home-server/deployments/auth/authentik.yaml

---
apiVersion: v1
kind: Namespace
metadata:
  name: authentik
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
  name: authentik
  namespace: flux-system
spec:
  url: https://charts.goauthentik.io/
  interval: 1h
---
apiVersion: v1
kind: Secret
metadata:
  name: wildcard-hxme-net
  namespace: authentik
  annotations:
    replicator.v1.mittwald.de/replicate-from: cert-manager/wildcard-hxme-net
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: authentik
  namespace: authentik
spec:
  interval: 30m
  chart:
    spec:
      chart: authentik
      version: 2024.4.2
      sourceRef:
        kind: HelmRepository
        name: authentik
        namespace: flux-system
  install:
    createNamespace: true
  upgrade:
    disableWait: false
  timeout: 10m
  valuesFrom:
    - kind: Secret
      name: authentik-values
  values:
    ingress:
      annotations:
        external-dns.alpha.kubernetes.io/hostname: auth.hxme.net
      tls:
        - secretName: wildcard-hxme-net
          hosts:
            - auth.hxme.net
Strip this out to confirm it's not stuck in an odd loop with old data 2025-07-03 13:10:00 +10:00			`---`
			`apiVersion: v1`
			`kind: Namespace`
			`metadata:`
			`name: authentik`
			`---`
			`apiVersion: source.toolkit.fluxcd.io/v1`
			`kind: HelmRepository`
			`metadata:`
			`name: authentik`
			`namespace: flux-system`
			`spec:`
			`url: https://charts.goauthentik.io/`
			`interval: 1h`
			`---`
Replicate ssl cert to authentik 2025-07-03 16:57:32 +10:00			`apiVersion: v1`
			`kind: Secret`
			`metadata:`
			`name: wildcard-hxme-net`
			`namespace: authentik`
			`annotations:`
			`replicator.v1.mittwald.de/replicate-from: cert-manager/wildcard-hxme-net`
			`---`
Strip this out to confirm it's not stuck in an odd loop with old data 2025-07-03 13:10:00 +10:00			`apiVersion: helm.toolkit.fluxcd.io/v2`
			`kind: HelmRelease`
			`metadata:`
			`name: authentik`
			`namespace: authentik`
			`spec:`
			`interval: 30m`
			`chart:`
			`spec:`
			`chart: authentik`
			`version: 2024.4.2`
			`sourceRef:`
			`kind: HelmRepository`
			`name: authentik`
			`namespace: flux-system`
			`install:`
			`createNamespace: true`
			`upgrade:`
			`disableWait: false`
			`timeout: 10m`
Moved all values to secret because easier 2025-07-03 16:55:31 +10:00			`valuesFrom:`
			`- kind: Secret`
			`name: authentik-values`
Specify hostname 2025-07-03 16:56:24 +10:00			`values:`
			`ingress:`
			`annotations:`
			`external-dns.alpha.kubernetes.io/hostname: auth.hxme.net`
Specify wildcard cert 2025-07-03 16:56:59 +10:00			`tls:`
			`- secretName: wildcard-hxme-net`
			`hosts:`
			`- auth.hxme.net`