mafyuh/iac
Archived
1
0
Fork 0
Code Issues6 Pull requests9 Projects1 Wiki Activity Actions

Compare commits

..

8 commits
4a020f2074 ... 9fc887debe

Author SHA1 Message Date
Renovate Bot
9fc887debe ⬆️ Update searxng/searxng Docker digest to 1b8bd53 2025-02-28 12:01:10 +00:00
Matt Reeves
de718c605c rm authentik from main branch 2025-02-27 00:27:16 -05:00
Matt Reeves
abaa148b33 update authentik cm 2025-02-27 00:15:12 -05:00
Matt Reeves
833e839ab0 update authentik cm 2025-02-27 00:05:13 -05:00
Renovate Bot
8a756f44cf ⬆️ Update quay.io/prometheus/blackbox-exporter Docker tag to v0.26.0 2025-02-26 23:28:44 -05:00
Renovate Bot
65fe0e858a ⬆️ Update ghcr.io/goauthentik/ldap Docker tag to v2025.2.1 2025-02-26 23:18:09 -05:00
Renovate Bot
3c6ffc23a2 ⬆️ Update ghcr.io/goauthentik/server Docker tag to v2025.2.1 2025-02-26 23:18:02 -05:00
Renovate Bot
a6ef322049 ⬆️ Update Helm release authentik to v2025.2.1 2025-02-26 23:01:04 +00:00
11 changed files with 5 additions and 259 deletions

2
docker/AI/docker-compose.yml
View file

@ -39,7 +39,7 @@ services:
- host.docker.internal:host-gateway
searxng:
image: searxng/searxng@sha256:662971a55feacea2eacd2a8a2f51b3e26b56a73080dd131d079d15d7b991faed
image: searxng/searxng@sha256:1b8bd534a996c668838e214beef058b4e622939c0612b7d82533ea16883a0d4c
container_name: searxng
networks:
- ai-stack

6
docker/authentik/docker-compose.yml
View file

@ -30,7 +30,7 @@ services:
volumes:
- redis:/data
server:
image: ghcr.io/goauthentik/server:2025.2.0
image: ghcr.io/goauthentik/server:2025.2.1
restart: unless-stopped
command: server
environment:
@ -52,7 +52,7 @@ services:
- postgresql
- redis
worker:
image: ghcr.io/goauthentik/server:2025.2.0
image: ghcr.io/goauthentik/server:2025.2.1
restart: unless-stopped
command: worker
environment:
@ -80,7 +80,7 @@ services:
- redis
authentik_ldap:
image: ghcr.io/goauthentik/ldap:2025.2.0
image: ghcr.io/goauthentik/ldap:2025.2.1
ports:
- 389:3389
- 636:6636

2
docker/grafana/docker-compose.yml
View file

@ -189,7 +189,7 @@ services:
blackbox-exporter:
command: --config.file=/config/blackbox.yml
container_name: blackbox-exporter
image: quay.io/prometheus/blackbox-exporter:v0.25.0
image: quay.io/prometheus/blackbox-exporter:v0.26.0
volumes:
- /docker/appdata/blackbox/config:/config
ports:

