From a2ccdaca05c3ff2f61c3953957a3e1d4742beacc Mon Sep 17 00:00:00 2001
From: Bennett Panesar <58818842+bpanesar@users.noreply.github.com>
Date: Thu, 15 Sep 2022 04:24:17 -0400
Subject: [PATCH] website/integrations: Add Gitea Helm Chart Configuration
 (#3558)

* website/integrations: Add Gitea Helm Chart Configuration

* website/integrations: Add Gitea Helm Chart Configuration - pr fixes
---
 website/integrations/services/gitea/index.md | 52 ++++++++++++++++++++
 1 file changed, 52 insertions(+)

diff --git a/website/integrations/services/gitea/index.md b/website/integrations/services/gitea/index.md
index 43ce832b9..77166e75f 100644
--- a/website/integrations/services/gitea/index.md
+++ b/website/integrations/services/gitea/index.md
@@ -69,3 +69,55 @@ Change the following fields
 ![](./gitea1.png)
 
 `Add Authentication Source` and you should be done. Your Gitea login page should now have a `Sign in With` followed by the authentik logo which you can click on to sign-in to Gitea with Authentik creds.
+
+## Helm Chart Configuration
+
+authentik can be configured automatically in Gitea Kubernetes deployments via it's [Helm Chart](https://gitea.com/gitea/helm-chart/).
+
+:::note
+This is based on authentik 2022.8.2, Gitea v17.2, and Gitea Helm Chart v6.0.1. Instructions may differ between versions.
+:::
+
+Add the following to the Gitea Helm Chart `values.yaml` file:
+
+```yaml
+gitea:
+    oauth:
+        - name: "authentik"
+          provider: "openidConnect"
+          key: "CLIENT_ID_FROM_AUTHENTIK" #Step 1
+          secret: "CLIENT_SECRET_FROM_AUTHENTIK" #Step 1
+          autoDiscoveryUrl: "https://authentik.company/application/o/gitea-slug/.well-known/openid-configuration"
+          iconUrl: "https://goauthentik.io/img/icon.png"
+          scopes: "email profile"
+```
+
+### Kubernetes Secret
+
+Alternatively you can use a Kubernetes secret to set the `key` and `secret` values.
+
+Create a Kubernetes secret with the following:
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+    name: gitea-authentik-secret
+type: Opaque
+stringData:
+    key: "CLIENT_ID_FROM_AUTHENTIK" #Step 1
+    secret: "CLIENT_SECRET_FROM_AUTHENTIK" #Step 1
+```
+
+Add the following to the Gitea Helm Chart `values.yaml` file:
+
+```yaml
+gitea:
+    oauth:
+        - name: "authentik"
+          provider: "openidConnect"
+          existingSecret: gitea-authentik-secret
+          autoDiscoveryUrl: "https://authentik.company/application/o/gitea-slug/.well-known/openid-configuration"
+          iconUrl: "https://goauthentik.io/img/icon.png"
+          scopes: "email profile"
+```