From 0d3478793fcd4168b1c0fb1374b38ca36f558f83 Mon Sep 17 00:00:00 2001 From: Deibis Moreno Date: Mon, 13 Apr 2026 21:57:47 -0400 Subject: [PATCH] =?UTF-8?q?configuraci=C3=B3n=20inicial=20-=202026-04-13T2?= =?UTF-8?q?1:57:47-04:00?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentik/authentik-app.yaml | 31 ++++++++++++++++++++ apps/authentik/values-authentik.yaml | 43 ++++++++++++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 apps/authentik/authentik-app.yaml create mode 100644 apps/authentik/values-authentik.yaml diff --git a/apps/authentik/authentik-app.yaml b/apps/authentik/authentik-app.yaml new file mode 100644 index 0000000..4a48142 --- /dev/null +++ b/apps/authentik/authentik-app.yaml @@ -0,0 +1,31 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: authentik + namespace: argocd +spec: + project: default + sources: + # FUENTE A: El Chart oficial (repositorio externo) + - repoURL: 'https://charts.christianhuth.de' # Ajusta a la URL del chart que usas + chart: freshrss + targetRevision: 2.8.11 # Versión específica del chart + helm: + valueFiles: + - $configuracion/apps/authentik/values-authentik.yaml # Ruta exacta en tu Gitea + + # FUENTE B: Tu repositorio de Gitea (tu fuente de la verdad) + - repoURL: 'https://gitea.mitac.duckdns.org/deimo72/Authentik.git' + targetRevision: main + ref: configuracion # Este nombre se usa como prefijo arriba ($configuracion) + + destination: + server: 'https://kubernetes.default.svc' + namespace: authentik + + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/apps/authentik/values-authentik.yaml b/apps/authentik/values-authentik.yaml new file mode 100644 index 0000000..10662ed --- /dev/null +++ b/apps/authentik/values-authentik.yaml @@ -0,0 +1,43 @@ +authentik: + secret_key: "kiVT1RAqKUeEVwKshaISvO6NF24ZlVtwhi83mHP716NCp9QX/+b9ieBy5rrN3UIjDKliwOjAow/rrfxh" + error_reporting: + enabled: true + # Configuración para conectar con la BD externa + postgresql: + host: "postgres-postgresql.postgres.svc.cluster.local" + name: "authentik" + user: "authentik" + password: "autentik" + port: 5432 + +server: + ingress: + enabled: true + annotations: + cert-manager.io/cluster-issuer: cert-manager-webhook-duckdns-production + gethomepage.dev/description: "Dynamically Detected Homepage" + gethomepage.dev/enabled: "true" + gethomepage.dev/group: APP + gethomepage.dev/icon: "authentik.png" + gethomepage.dev/name: Authentik + ingress.spec.ingressClassName: traefik + kubernetes.io/tls-acme: "true" + traefik.ingress.kubernetes.io/router.entrypoints: web,websecure + traefik.ingress.kubernetes.io/router.middlewares: default-redirect-to-https@kubernetescrd + ingressClassName: "traefik" + hosts: + - authentik.mitac.duckdns.org + paths: + - / + pathType: ImplementationSpecific + tls: + - secretName: "authentik.letsencrypt.key.tls" + hosts: + - authentik.mitac.duckdns.org + +# ¡Importante! Desactiva el PostgreSQL interno +postgresql: + enabled: false + +redis: + enabled: true -- 2.45.2