home-server/deployments/auth/authentik.yaml

---
apiVersion: v1
kind: Namespace
metadata:
  name: authentik
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
  name: authentik
  namespace: flux-system
spec:
  url: https://charts.goauthentik.io/
  interval: 1h
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: authentik
  namespace: authentik
spec:
  interval: 30m
  chart:
    spec:
      chart: authentik
      version: 2024.4.2
      sourceRef:
        kind: HelmRepository
        name: authentik
        namespace: flux-system
  install:
    createNamespace: true
  upgrade:
    disableWait: false
  timeout: 10m
  values:
    secret:
      create: false
      existingSecret: authentik-secret
    server:
      ingress:
        env:
          - name: SECRET_KEY
            valueFrom:
              secretKeyRef:
                name: authentik-secret
                key: secret-key
        enabled: true
        ingressClassName: traefik
        annotations:
          cert-manager.io/cluster-issuer: "letsencrypt-prod"
          external-dns.alpha.kubernetes.io/hostname: auth.hxme.net
        hosts:
          - host: auth.hxme.net
            paths:
              - path: /
                pathType: Prefix
        tls:
          - secretName: authentik-tls
            hosts:
              - auth.hxme.net
    postgresql:
      enabled: true  # Set to false if using external DB
    redis:
      enabled: true  # Set to false if using external Redis
Strip this out to confirm it's not stuck in an odd loop with old data 2025-07-03 13:10:00 +10:00			`---`
			`apiVersion: v1`
			`kind: Namespace`
			`metadata:`
			`name: authentik`
			`---`
			`apiVersion: source.toolkit.fluxcd.io/v1`
			`kind: HelmRepository`
			`metadata:`
			`name: authentik`
			`namespace: flux-system`
			`spec:`
			`url: https://charts.goauthentik.io/`
			`interval: 1h`
			`---`
			`apiVersion: helm.toolkit.fluxcd.io/v2`
			`kind: HelmRelease`
			`metadata:`
			`name: authentik`
			`namespace: authentik`
			`spec:`
			`interval: 30m`
			`chart:`
			`spec:`
			`chart: authentik`
			`version: 2024.4.2`
			`sourceRef:`
			`kind: HelmRepository`
			`name: authentik`
			`namespace: flux-system`
			`install:`
			`createNamespace: true`
			`upgrade:`
			`disableWait: false`
			`timeout: 10m`
			`values:`
Try use secret for conf 2025-07-03 15:20:29 +10:00			`secret:`
			`create: false`
			`existingSecret: authentik-secret`
Strip this out to confirm it's not stuck in an odd loop with old data 2025-07-03 13:10:00 +10:00			`server:`
			`ingress:`
Manually specify env 2025-07-03 15:37:41 +10:00			`env:`
			`- name: SECRET_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: authentik-secret`
			`key: secret-key`
Strip this out to confirm it's not stuck in an odd loop with old data 2025-07-03 13:10:00 +10:00			`enabled: true`
			`ingressClassName: traefik`
			`annotations:`
			`cert-manager.io/cluster-issuer: "letsencrypt-prod"`
			`external-dns.alpha.kubernetes.io/hostname: auth.hxme.net`
			`hosts:`
			`- host: auth.hxme.net`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`tls:`
			`- secretName: authentik-tls`
			`hosts:`
Try use secret for conf 2025-07-03 15:20:29 +10:00			`- auth.hxme.net`
Strip this out to confirm it's not stuck in an odd loop with old data 2025-07-03 13:10:00 +10:00			`postgresql:`
			`enabled: true # Set to false if using external DB`
			`redis:`
			`enabled: true # Set to false if using external Redis`