This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/helm/README.md
Jens Langhammer bf7d110af3 Merge branch 'version-2021.4'
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

# Conflicts:
#	.github/workflows/release.yml
#	helm/README.md
#	helm/values.yaml
#	website/docs/installation/kubernetes.md
2021-04-29 23:50:52 +02:00

48 lines
4.7 KiB
Markdown

# authentik Helm Chart
| Name | Default | Description |
|-----------------------------------|-------------------------|-------------|
| image.name | beryju/authentik | Image used to run the authentik server and worker |
| image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
| image.name_outposts | beryju/authentik-%(type)s:%(version)s | Image used for managed outposts. Placeholders: %(type)s: Outpost type; proxy, ldap, etc. %(version)s: Current version; 2021.4.1 |
| image.tag | 2021.4.5 | Image tag |
| image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments |
| serverReplicas | 1 | Replicas for the Server deployment |
| workerReplicas | 1 | Replicas for the Worker deployment |
| kubernetesIntegration | true | Enable/disable the Kubernetes integration for authentik. This will create a service account for authentik to create and update outposts in authentik |
| config.secretKey | | Secret key used to sign session cookies, generate with `pwgen 50 1` or `openssl rand -base64 36` for example. |
| config.errorReporting.enabled | false | Enable/disable error reporting |
| config.errorReporting.environment | customer | Environment sent with the error reporting |
| config.errorReporting.sendPii | false | Whether to send Personally-identifiable data with the error reporting |
| config.logLevel | warning | Log level of authentik |
| config.email.host | localhost | SMTP Host Emails are sent to |
| config.email.port | 25 | SMTP Port Emails are sent to |
| config.email.username | | SMTP Username |
| config.email.password | | SMTP Password |
| config.email.use_tls | false | Enable StartTLS |
| config.email.use_ssl | false | Enable SSL |
| config.email.timeout | 10 | SMTP Timeout |
| config.email.from | authentik@localhost | Email address authentik will send from, should have a correct @domain |
| pvc.mode | ReadWriteMany | Mode that the PVCs are created in (uploads and GeoIP, if enabled) |
| pvc.uploadsSize | 5Gi | Size for the uploads PVC |
| pvc.uploadsStorageClass | null | Storage class for the uploads PVC (default: use default storage class) |
| pvc.geoIpSize | 1Gi | Size for the GeoIP PVC |
| pvc.geoIpStorageClass | null | Storage class for the GeoIP PVC (default: use default storage class) |
| geoip.enabled | false | Optionally enable GeoIP |
| geoip.accountId | | GeoIP MaxMind Account ID |
| geoip.licenseKey | | GeoIP MaxMind License key |
| geoip.image | maxmindinc/geoipupdate:latest | GeoIP Updater image |
| backup.accessKey | | Optionally enable S3 Backup, Access Key |
| backup.secretKey | | Optionally enable S3 Backup, Secret Key |
| backup.bucket | | Optionally enable S3 Backup, Bucket |
| backup.region | | Optionally enable S3 Backup, Region |
| backup.host | | Optionally enable S3 Backup, to custom Endpoint like minio |
| ingress.annotations | {} | Annotations for the ingress object |
| ingress.hosts | [authentik.k8s.local] | Hosts which the ingress will match |
| ingress.tls | [] | TLS Configuration, same as Ingress objects |
| install.postgresql | true | Enables/disables the packaged PostgreSQL Chart
| install.redis | true | Enables/disables the packaged Redis Chart
| postgresql.postgresqlPassword | | Password used for PostgreSQL, generated automatically.
For more info, see https://goauthentik.io/ and https://goauthentik.io/docs/installation/kubernetes/