27
kubernetes/apps/production/authentik/configmap.yaml
View file

@ -1,27 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: authentik-values
namespace: authentik
data:
values.yaml: ENC[AES256_GCM,data:n/ITNeK+JVQB5AI5MiDDcxu5RapIPTuDxqJLIHysopawa5gCHwgppnLKv9tW6Sg9B4Tqb3FT8e2zgoVVhQ3+lRvC6HRVhB9+Em+gB8zu7aeOnfd3l3Cj6oSQkjVLxjDCdHHGU/9KFm5YToJER0tzMBXS3M/apvN9+B/VKDI+D/1FDz2bG66QoK+oWd0pq/BShZ1nMhvZXxQ8TFkpQKORnF8qwYq+ArY2ucAsoWbbs4QzEYxqVVa6BmRrpoXlK9i8ak9zTTRn6iPgWf5dhBkvexCI///jZODTYWWiiDo7XQBjS8C4xA4rOK99cav1QhA5j6tPGEKhdNNk2z/ViolFfpzEj4KBdvRSmu/fFBCIka9aP6ZFWU7efIcP2qS3KrIibosQ1Wr4va+P9wzmDA+wSGxKsxeA1BkUhrs9t/+hc6fdsXT30+4sM70zZOJ0+nH9UwNDpJjBfOpc9soAItPzXzWTlX7JCei8CGnloAMrekc3ShQI2L2pHRNLsTDMXJq6Goc3Xk5OF4PC/jjVxSVisXki7qEVZoUKZeoM81i1MXfIOFcGUBfRnntVPK8dBw44KVlPaD4iamRwh3juhy4X/bKWpKs9o5mIB+eQIOiNH5Nxm9g0oI5Ck1A6h/KtJwiHYFc7SH+qhzSubym9x52l960ar18N5zt6oqWz6peFmYY7lGxqBh5muHobWTJ/4QF7Lr3KDZvK5C5ppnxb0/AENbH+t6bQ1ZavOhMs2ojELnL2sG/eXWDXQ8+5OlN0/uCOWHTZ7FtgBhfFXJ/SsU/nquk6aC4smv/boKP1JKJBihAs7yhJMbWBDTHUSNPUef39E7FzyMYqYYU5hxmEfytlt3ZD0Y62rF4zPJBmA2cZzqYAWK2qXhXvpdMcEvTbUEJ3ez6cgHQvEyXutZUiyoN+3YesK8VyXHzq5A6VX/AX7nl5G+P3Afwi/+a6SkkmJ6Q9dVAeEe7CsIrJheNNlweA5aT+GzUD2dNtsjb6/1yQGYejfu/3Ve/0qyHkykBJDwMTLbb3W13/BRzXPhrUIz+nglBlWB3zzVOIQ5Gdx2X9htcvIyiYTZ0epUFEGjZYUzd8/d4WazwjvUFACFpooDSQgMWd5ODTmSn/kvWd+IR6Zxr/cg0UiGnDDUmbhRy/uwSGvkmb/evodweBvij1bbilgGmuO0X9TWVtXQkw7Vii/SS69+Imy/iap07zJJBobfyTU7hZvgrc/BWHqW2oHPYu4tTuKgbOopjPX+vkylu+FYC4seqOXUNvCczF0l712+RWXQpFF/iKBDbviI0twTFF4Qmn,iv:Xsg10IX3Q+UjyoaMGrqbf1i9zsTOndZ3IvBatViwBV4=,tag:FPDrUpu5KM0S7TxLVNxIfA==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age18z6wevr8ze5azvq7nfty3l29s7887l8n5mefr64avhlthtr4uvnqw90nfs
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrdG1aUk9aek5RVE4rZm5N
ajhyc3NLKzF3Q3UrUE1RSFJsci9aMWNjbEQwCmhSNENJcWlaZUpxT3lqZmdOUWVo
UDVwRC9vU0kwRDNXNk5VUVpMUTEwWDAKLS0tICtFL25FZFRaTEhPdWJhYmRYbFVt
RndrQ2JxZnMxZlBIM3RHS0E1WTlZQzQK7oTkv/PG3poAdYnqXnzX3j5ZUgMa3GFB
aQtceF96jKRltwPrnUgZZ5EadTaLyGAD30fqvUJ9/oP6NLe7kmsTWg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-02-20T20:33:40Z"
mac: ENC[AES256_GCM,data:rL+ugPPHcRzpHA70mmn7BLdhO0PG63EMqaHq7eJfBguIcdREGrQCpGQbbw6YN2GGCuE8NWB6sLHaUVn09LMywNfcUT4Hw1kInXRxzZ+L4M4UdqjUCCQj69UGGPnXoyM5GopCIA60/JVTtsQ9EPmJHJJI8LYQrQEtT6O+5FnlaMo=,iv:Jnst3uaJArcxM29hqrVPHKSSAW7Ac84xG6LJP2lz0+g=,tag:J/OAZq4dHXOOiE243Xo0LA==,type:str]
pgp: []
encrypted_regex: ^(data|stringData|secret_key|password|hosts)$
version: 3.9.4

