Compare commits
8 commits
4a020f2074
...
9fc887debe
Author | SHA1 | Date | |
---|---|---|---|
9fc887debe | |||
de718c605c | |||
abaa148b33 | |||
833e839ab0 | |||
8a756f44cf | |||
65fe0e858a | |||
3c6ffc23a2 | |||
a6ef322049 |
11 changed files with 5 additions and 259 deletions
docker
kubernetes/apps/production/authentik
|
@ -39,7 +39,7 @@ services:
|
|||
- host.docker.internal:host-gateway
|
||||
|
||||
searxng:
|
||||
image: searxng/searxng@sha256:662971a55feacea2eacd2a8a2f51b3e26b56a73080dd131d079d15d7b991faed
|
||||
image: searxng/searxng@sha256:1b8bd534a996c668838e214beef058b4e622939c0612b7d82533ea16883a0d4c
|
||||
container_name: searxng
|
||||
networks:
|
||||
- ai-stack
|
||||
|
|
|
@ -30,7 +30,7 @@ services:
|
|||
volumes:
|
||||
- redis:/data
|
||||
server:
|
||||
image: ghcr.io/goauthentik/server:2025.2.0
|
||||
image: ghcr.io/goauthentik/server:2025.2.1
|
||||
restart: unless-stopped
|
||||
command: server
|
||||
environment:
|
||||
|
@ -52,7 +52,7 @@ services:
|
|||
- postgresql
|
||||
- redis
|
||||
worker:
|
||||
image: ghcr.io/goauthentik/server:2025.2.0
|
||||
image: ghcr.io/goauthentik/server:2025.2.1
|
||||
restart: unless-stopped
|
||||
command: worker
|
||||
environment:
|
||||
|
@ -80,7 +80,7 @@ services:
|
|||
- redis
|
||||
|
||||
authentik_ldap:
|
||||
image: ghcr.io/goauthentik/ldap:2025.2.0
|
||||
image: ghcr.io/goauthentik/ldap:2025.2.1
|
||||
ports:
|
||||
- 389:3389
|
||||
- 636:6636
|
||||
|
|
|
@ -189,7 +189,7 @@ services:
|
|||
blackbox-exporter:
|
||||
command: --config.file=/config/blackbox.yml
|
||||
container_name: blackbox-exporter
|
||||
image: quay.io/prometheus/blackbox-exporter:v0.25.0
|
||||
image: quay.io/prometheus/blackbox-exporter:v0.26.0
|
||||
volumes:
|
||||
- /docker/appdata/blackbox/config:/config
|
||||
ports:
|
||||
|
|
|
@ -1,27 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: authentik-values
|
||||
namespace: authentik
|
||||
data:
|
||||
values.yaml: ENC[AES256_GCM,data:n/ITNeK+JVQB5AI5MiDDcxu5RapIPTuDxqJLIHysopawa5gCHwgppnLKv9tW6Sg9B4Tqb3FT8e2zgoVVhQ3+lRvC6HRVhB9+Em+gB8zu7aeOnfd3l3Cj6oSQkjVLxjDCdHHGU/9KFm5YToJER0tzMBXS3M/apvN9+B/VKDI+D/1FDz2bG66QoK+oWd0pq/BShZ1nMhvZXxQ8TFkpQKORnF8qwYq+ArY2ucAsoWbbs4QzEYxqVVa6BmRrpoXlK9i8ak9zTTRn6iPgWf5dhBkvexCI///jZODTYWWiiDo7XQBjS8C4xA4rOK99cav1QhA5j6tPGEKhdNNk2z/ViolFfpzEj4KBdvRSmu/fFBCIka9aP6ZFWU7efIcP2qS3KrIibosQ1Wr4va+P9wzmDA+wSGxKsxeA1BkUhrs9t/+hc6fdsXT30+4sM70zZOJ0+nH9UwNDpJjBfOpc9soAItPzXzWTlX7JCei8CGnloAMrekc3ShQI2L2pHRNLsTDMXJq6Goc3Xk5OF4PC/jjVxSVisXki7qEVZoUKZeoM81i1MXfIOFcGUBfRnntVPK8dBw44KVlPaD4iamRwh3juhy4X/bKWpKs9o5mIB+eQIOiNH5Nxm9g0oI5Ck1A6h/KtJwiHYFc7SH+qhzSubym9x52l960ar18N5zt6oqWz6peFmYY7lGxqBh5muHobWTJ/4QF7Lr3KDZvK5C5ppnxb0/AENbH+t6bQ1ZavOhMs2ojELnL2sG/eXWDXQ8+5OlN0/uCOWHTZ7FtgBhfFXJ/SsU/nquk6aC4smv/boKP1JKJBihAs7yhJMbWBDTHUSNPUef39E7FzyMYqYYU5hxmEfytlt3ZD0Y62rF4zPJBmA2cZzqYAWK2qXhXvpdMcEvTbUEJ3ez6cgHQvEyXutZUiyoN+3YesK8VyXHzq5A6VX/AX7nl5G+P3Afwi/+a6SkkmJ6Q9dVAeEe7CsIrJheNNlweA5aT+GzUD2dNtsjb6/1yQGYejfu/3Ve/0qyHkykBJDwMTLbb3W13/BRzXPhrUIz+nglBlWB3zzVOIQ5Gdx2X9htcvIyiYTZ0epUFEGjZYUzd8/d4WazwjvUFACFpooDSQgMWd5ODTmSn/kvWd+IR6Zxr/cg0UiGnDDUmbhRy/uwSGvkmb/evodweBvij1bbilgGmuO0X9TWVtXQkw7Vii/SS69+Imy/iap07zJJBobfyTU7hZvgrc/BWHqW2oHPYu4tTuKgbOopjPX+vkylu+FYC4seqOXUNvCczF0l712+RWXQpFF/iKBDbviI0twTFF4Qmn,iv:Xsg10IX3Q+UjyoaMGrqbf1i9zsTOndZ3IvBatViwBV4=,tag:FPDrUpu5KM0S7TxLVNxIfA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age18z6wevr8ze5azvq7nfty3l29s7887l8n5mefr64avhlthtr4uvnqw90nfs
