feat: Enable cilium dsr

apps/authelia/base/cluster-restore.yaml

@@ -1,16 +0,0 @@
-apiVersion: postgresql.cnpg.io/v1
-kind: Cluster
-metadata:
-  name: db
-spec:
-  bootstrap:
-    recovery:
-      source: source
-  externalClusters:
-    - name: source
-      plugin:
-        name: barman-cloud.cloudnative-pg.io
-        parameters:
-          barmanObjectName: garage-store
-          serverName: db
-  plugins: []

apps/authelia/base/cluster.yaml

@@ -1,15 +0,0 @@
-apiVersion: postgresql.cnpg.io/v1
-kind: Cluster
-metadata:
-  name: db
-  namespace: authelia
-  # TODO: Add labels?
-spec:
-  storage:
-    size: 8Gi
-    storageClass: local-path
-  plugins:
-    - name: barman-cloud.cloudnative-pg.io
-      isWALArchiver: true
-      parameters:
-        barmanObjectName: garage-store

apps/authelia/base/helm-release.yaml

@@ -1,29 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2
-kind: HelmRelease
-metadata:
-  name: authelia
-  namespace: authelia
-spec:
-  interval: 12h
-  install:
-    strategy:
-      name: RetryOnFailure
-      retryInterval: 2m
-  upgrade:
-    strategy:
-      name: RetryOnFailure
-      retryInterval: 3m
-  chart:
-    spec:
-      chart: authelia
-      version: "0.10.x"
-      sourceRef:
-        kind: HelmRepository
-        name: authelia
-      interval: 24h
-  valuesFrom:
-    - kind: ConfigMap
-      name: values-base
-    - kind: ConfigMap
-      name: values-overlay
-      optional: true

apps/authelia/base/helm-repository.yaml

@@ -1,8 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1
-kind: HelmRepository
-metadata:
-  name: authelia
-  namespace: authelia
-spec:
-  interval: 24h
-  url: https://charts.authelia.com

apps/authelia/base/kustomization.yaml

@@ -1,25 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - namespace.yaml
-  - cluster.yaml
-  - service-user.yaml
-  - helm-repository.yaml
-  - helm-release.yaml
-  - secret-s3-garage.yaml
-  - object-store.yaml
-
-configurations:
-  - name-reference.yaml
-
-configMapGenerator:
-  - name: values-base
-    namespace: authelia
-    files:
-      - values.yaml
-
-# Uncomment to restore database from backup
-# patches:
-#   - path: cluster-restore.yaml
-#     target:
-#       kind: Cluster

apps/authelia/base/name-reference.yaml

@@ -1,6 +0,0 @@
-nameReference:
-  - kind: ConfigMap
-    version: v1
-    fieldSpecs:
-      - path: spec/valuesFrom/name
-        kind: HelmRelease

apps/authelia/base/namespace.yaml

@@ -1,5 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: authelia
-  namespace: authelia

apps/authelia/base/object-store.yaml

@@ -1,20 +0,0 @@
-apiVersion: barmancloud.cnpg.io/v1
-kind: ObjectStore
-metadata:
-  name: garage-store
-  namespace: authelia
-spec:
-  configuration:
-    destinationPath: s3://cnpg-backup/authelia
-    s3Credentials:
-      accessKeyId:
-        name: s3-garage
-        key: ACCESS_KEY_ID
-      secretAccessKey:
-        name: s3-garage
-        key: ACCESS_SECRET_KEY
-      region:
-        name: s3-garage
-        key: REGION
-    wal:
-      compression: gzip

apps/authelia/base/secret-s3-garage.yaml

@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: s3-garage
-  namespace: authelia
-  annotations:
-    reflector.v1.k8s.emberstack.com/reflects: "cnpg-system/s3-garage"
-type: Opaque
-data: {}

apps/authelia/base/service-user.yaml

@@ -1,6 +0,0 @@
-apiVersion: lldap.huizinga.dev/v1
-kind: ServiceUser
-metadata:
-  name: authelia
-  namespace: authelia
-spec: {}

apps/authelia/base/values.yaml

@@ -1,56 +0,0 @@
-pod:
-  kind: Deployment
-  replicas: 2
-ingress:
-  enabled: false
-
-secret:
-  additionalSecrets:
-    postgres-app:
-      key: db-app
-    authelia-lldap-credentials:
-      key: authelia-lldap-credentials
-
-configMap:
-  authentication_backend:
-    ldap:
-      enabled: true
-      implementation: lldap
-      address: ldap://lldap.lldap.svc.cluster.local:3890
-      base_dn: dc=huizinga,dc=dev
-      additional_users_dn: ou=people
-      users_filter: "(&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))"
-      additional_groups_dn: ou=groups
-      groups_filter: "(member={dn})"
-      attributes:
-        display_name: displayName
-        username: uid
-        group_name: cn
-        mail: mail
-      user: uid=authelia.authelia,ou=people,dc=huizinga,dc=dev
-      password:
-        secret_name: authelia-lldap-credentials
-        path: password
-
-  # session:
-  #   redis:
-  #     enabled: true
-  #     host: dragonflydb.authelia
-
-  storage:
-    postgres:
-      enabled: true
-      address: tcp://db-rw.authelia:5432
-      database: app
-      username: app
-      password:
-        secret_name: db-app
-        path: password
-
-  notifier:
-    filesystem:
-      enabled: true
-
-  # access_control:
-  #   secret:
-  #     existingSecret: authelia-acl

apps/authelia/production/cluster.yaml

@@ -1,6 +0,0 @@
-apiVersion: postgresql.cnpg.io/v1
-kind: Cluster
-metadata:
-  name: db
-spec:
-  instances: 2

apps/authelia/production/values.yaml

@@ -1,8 +0,0 @@
-pod:
-  replicas: 2
-
-configMap:
-  session:
-    cookies:
-      - subdomain: auth
-        domain: huizinga.dev

apps/authelia/staging/cluster.yaml

@@ -1,6 +0,0 @@
-apiVersion: postgresql.cnpg.io/v1
-kind: Cluster
-metadata:
-  name: db
-spec:
-  instances: 1

apps/authelia/staging/kustomization.yaml

@@ -1,18 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../base
-
-patches:
-  - path: cluster.yaml
-    target:
-      kind: Cluster
-  - path: object-store.yaml
-    target:
-      kind: ObjectStore
-
-configMapGenerator:
-  - name: values-overlay
-    namespace: cnpg-system
-    files:
-      - values.yaml

apps/authelia/staging/object-store.yaml

@@ -1,8 +0,0 @@
-apiVersion: barmancloud.cnpg.io/v1
-kind: ObjectStore
-metadata:
-  name: garage-store
-  namespace: lldap
-spec:
-  configuration:
-    endpointURL: http://192.168.1.1:3900

apps/authelia/staging/values.yaml

@@ -1,11 +0,0 @@
-pod:
-  replicas: 1
-
-configMap:
-  log:
-    level: debug
-
-  session:
-    cookies:
-      - subdomain: auth
-        domain: staging.huizinga.dev

apps/lldap/base/cluster-restore.yaml

@@ -1,7 +1,7 @@
 apiVersion: postgresql.cnpg.io/v1
 kind: Cluster
 metadata:
-  name: db
+  name: lldap-db
 spec:
   bootstrap:
     recovery:
@@ -12,5 +12,5 @@ spec:
         name: barman-cloud.cloudnative-pg.io
         parameters:
           barmanObjectName: garage-store
-          serverName: db
+          serverName: lldap-db
   plugins: []