135
kubernetes/apps/production/authentik/customcss.yaml
View file

@ -1,135 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: authentik-custom-css
namespace: authentik
data:
custom.css: |
/* Custom CSS for Authentik Login Page and Admin Interface */
:root {
--ak-accent: #3a3a40;
--pf-global--primary-color--100: #3a3a40;
--pf-global--primary-color--200: #3a3a40;
--pf-global--primary-color--400: var(--ak-accent);
}
/*** Main login page ***/
.pf-c-login__main {
background-color: transparent !important;
backdrop-filter: blur(8px);
border: 2px solid #807e82;
border-radius: 25px;
animation: pulse-border 3s infinite;
}
/* Glowing border animation */
@keyframes pulse-border {
0%, 100% {
box-shadow: 0 0 10px #807e82, 0 0 15px #807e82;
}
50% {
box-shadow: 0 0 15px #807e82, 0 0 25px #807e82;
}
}
/* Sidebar and footer transparency */
.pf-c-page__sidebar,
.pf-c-login__main-footer-band,
.pf-c-login__footer .pf-c-list {
background-color: transparent !important;
backdrop-filter: blur(10px);
}
/* Pseudo-elements for background effects */
.pf-c-login__main::before,
.pf-c-login__main-footer-band::before,
.pf-c-login__footer .pf-c-list::before,
.pf-c-page__sidebar::before {
content: "";
position: absolute;
left: 0;
top: 0;
width: 100%;
height: 100%;
z-index: -1;
opacity: 0.1;
background-color: var(--ak-dark-background);
border-radius: 25px;
}
/* Login button styling */
.pf-c-button.pf-m-block {
--pf-c-button--disabled--BackgroundColor: var(--pf-c-button--m-link--disabled--BackgroundColor);
color: white;
background-color: #3a3a40;
border-radius: 20px;
opacity: 0.785;
box-shadow: 2px 2px 10px rgba(0, 0, 0, 0.3);
width: 50%;
margin: 0 auto;
}
/* Form input styling */
.pf-c-form-control,
.pf-c-input-group {
border-radius: 20px;
border: 2px solid #3a3a40 !important;
}
/* Text color for various elements */
a,
body,
h1,
h2,
.pf-c-expandable-section__toggle,
.pf-c-page__header-tools,
.pf-c-button {
color: #b7b7b7 !important;
}
.pf-c-button.pf-m-secondary.pf-m-block::after {
content: none; /* Removes the content from the ::after pseudo-element */
box-shadow: none; /* Removes any shadow that may create a square effect */
border: none; /* If there's any border being applied, remove it */
}
/* Light mode adjustments */
:host([theme="light"]) .pf-c-page__header-tools-item .fas,
:host([theme="light"]) .pf-c-notification-badge__count,
:host([theme="light"]) .pf-c-page__header-tools-group .pf-c-button {
color: #b7b7b7 !important;
}
/* App card styling */
.pf-c-card.pf-m-compact,
.pf-c-expandable-section.pf-m-display-lg {
border-radius: 20px;
background: rgba(18, 18, 18, 0.4);
backdrop-filter: blur(7px);
border: 1px solid rgba(255, 255, 255, 0.2);
transition: box-shadow 0.3s ease-in-out;
box-shadow: 0 4px 15px rgba(0, 0, 0, 0.5);
background: linear-gradient(135deg, rgba(30, 30, 30, 0.3) 0%, rgba(15, 15, 15, 0.3) 100%);
}
/* App card hover effect */
.pf-c-card.pf-m-compact:hover,
.pf-c-expandable-section.pf-m-display-lg:hover {
box-shadow: 0 0 15px 3px #d6d6d6;
}
/* App icon rounded corners */
.icon.pf-c-avatar {
border-radius: 15px;
}
/*** Admin interface ***/
.pf-c-page__sidebar {
backdrop-filter: blur(10px);
}
.pf-c-page,
.pf-c-tabs__item {
background-color: transparent !important;
}

22
kubernetes/apps/production/authentik/helmrelease.yaml
View file

@ -1,22 +0,0 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: authentik
namespace: authentik
spec:
interval: 15m
chart:
spec:
chart: authentik
version: "2025.2.0"
sourceRef:
kind: HelmRepository
name: authentik-chart
namespace: flux-system
interval: 15m
install:
remediation:
retries: 5
valuesFrom:
- kind: ConfigMap
name: authentik-values

8
kubernetes/apps/production/authentik/helmrepo.yaml
View file

@ -1,8 +0,0 @@
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: authentik-chart
namespace: flux-system
spec:
interval: 2h
url: https://charts.goauthentik.io

10
kubernetes/apps/production/authentik/kustomization.yaml
View file

@ -1,10 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- helmrelease.yaml
- helmrepo.yaml
- configmap.yaml
- service.yaml
- customcss.yaml
- media-pvc.yaml

12
kubernetes/apps/production/authentik/media-pvc.yaml
View file

@ -1,12 +0,0 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: authentik-media-pvc
namespace: authentik
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: longhorn

6
kubernetes/apps/production/authentik/namespace.yaml
View file

@ -1,6 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: authentik
labels:
name: authentik

34
kubernetes/apps/production/authentik/service.yaml
View file

@ -1,34 +0,0 @@
---
apiVersion: v1
kind: Service
metadata:
name: authentik-lb
namespace: authentik
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: authentik
ports:
- name: http
port: 9000
targetPort: 9000
protocol: TCP
- name: https
port: 9443
targetPort: 9443
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: authentik-ldap-lb
namespace: authentik
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: authentik-outpost-ldap
ports:
- name: ldap
port: 389
targetPort: 3389
protocol: TCP