Skip to content

Commit cbc3e83

Browse files
committed
test
1 parent aa5a060 commit cbc3e83

File tree

2 files changed

+84
-71
lines changed

2 files changed

+84
-71
lines changed
Lines changed: 73 additions & 71 deletions
Original file line numberDiff line numberDiff line change
@@ -1,72 +1,74 @@
1-
# ---
2-
# # Deployment per Authentik Proxy Outpost
3-
# apiVersion: apps/v1
4-
# kind: Deployment
5-
# metadata:
6-
# name: authentik-proxy-outpost
7-
# namespace: {{ .Release.Namespace }}
8-
# annotations:
9-
# argocd.argoproj.io/sync-wave: "4"
10-
# spec:
11-
# replicas: {{ .Values.outpost.replicas }}
12-
# selector:
13-
# matchLabels:
14-
# app.kubernetes.io/name: authentik-proxy-outpost
15-
# app.kubernetes.io/instance: {{ .Release.Name }}
16-
# template:
17-
# metadata:
18-
# labels:
19-
# app.kubernetes.io/name: authentik-proxy-outpost
20-
# app.kubernetes.io/instance: {{ .Release.Name }}
21-
# spec:
22-
# containers:
23-
# - name: proxy
24-
# image: ghcr.io/goauthentik/proxy:{{ .Values.outpost.image.tag | default .Chart.AppVersion }}
25-
# imagePullPolicy: IfNotPresent
26-
# ports:
27-
# - containerPort: 9000
28-
# name: http
29-
# protocol: TCP
30-
# - containerPort: 9443
31-
# name: https
32-
# protocol: TCP
33-
# env:
34-
# - name: AUTHENTIK_HOST
35-
# value: "http://authentik-server.{{ .Release.Namespace }}.svc.cluster.local/"
36-
# - name: AUTHENTIK_INSECURE
37-
# value: "true"
38-
# - name: AUTHENTIK_TOKEN
39-
# valueFrom:
40-
# secretKeyRef:
41-
# name: authentik-outpost-token
42-
# key: token
43-
# resources:
44-
# {{- toYaml .Values.outpost.resources | nindent 10 }}
45-
# {{- with .Values.outpost.affinity }}
46-
# affinity:
47-
# {{- toYaml . | nindent 8 }}
48-
# {{- end }}
1+
{{- if .Values.outpost.enabled }}
2+
---
3+
# Deployment per Authentik Proxy Outpost
4+
apiVersion: apps/v1
5+
kind: Deployment
6+
metadata:
7+
name: authentik-proxy-outpost
8+
namespace: {{ .Release.Namespace }}
9+
annotations:
10+
argocd.argoproj.io/sync-wave: "4"
11+
spec:
12+
replicas: {{ .Values.outpost.replicas | default 2 }}
13+
selector:
14+
matchLabels:
15+
app.kubernetes.io/name: authentik-proxy-outpost
16+
app.kubernetes.io/instance: {{ .Release.Name }}
17+
template:
18+
metadata:
19+
labels:
20+
app.kubernetes.io/name: authentik-proxy-outpost
21+
app.kubernetes.io/instance: {{ .Release.Name }}
22+
spec:
23+
containers:
24+
- name: proxy
25+
image: ghcr.io/goauthentik/proxy:{{ .Values.outpost.image.tag | default .Chart.AppVersion | default "2025.10.2" }}
26+
imagePullPolicy: IfNotPresent
27+
ports:
28+
- containerPort: 9000
29+
name: http
30+
protocol: TCP
31+
- containerPort: 9443
32+
name: https
33+
protocol: TCP
34+
env:
35+
- name: AUTHENTIK_HOST
36+
value: "http://authentik-server.{{ .Release.Namespace }}.svc.cluster.local/"
37+
- name: AUTHENTIK_INSECURE
38+
value: "true"
39+
- name: AUTHENTIK_TOKEN
40+
valueFrom:
41+
secretKeyRef:
42+
name: authentik-outpost-token
43+
key: token
44+
resources:
45+
{{- toYaml (.Values.outpost.resources | default dict) | nindent 10 }}
46+
{{- with .Values.outpost.affinity }}
47+
affinity:
48+
{{- toYaml . | nindent 8 }}
49+
{{- end }}
4950

50-
# ---
51-
# # Service per Authentik Proxy Outpost
52-
# apiVersion: v1
53-
# kind: Service
54-
# metadata:
55-
# name: authentik-proxy-outpost
56-
# namespace: {{ .Release.Namespace }}
57-
# annotations:
58-
# argocd.argoproj.io/sync-wave: "4"
59-
# spec:
60-
# type: ClusterIP
61-
# ports:
62-
# - port: 9000
63-
# targetPort: http
64-
# protocol: TCP
65-
# name: http
66-
# - port: 9443
67-
# targetPort: https
68-
# protocol: TCP
69-
# name: https
70-
# selector:
71-
# app.kubernetes.io/name: authentik-proxy-outpost
72-
# app.kubernetes.io/instance: {{ .Release.Name }}
51+
---
52+
# Service per Authentik Proxy Outpost
53+
apiVersion: v1
54+
kind: Service
55+
metadata:
56+
name: authentik-proxy-outpost
57+
namespace: {{ .Release.Namespace }}
58+
annotations:
59+
argocd.argoproj.io/sync-wave: "4"
60+
spec:
61+
type: ClusterIP
62+
ports:
63+
- port: 9000
64+
targetPort: http
65+
protocol: TCP
66+
name: http
67+
- port: 9443
68+
targetPort: https
69+
protocol: TCP
70+
name: https
71+
selector:
72+
app.kubernetes.io/name: authentik-proxy-outpost
73+
app.kubernetes.io/instance: {{ .Release.Name }}
74+
{{- end }}

kubernetes/infra/manifests/authentik/values.yaml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -283,4 +283,15 @@ smtp:
283283

284284
# Outpost per forward auth (proxy provider)
285285
outpost:
286+
enabled: false # Imposta a true per abilitare l'outpost proxy
286287
replicas: 2
288+
image:
289+
tag: "" # Se vuoto, usa .Chart.AppVersion come default
290+
resources:
291+
requests:
292+
cpu: 50m
293+
memory: 128Mi
294+
limits:
295+
cpu: 200m
296+
memory: 256Mi
297+
affinity: {} # Opzionale, lascia vuoto o configura secondo necessità

0 commit comments

Comments
 (0)