|
1 | | -# --- |
2 | | -# # Deployment per Authentik Proxy Outpost |
3 | | -# apiVersion: apps/v1 |
4 | | -# kind: Deployment |
5 | | -# metadata: |
6 | | -# name: authentik-proxy-outpost |
7 | | -# namespace: {{ .Release.Namespace }} |
8 | | -# annotations: |
9 | | -# argocd.argoproj.io/sync-wave: "4" |
10 | | -# spec: |
11 | | -# replicas: {{ .Values.outpost.replicas }} |
12 | | -# selector: |
13 | | -# matchLabels: |
14 | | -# app.kubernetes.io/name: authentik-proxy-outpost |
15 | | -# app.kubernetes.io/instance: {{ .Release.Name }} |
16 | | -# template: |
17 | | -# metadata: |
18 | | -# labels: |
19 | | -# app.kubernetes.io/name: authentik-proxy-outpost |
20 | | -# app.kubernetes.io/instance: {{ .Release.Name }} |
21 | | -# spec: |
22 | | -# containers: |
23 | | -# - name: proxy |
24 | | -# image: ghcr.io/goauthentik/proxy:{{ .Values.outpost.image.tag | default .Chart.AppVersion }} |
25 | | -# imagePullPolicy: IfNotPresent |
26 | | -# ports: |
27 | | -# - containerPort: 9000 |
28 | | -# name: http |
29 | | -# protocol: TCP |
30 | | -# - containerPort: 9443 |
31 | | -# name: https |
32 | | -# protocol: TCP |
33 | | -# env: |
34 | | -# - name: AUTHENTIK_HOST |
35 | | -# value: "http://authentik-server.{{ .Release.Namespace }}.svc.cluster.local/" |
36 | | -# - name: AUTHENTIK_INSECURE |
37 | | -# value: "true" |
38 | | -# - name: AUTHENTIK_TOKEN |
39 | | -# valueFrom: |
40 | | -# secretKeyRef: |
41 | | -# name: authentik-outpost-token |
42 | | -# key: token |
43 | | -# resources: |
44 | | -# {{- toYaml .Values.outpost.resources | nindent 10 }} |
45 | | -# {{- with .Values.outpost.affinity }} |
46 | | -# affinity: |
47 | | -# {{- toYaml . | nindent 8 }} |
48 | | -# {{- end }} |
| 1 | +{{- if .Values.outpost.enabled }} |
| 2 | +--- |
| 3 | +# Deployment per Authentik Proxy Outpost |
| 4 | +apiVersion: apps/v1 |
| 5 | +kind: Deployment |
| 6 | +metadata: |
| 7 | + name: authentik-proxy-outpost |
| 8 | + namespace: {{ .Release.Namespace }} |
| 9 | + annotations: |
| 10 | + argocd.argoproj.io/sync-wave: "4" |
| 11 | +spec: |
| 12 | + replicas: {{ .Values.outpost.replicas | default 2 }} |
| 13 | + selector: |
| 14 | + matchLabels: |
| 15 | + app.kubernetes.io/name: authentik-proxy-outpost |
| 16 | + app.kubernetes.io/instance: {{ .Release.Name }} |
| 17 | + template: |
| 18 | + metadata: |
| 19 | + labels: |
| 20 | + app.kubernetes.io/name: authentik-proxy-outpost |
| 21 | + app.kubernetes.io/instance: {{ .Release.Name }} |
| 22 | + spec: |
| 23 | + containers: |
| 24 | + - name: proxy |
| 25 | + image: ghcr.io/goauthentik/proxy:{{ .Values.outpost.image.tag | default .Chart.AppVersion | default "2025.10.2" }} |
| 26 | + imagePullPolicy: IfNotPresent |
| 27 | + ports: |
| 28 | + - containerPort: 9000 |
| 29 | + name: http |
| 30 | + protocol: TCP |
| 31 | + - containerPort: 9443 |
| 32 | + name: https |
| 33 | + protocol: TCP |
| 34 | + env: |
| 35 | + - name: AUTHENTIK_HOST |
| 36 | + value: "http://authentik-server.{{ .Release.Namespace }}.svc.cluster.local/" |
| 37 | + - name: AUTHENTIK_INSECURE |
| 38 | + value: "true" |
| 39 | + - name: AUTHENTIK_TOKEN |
| 40 | + valueFrom: |
| 41 | + secretKeyRef: |
| 42 | + name: authentik-outpost-token |
| 43 | + key: token |
| 44 | + resources: |
| 45 | + {{- toYaml (.Values.outpost.resources | default dict) | nindent 10 }} |
| 46 | + {{- with .Values.outpost.affinity }} |
| 47 | + affinity: |
| 48 | + {{- toYaml . | nindent 8 }} |
| 49 | + {{- end }} |
49 | 50 |
|
50 | | -# --- |
51 | | -# # Service per Authentik Proxy Outpost |
52 | | -# apiVersion: v1 |
53 | | -# kind: Service |
54 | | -# metadata: |
55 | | -# name: authentik-proxy-outpost |
56 | | -# namespace: {{ .Release.Namespace }} |
57 | | -# annotations: |
58 | | -# argocd.argoproj.io/sync-wave: "4" |
59 | | -# spec: |
60 | | -# type: ClusterIP |
61 | | -# ports: |
62 | | -# - port: 9000 |
63 | | -# targetPort: http |
64 | | -# protocol: TCP |
65 | | -# name: http |
66 | | -# - port: 9443 |
67 | | -# targetPort: https |
68 | | -# protocol: TCP |
69 | | -# name: https |
70 | | -# selector: |
71 | | -# app.kubernetes.io/name: authentik-proxy-outpost |
72 | | -# app.kubernetes.io/instance: {{ .Release.Name }} |
| 51 | +--- |
| 52 | +# Service per Authentik Proxy Outpost |
| 53 | +apiVersion: v1 |
| 54 | +kind: Service |
| 55 | +metadata: |
| 56 | + name: authentik-proxy-outpost |
| 57 | + namespace: {{ .Release.Namespace }} |
| 58 | + annotations: |
| 59 | + argocd.argoproj.io/sync-wave: "4" |
| 60 | +spec: |
| 61 | + type: ClusterIP |
| 62 | + ports: |
| 63 | + - port: 9000 |
| 64 | + targetPort: http |
| 65 | + protocol: TCP |
| 66 | + name: http |
| 67 | + - port: 9443 |
| 68 | + targetPort: https |
| 69 | + protocol: TCP |
| 70 | + name: https |
| 71 | + selector: |
| 72 | + app.kubernetes.io/name: authentik-proxy-outpost |
| 73 | + app.kubernetes.io/instance: {{ .Release.Name }} |
| 74 | +{{- end }} |
0 commit comments