67 lines
1.4 KiB
YAML
67 lines
1.4 KiB
YAML
pod:
|
|
kind: Deployment
|
|
replicas: 2
|
|
ingress:
|
|
enabled: true
|
|
tls:
|
|
enabled: true
|
|
secret: ${domain//./-}-tls
|
|
traefikCRD:
|
|
enabled: true
|
|
entryPoints:
|
|
- websecure
|
|
|
|
secret:
|
|
additionalSecrets:
|
|
postgres-app:
|
|
key: postgres-app
|
|
authelia-lldap-credentials:
|
|
key: authelia-lldap-credentials
|
|
|
|
configMap:
|
|
authentication_backend:
|
|
ldap:
|
|
enabled: true
|
|
implementation: lldap
|
|
address: ldap://lldap.lldap.svc.cluster.local:3890
|
|
base_dn: dc=huizinga,dc=dev
|
|
additional_users_dn: ou=people
|
|
users_filter: "(&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))"
|
|
additional_groups_dn: ou=groups
|
|
groups_filter: "(member={dn})"
|
|
attributes:
|
|
display_name: displayName
|
|
username: uid
|
|
group_name: cn
|
|
mail: mail
|
|
user: uid=authelia.authelia,ou=people,dc=huizinga,dc=dev
|
|
password:
|
|
secret_name: authelia-lldap-credentials
|
|
path: password
|
|
|
|
session:
|
|
cookies:
|
|
- subdomain: login${subdomain}
|
|
domain: ${topdomain}
|
|
redis:
|
|
enabled: true
|
|
host: dragonflydb.authelia
|
|
|
|
storage:
|
|
postgres:
|
|
enabled: true
|
|
address: tcp://postgres-rw.authelia:5432
|
|
database: app
|
|
username: app
|
|
password:
|
|
secret_name: postgres-app
|
|
path: password
|
|
|
|
notifier:
|
|
filesystem:
|
|
enabled: true
|
|
|
|
access_control:
|
|
secret:
|
|
existingSecret: authelia-acl
|