apiVersion: apps/v1 kind: Deployment metadata: annotations: deployment.kubernetes.io/revision: '15' kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"authentik-server","namespace":"authentik"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"authentik-server"}},"template":{"metadata":{"labels":{"app":"authentik-server"}},"spec":{"containers":[{"args":["server"],"env":[{"name":"AUTHENTIK_REDIS__HOST","value":"authentik-redis"},{"name":"AUTHENTIK_POSTGRESQL__HOST","value":"postgresql"},{"name":"AUTHENTIK_POSTGRESQL__USER","value":"authentik"},{"name":"AUTHENTIK_POSTGRESQL__NAME","value":"authentik"},{"name":"AUTHENTIK_POSTGRESQL__PASSWORD","valueFrom":{"secretKeyRef":{"key":"POSTGRES_PASSWORD","name":"authentik-secrets"}}},{"name":"AUTHENTIK_SECRET_KEY","valueFrom":{"secretKeyRef":{"key":"AUTHENTIK_SECRET_KEY","name":"authentik-secrets"}}},{"name":"AUTHENTIK_ERROR_REPORTING__ENABLED","value":"false"}],"image":"ghcr.io/goauthentik/server:2024.12.3","name":"server","ports":[{"containerPort":9000},{"containerPort":9443}],"resources":{"limits":{"cpu":"500m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"512Mi"}},"volumeMounts":[{"mountPath":"/media","name":"media"}]}],"initContainers":[{"command":["sh","-c","until pg_isready -h postgresql -U authentik; do echo waiting; sleep 2; done"],"image":"postgres:17-alpine","name":"wait-postgres"}],"volumes":[{"name":"media","persistentVolumeClaim":{"claimName":"authentik-media-pvc"}}]}}}} ' name: authentik-server namespace: authentik spec: progressDeadlineSeconds: 600 replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app: authentik-server strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: annotations: kubectl.kubernetes.io/restartedAt: '2026-04-09T11:10:52Z' labels: app: authentik-server spec: containers: - args: - server env: - name: AUTHENTIK_REDIS__HOST value: authentik-redis - name: AUTHENTIK_POSTGRESQL__HOST value: postgresql - name: AUTHENTIK_POSTGRESQL__USER value: authentik - name: AUTHENTIK_POSTGRESQL__NAME value: authentik - name: AUTHENTIK_POSTGRESQL__PASSWORD valueFrom: secretKeyRef: key: POSTGRES_PASSWORD name: authentik-secrets - name: AUTHENTIK_SECRET_KEY valueFrom: secretKeyRef: key: AUTHENTIK_SECRET_KEY name: authentik-secrets - name: AUTHENTIK_ERROR_REPORTING__ENABLED value: 'false' image: ghcr.io/goauthentik/server:2024.12.3 imagePullPolicy: IfNotPresent name: server ports: - containerPort: 9000 protocol: TCP - containerPort: 9443 protocol: TCP resources: limits: cpu: 500m memory: 1Gi requests: cpu: 100m memory: 512Mi terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /media name: media dnsPolicy: ClusterFirst initContainers: - command: - sh - -c - until pg_isready -h postgresql -U authentik; do echo waiting; sleep 2; done image: postgres:17-alpine imagePullPolicy: IfNotPresent name: wait-postgres resources: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - name: media persistentVolumeClaim: claimName: authentik-media-pvc