This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/website/docs/installation/kubernetes.md
Jens Langhammer 7aa903d715 website/docs: update k8s install docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-05-21 19:02:05 +02:00

50 lines
1.6 KiB
Markdown

---
title: Kubernetes installation
---
For a mid to high-load installation, Kubernetes is recommended. authentik is installed using a helm-chart.
To install authentik using the helm chart, generate a password for the database and the cache, using `pwgen` or `openssl rand -base64 36`.
Create a values.yaml file with a minimum of these settings:
```yaml
authentik:
secret_key: "PleaseGenerateA50CharKey"
# This sends anonymous usage-data, stack traces on errors and
# performance data to sentry.beryju.org, and is fully opt-in
error_reporting:
enabled: true
postgresql:
password: "ThisIsNotASecurePassword"
ingress:
enabled: true
hosts:
- host: authentik.domain.tld
paths:
- path: "/"
pathType: Prefix
postgresql:
enabled: true
postgresqlPassword: "ThisIsNotASecurePassword"
redis:
enabled: true
```
See all configurable values on [artifacthub](https://artifacthub.io/packages/helm/goauthentik/authentik).
Afterwards, run these commands to install authentik:
```
helm repo add authentik https://charts.goauthentik.io
helm repo update
helm install authentik authentik/authentik -f values.yaml
```
This installation automatically applies database migrations on startup. After the installation is done, navigate to the `https://<ingress you've specified>/if/flow/initial-setup/`, to set a password for the akadmin user.
It is also recommended to configure global email credentials. These are used by authentik to notify you about alerts, configuration issues. They can also be used by [Email stages](flow/stages/email/index.md) to send verification/recovery emails.