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrdG1aUk9aek5RVE4rZm5N
|
||||
ajhyc3NLKzF3Q3UrUE1RSFJsci9aMWNjbEQwCmhSNENJcWlaZUpxT3lqZmdOUWVo
|
||||
UDVwRC9vU0kwRDNXNk5VUVpMUTEwWDAKLS0tICtFL25FZFRaTEhPdWJhYmRYbFVt
|
||||
RndrQ2JxZnMxZlBIM3RHS0E1WTlZQzQK7oTkv/PG3poAdYnqXnzX3j5ZUgMa3GFB
|
||||
aQtceF96jKRltwPrnUgZZ5EadTaLyGAD30fqvUJ9/oP6NLe7kmsTWg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-02-20T20:33:40Z"
|
||||
mac: ENC[AES256_GCM,data:rL+ugPPHcRzpHA70mmn7BLdhO0PG63EMqaHq7eJfBguIcdREGrQCpGQbbw6YN2GGCuE8NWB6sLHaUVn09LMywNfcUT4Hw1kInXRxzZ+L4M4UdqjUCCQj69UGGPnXoyM5GopCIA60/JVTtsQ9EPmJHJJI8LYQrQEtT6O+5FnlaMo=,iv:Jnst3uaJArcxM29hqrVPHKSSAW7Ac84xG6LJP2lz0+g=,tag:J/OAZq4dHXOOiE243Xo0LA==,type:str]
|
||||
pgp: []
|
||||
encrypted_regex: ^(data|stringData|secret_key|password|hosts)$
|
||||
version: 3.9.4
|
|
@ -1,135 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: authentik-custom-css
|
||||
namespace: authentik
|
||||
data:
|
||||
custom.css: |
|
||||
/* Custom CSS for Authentik Login Page and Admin Interface */
|
||||
|
||||
:root {
|
||||
--ak-accent: #3a3a40;
|
||||
--pf-global--primary-color--100: #3a3a40;
|
||||
--pf-global--primary-color--200: #3a3a40;
|
||||
--pf-global--primary-color--400: var(--ak-accent);
|
||||
}
|
||||
|
||||
/*** Main login page ***/
|
||||
.pf-c-login__main {
|
||||
background-color: transparent !important;
|
||||
backdrop-filter: blur(8px);
|
||||
border: 2px solid #807e82;
|
||||
border-radius: 25px;
|
||||
animation: pulse-border 3s infinite;
|
||||
}
|
||||
|
||||
/* Glowing border animation */
|
||||
@keyframes pulse-border {
|
||||
0%, 100% {
|
||||
box-shadow: 0 0 10px #807e82, 0 0 15px #807e82;
|
||||
}
|
||||
50% {
|
||||
box-shadow: 0 0 15px #807e82, 0 0 25px #807e82;
|
||||
}
|
||||
}
|
||||
|
||||
/* Sidebar and footer transparency */
|
||||
.pf-c-page__sidebar,
|
||||
.pf-c-login__main-footer-band,
|
||||
.pf-c-login__footer .pf-c-list {
|
||||
background-color: transparent !important;
|
||||
backdrop-filter: blur(10px);
|
||||
}
|
||||
|
||||
/* Pseudo-elements for background effects */
|
||||
.pf-c-login__main::before,
|
||||
.pf-c-login__main-footer-band::before,
|
||||
.pf-c-login__footer .pf-c-list::before,
|
||||
.pf-c-page__sidebar::before {
|
||||
content: "";
|
||||
position: absolute;
|
||||
left: 0;
|
||||
top: 0;
|
||||
width: 100%;
|
||||
height: 100%;
|
||||
z-index: -1;
|
||||
opacity: 0.1;
|
||||
background-color: var(--ak-dark-background);
|
||||
border-radius: 25px;
|
||||
}
|
||||
|
||||
/* Login button styling */
|
||||
.pf-c-button.pf-m-block {
|
||||
--pf-c-button--disabled--BackgroundColor: var(--pf-c-button--m-link--disabled--BackgroundColor);
|
||||
color: white;
|
||||
background-color: #3a3a40;
|
||||
border-radius: 20px;
|
||||
opacity: 0.785;
|
||||
box-shadow: 2px 2px 10px rgba(0, 0, 0, 0.3);
|
||||
width: 50%;
|
||||
margin: 0 auto;
|
||||
}
|
||||
|
||||
/* Form input styling */
|
||||
.pf-c-form-control,
|
||||
.pf-c-input-group {
|
||||
border-radius: 20px;
|
||||
border: 2px solid #3a3a40 !important;
|
||||
}
|
||||
|
||||
/* Text color for various elements */
|
||||
a,
|
||||
body,
|
||||
h1,
|
||||
h2,
|
||||
.pf-c-expandable-section__toggle,
|
||||
.pf-c-page__header-tools,
|
||||
.pf-c-button {
|
||||
color: #b7b7b7 !important;
|
||||
}
|
||||
|
||||
.pf-c-button.pf-m-secondary.pf-m-block::after {
|
||||
