpha1
-kind: Kustomization
+kind: Component
 resources:
   - ingress.yaml
+patches:
+  - target:
+      kind: HelmRelease
+      name: authelia
+      namespace: authelia
+    path: access.yaml