This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/installation/kubernetes.md
Jens L 82bb179bc2
root: global email settings (#448)
* root: make global email settings configurable

* stages/email: add use_global_settings

* stages/email: add test_email command to test email sending

* stages/email: update email template

* stages/email: simplify email template path

* stages/email: add support for user-supplied email templates

* stages/email: add tests for sending and templates

* stages/email: only add custom template if permissions are correct

* docs: add custom email template docs

* root: add /templates volume in docker-compose by default

* stages/email: fix form not allowing custom templates

* stages/email: use relative path for custom templates

* stages/email: check if all templates exist on startup, reset

* docs: add global email docs for docker-compose

* helm: add email config to helm chart

* helm: load all secrets with env prefix

* helm: move s3 and smtp secret to secret

* stages/email: fix test for relative name

* stages/email: add argument to send email from existing stage

* stages/email: set uid using slug of message id

* stages/email: ensure template validation ignores migration runs

* docs: add email troubleshooting docs

* stages/email: fix long task_name breaking task list
2021-01-05 00:41:10 +01:00

101 lines
2.8 KiB
Markdown

---
title: Kubernetes installation
---
For a mid to high-load installation, Kubernetes is recommended. authentik is installed using a helm-chart.
To install authentik using the helm chart, run these commands:
```
helm repo add authentik https://docker.beryju.org/chartrepo/authentik
helm repo update
helm install authentik/authentik --devel -f values.yaml
```
This installation automatically applies database migrations on startup. After the installation is done, you can use `akadmin` as username and password.
It is also recommended to configure global email credentials. These are used by authentik to notify you about alerts, configuration issues. They can also be used by [Email stages](flow/stages/email/index.md) to send verification/recovery emails.
```yaml
###################################
# Values directly affecting authentik
###################################
image:
name: beryju/authentik
name_static: beryju/authentik-static
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
tag: 0.14.2-stable
serverReplicas: 1
workerReplicas: 1
# Enable the Kubernetes integration which lets authentik deploy outposts into kubernetes
kubernetesIntegration: true
config:
# Optionally specify fixed secret_key, otherwise generated automatically
# secretKey: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o
# Enable error reporting
errorReporting:
enabled: false
environment: customer
sendPii: false
# Log level used by web and worker
# Can be either debug, info, warning, error
logLevel: warning
# Global Email settings
email:
# SMTP Host Emails are sent to
host: localhost
port: 25
# Optionally authenticate
username: ""
password: ""
# Use StartTLS
useTls: false
# Use SSL
useSsl: false
timeout: 10
# Email address authentik will send from, should have a correct @domain
from: authentik@localhost
# Enable Database Backups to S3
# backup:
# accessKey: access-key
# secretKey: secret-key
# bucket: s3-bucket
# region: eu-central-1
# host: s3-host
ingress:
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- authentik.k8s.local
tls: []
# - secretName: chart-example-tls
# hosts:
# - authentik.k8s.local
###################################
# Values controlling dependencies
###################################
install:
postgresql: true
redis: true
# These values influence the bundled postgresql and redis charts, but are also used by authentik to connect
postgresql:
postgresqlDatabase: authentik
redis:
cluster:
enabled: false
master:
persistence:
enabled: false
```