content: none; /* Removes the content from the ::after pseudo-element */
|
||||
box-shadow: none; /* Removes any shadow that may create a square effect */
|
||||
border: none; /* If there's any border being applied, remove it */
|
||||
}
|
||||
|
||||
/* Light mode adjustments */
|
||||
:host([theme="light"]) .pf-c-page__header-tools-item .fas,
|
||||
:host([theme="light"]) .pf-c-notification-badge__count,
|
||||
:host([theme="light"]) .pf-c-page__header-tools-group .pf-c-button {
|
||||
color: #b7b7b7 !important;
|
||||
}
|
||||
|
||||
/* App card styling */
|
||||
.pf-c-card.pf-m-compact,
|
||||
.pf-c-expandable-section.pf-m-display-lg {
|
||||
border-radius: 20px;
|
||||
background: rgba(18, 18, 18, 0.4);
|
||||
backdrop-filter: blur(7px);
|
||||
border: 1px solid rgba(255, 255, 255, 0.2);
|
||||
transition: box-shadow 0.3s ease-in-out;
|
||||
box-shadow: 0 4px 15px rgba(0, 0, 0, 0.5);
|
||||
background: linear-gradient(135deg, rgba(30, 30, 30, 0.3) 0%, rgba(15, 15, 15, 0.3) 100%);
|
||||
}
|
||||
|
||||
/* App card hover effect */
|
||||
.pf-c-card.pf-m-compact:hover,
|
||||
.pf-c-expandable-section.pf-m-display-lg:hover {
|
||||
box-shadow: 0 0 15px 3px #d6d6d6;
|
||||
}
|
||||
|
||||
/* App icon rounded corners */
|
||||
.icon.pf-c-avatar {
|
||||
border-radius: 15px;
|
||||
}
|
||||
|
||||
/*** Admin interface ***/
|
||||
.pf-c-page__sidebar {
|
||||
backdrop-filter: blur(10px);
|
||||
}
|
||||
|
||||
.pf-c-page,
|
||||
.pf-c-tabs__item {
|
||||
background-color: transparent !important;
|
||||
}
|
|
@ -1,22 +0,0 @@
|
|||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: authentik
|
||||
namespace: authentik
|
||||
spec:
|
||||
interval: 15m
|
||||
chart:
|
||||
spec:
|
||||
chart: authentik
|
||||
version: "2025.2.0"
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: authentik-chart
|
||||
namespace: flux-system
|
||||
interval: 15m
|
||||
install:
|
||||
remediation:
|
||||
retries: 5
|
||||
valuesFrom:
|
||||
- kind: ConfigMap
|
||||
name: authentik-values
|
|
@ -1,8 +0,0 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: authentik-chart
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 2h
|
||||
url: https://charts.goauthentik.io
|
|
@ -1,10 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- helmrelease.yaml
|
||||
- helmrepo.yaml
|
||||
- configmap.yaml
|
||||
- service.yaml
|
||||
- customcss.yaml
|
||||
- media-pvc.yaml
|
|
@ -1,12 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: authentik-media-pvc
|
||||
namespace: authentik
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 1Gi
|
||||
storageClassName: longhorn
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: authentik
|
||||
labels:
|
||||
name: authentik
|
|
@ -1,34 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: authentik-lb
|
||||
namespace: authentik
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
selector:
|
||||
app.kubernetes.io/name: authentik
|
||||
ports:
|
||||
- name: http
|
||||
port: 9000
|
||||
targetPort: 9000
|
||||
protocol: TCP
|
||||
- name: https
|
||||
port: 9443
|
||||
targetPort: 9443
|
||||
protocol: TCP
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: authentik-ldap-lb
|
||||
namespace: authentik
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
selector:
|
||||
app.kubernetes.io/name: authentik-outpost-ldap
|
||||
ports:
|
||||
- name: ldap
|
||||
port: 389
|
||||
targetPort: 3389
|
||||
protocol: TCP
|
Reference in a new issue