chemavx
ff2e6cc985
Namespaces: argocd, authentik, backup-system, cloudflare-ddns, gitea, homarr, monitoring, n8n, openclaw, polymarket-bot, vaultwarden Cluster-wide: clusterissuers, namespaces Secrets: redacted (structure only, data=REDACTED)
96 lines
3.9 KiB
YAML
96 lines
3.9 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
annotations:
|
|
deployment.kubernetes.io/revision: '15'
|
|
kubectl.kubernetes.io/last-applied-configuration: '{"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"authentik-server","namespace":"authentik"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"authentik-server"}},"template":{"metadata":{"labels":{"app":"authentik-server"}},"spec":{"containers":[{"args":["server"],"env":[{"name":"AUTHENTIK_REDIS__HOST","value":"authentik-redis"},{"name":"AUTHENTIK_POSTGRESQL__HOST","value":"postgresql"},{"name":"AUTHENTIK_POSTGRESQL__USER","value":"authentik"},{"name":"AUTHENTIK_POSTGRESQL__NAME","value":"authentik"},{"name":"AUTHENTIK_POSTGRESQL__PASSWORD","valueFrom":{"secretKeyRef":{"key":"POSTGRES_PASSWORD","name":"authentik-secrets"}}},{"name":"AUTHENTIK_SECRET_KEY","valueFrom":{"secretKeyRef":{"key":"AUTHENTIK_SECRET_KEY","name":"authentik-secrets"}}},{"name":"AUTHENTIK_ERROR_REPORTING__ENABLED","value":"false"}],"image":"ghcr.io/goauthentik/server:2024.12.3","name":"server","ports":[{"containerPort":9000},{"containerPort":9443}],"resources":{"limits":{"cpu":"500m","memory":"1Gi"},"requests":{"cpu":"100m","memory":"512Mi"}},"volumeMounts":[{"mountPath":"/media","name":"media"}]}],"initContainers":[{"command":["sh","-c","until
|
|
pg_isready -h postgresql -U authentik; do echo waiting; sleep 2; done"],"image":"postgres:17-alpine","name":"wait-postgres"}],"volumes":[{"name":"media","persistentVolumeClaim":{"claimName":"authentik-media-pvc"}}]}}}}
|
|
|
|
'
|
|
name: authentik-server
|
|
namespace: authentik
|
|
spec:
|
|
progressDeadlineSeconds: 600
|
|
replicas: 1
|
|
revisionHistoryLimit: 10
|
|
selector:
|
|
matchLabels:
|
|
app: authentik-server
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 25%
|
|
maxUnavailable: 25%
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
kubectl.kubernetes.io/restartedAt: '2026-04-09T11:10:52Z'
|
|
labels:
|
|
app: authentik-server
|
|
spec:
|
|
containers:
|
|
- args:
|
|
- server
|
|
env:
|
|
- name: AUTHENTIK_REDIS__HOST
|
|
value: authentik-redis
|
|
- name: AUTHENTIK_POSTGRESQL__HOST
|
|
value: postgresql
|
|
- name: AUTHENTIK_POSTGRESQL__USER
|
|
value: authentik
|
|
- name: AUTHENTIK_POSTGRESQL__NAME
|
|
value: authentik
|
|
- name: AUTHENTIK_POSTGRESQL__PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: POSTGRES_PASSWORD
|
|
name: authentik-secrets
|
|
- name: AUTHENTIK_SECRET_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: AUTHENTIK_SECRET_KEY
|
|
name: authentik-secrets
|
|
- name: AUTHENTIK_ERROR_REPORTING__ENABLED
|
|
value: 'false'
|
|
image: ghcr.io/goauthentik/server:2024.12.3
|
|
imagePullPolicy: IfNotPresent
|
|
name: server
|
|
ports:
|
|
- containerPort: 9000
|
|
protocol: TCP
|
|
- containerPort: 9443
|
|
protocol: TCP
|
|
resources:
|
|
limits:
|
|
cpu: 500m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 512Mi
|
|
terminationMessagePath: /dev/termination-log
|
|
terminationMessagePolicy: File
|
|
volumeMounts:
|
|
- mountPath: /media
|
|
name: media
|
|
dnsPolicy: ClusterFirst
|
|
initContainers:
|
|
- command:
|
|
- sh
|
|
- -c
|
|
- until pg_isready -h postgresql -U authentik; do echo waiting; sleep 2; done
|
|
image: postgres:17-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
name: wait-postgres
|
|
resources: {}
|
|
terminationMessagePath: /dev/termination-log
|
|
terminationMessagePolicy: File
|
|
restartPolicy: Always
|
|
schedulerName: default-scheduler
|
|
securityContext: {}
|
|
terminationGracePeriodSeconds: 30
|
|
volumes:
|
|
- name: media
|
|
persistentVolumeClaim:
|
|
claimName: authentik-media-pvc
|
|
|