25c001f2cd
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
4.7 KiB
4.7 KiB
authentik Helm Chart
Name | Default | Description |
---|---|---|
image.name | beryju/authentik | Image used to run the authentik server and worker |
image.name_static | beryju/authentik-static | Image used to run the authentik static server (CSS and JS Files) |
image.name_outposts | beryju/authentik-%(type)s:%(version)s | Image used for managed outposts. Placeholders: %(type)s: Outpost type; proxy, ldap, etc. %(version)s: Current version; 2021.4.1 |
image.tag | 2021.4.4 | Image tag |
image.pullPolicy | IfNotPresent | Image Pull Policy used for all deployments |
serverReplicas | 1 | Replicas for the Server deployment |
workerReplicas | 1 | Replicas for the Worker deployment |
kubernetesIntegration | true | Enable/disable the Kubernetes integration for authentik. This will create a service account for authentik to create and update outposts in authentik |
config.secretKey | Secret key used to sign session cookies, generate with pwgen 50 1 or openssl rand -base64 36 for example. |
|
config.errorReporting.enabled | false | Enable/disable error reporting |
config.errorReporting.environment | customer | Environment sent with the error reporting |
config.errorReporting.sendPii | false | Whether to send Personally-identifiable data with the error reporting |
config.logLevel | warning | Log level of authentik |
config.email.host | localhost | SMTP Host Emails are sent to |
config.email.port | 25 | SMTP Port Emails are sent to |
config.email.username | SMTP Username | |
config.email.password | SMTP Password | |
config.email.use_tls | false | Enable StartTLS |
config.email.use_ssl | false | Enable SSL |
config.email.timeout | 10 | SMTP Timeout |
config.email.from | authentik@localhost | Email address authentik will send from, should have a correct @domain |
pvc.mode | ReadWriteMany | Mode that the PVCs are created in (uploads and GeoIP, if enabled) |
pvc.uploadsSize | 5Gi | Size for the uploads PVC |
pvc.uploadsStorageClass | null | Storage class for the uploads PVC (default: use default storage class) |
pvc.geoIpSize | 1Gi | Size for the GeoIP PVC |
pvc.geoIpStorageClass | null | Storage class for the GeoIP PVC (default: use default storage class) |
geoip.enabled | false | Optionally enable GeoIP |
geoip.accountId | GeoIP MaxMind Account ID | |
geoip.licenseKey | GeoIP MaxMind License key | |
geoip.image | maxmindinc/geoipupdate:latest | GeoIP Updater image |
backup.accessKey | Optionally enable S3 Backup, Access Key | |
backup.secretKey | Optionally enable S3 Backup, Secret Key | |
backup.bucket | Optionally enable S3 Backup, Bucket | |
backup.region | Optionally enable S3 Backup, Region | |
backup.host | Optionally enable S3 Backup, to custom Endpoint like minio | |
ingress.annotations | {} | Annotations for the ingress object |
ingress.hosts | [authentik.k8s.local] | Hosts which the ingress will match |
ingress.tls | [] | TLS Configuration, same as Ingress objects |
install.postgresql | true | Enables/disables the packaged PostgreSQL Chart |
install.redis | true | Enables/disables the packaged Redis Chart |
postgresql.postgresqlPassword | Password used for PostgreSQL, generated automatically. |
For more info, see https://goauthentik.io/ and https://goauthentik.io/docs/installation/kubernetes/