From cecabe6f6833f7905a55a0a1e59ed1bd08afc4f6 Mon Sep 17 00:00:00 2001
From: j <repobase@j7b.net>
Date: Thu, 10 Jul 2025 20:34:57 +1000
Subject: [PATCH] Add authentik

---
 deployments/auth/authentik.yaml     | 49 +++++++++++++++++++++++++++++
 deployments/auth/kustomization.yaml |  6 ++++
 deployments/kustomization.yaml      |  1 +
 3 files changed, 56 insertions(+)
 create mode 100644 deployments/auth/authentik.yaml
 create mode 100644 deployments/auth/kustomization.yaml

diff --git a/deployments/auth/authentik.yaml b/deployments/auth/authentik.yaml
new file mode 100644
index 0000000..270c402
--- /dev/null
+++ b/deployments/auth/authentik.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: authentik
+  namespace: flux-system
+spec:
+  url: https://charts.goauthentik.io/
+  interval: 1h
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: wildcard-hxme-net
+  namespace: home-server
+  annotations:
+    replicator.v1.mittwald.de/replicate-from: cert-manager/wildcard-hxme-net
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: authentik
+  namespace: home-server
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: authentik
+      version: 2024.4.2
+      sourceRef:
+        kind: HelmRepository
+        name: authentik
+        namespace: flux-system
+  install:
+    createNamespace: true
+  upgrade:
+    disableWait: false
+  timeout: 10m
+  valuesFrom:
+    - kind: Secret
+      name: authentik-values
+  values:
+    ingress:
+      annotations:
+        external-dns.alpha.kubernetes.io/hostname: auth.hxme.net
+      tls:
+        - secretName: wildcard-hxme-net
+          hosts:
+            - auth.hxme.net
diff --git a/deployments/auth/kustomization.yaml b/deployments/auth/kustomization.yaml
new file mode 100644
index 0000000..fb10ef1
--- /dev/null
+++ b/deployments/auth/kustomization.yaml
@@ -0,0 +1,6 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - authentik.yaml
diff --git a/deployments/kustomization.yaml b/deployments/kustomization.yaml
index 5ba9d9f..0f0c6ed 100644
--- a/deployments/kustomization.yaml
+++ b/deployments/kustomization.yaml
@@ -7,4 +7,5 @@ resources:
   - dns/
   - mariadb/
   - replicator/
+  - auth/
   - nextcloud/