add authentik

2026-05-07 16:00:29 -05:00 · 2022-12-09 16:56:37 -06:00 · 2022-12-09 16:56:37 -06:00 · 9ea0b8c5df
commit 9ea0b8c5df
parent ed89c7d608
2 changed files with 16 additions and 1 deletions
--- a/longhorn/templates/authentik-service.yaml
+++ b/longhorn/templates/authentik-service.yaml
@ -0,0 +1,7 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: ak-outpost-authentik-embedded-outpost
+spec:
+  type: ExternalName
+  externalName: ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local        
--- a/longhorn/values.yaml
+++ b/longhorn/values.yaml
@ -214,7 +214,15 @@ longhorn:
    ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
    annotations:
      cert-manager.io/cluster-issuer: letsencrypt-production
-  
+      nginx.ingress.kubernetes.io/auth-url: |-
+        http://ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
+      nginx.ingress.kubernetes.io/auth-signin: |-
+          https://longhorn.durp.info/outpost.goauthentik.io/start?rd=$escaped_request_uri
+      nginx.ingress.kubernetes.io/auth-response-headers: |-
+          Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid
+      nginx.ingress.kubernetes.io/auth-snippet: |
+          proxy_set_header X-Forwarded-Host $http_host;
+
    secrets:
    ## If you're providing your own certificates, please use this to add the certificates as secrets
    ## key and certificate should start with -----BEGIN CERTIFICATE----- or