fix(authentik): use https://localhost:9443 for outposts (#3708)
This commit is contained in:
@@ -27,7 +27,7 @@ sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/incubator/authentik
|
||||
- https://github.com/goauthentik/authentik
|
||||
- https://goauthentik.io/docs/
|
||||
version: 6.0.0
|
||||
version: 6.0.1
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- authentication
|
||||
|
||||
@@ -10,11 +10,12 @@ Enable each outpost by simple setting `enabled` to `true`.
|
||||
Scale users, just have to check the checkbox
|
||||
|
||||
> You have to create an outpost in the GUI first.
|
||||
> And afterwards enable it.
|
||||
> Applications > Outposts
|
||||
|
||||
### Host
|
||||
|
||||
`host` should not need to be overridden. Defaults to `http://localhost:9000`
|
||||
`host` should not need to be overridden. Defaults to `https://localhost:9443`
|
||||
|
||||
### Host Browser
|
||||
|
||||
@@ -22,4 +23,6 @@ Scale users, just have to check the checkbox
|
||||
|
||||
### Token
|
||||
|
||||
`token` is only needed if you accidentally deleted it within the UI
|
||||
`token` is only needed if you accidentally deleted the bootstrap token within the UI.
|
||||
|
||||
> You can get one from Applications > Outposts > View Deployment Info
|
||||
|
||||
@@ -277,7 +277,7 @@ questions:
|
||||
subquestions:
|
||||
- variable: token
|
||||
label: API Token
|
||||
description: Generated in the Authentik GUI > Directory > Token & App Passwords
|
||||
description: You can get this from Applications > Outposts > View Deployment Info
|
||||
schema:
|
||||
type: string
|
||||
private: true
|
||||
@@ -347,7 +347,7 @@ questions:
|
||||
subquestions:
|
||||
- variable: token
|
||||
label: API Token
|
||||
description: Generated in the Authentik GUI > Directory > Token & App Passwords
|
||||
description: You can get this from Applications > Outposts > View Deployment Info
|
||||
schema:
|
||||
type: string
|
||||
private: true
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
{{- $geoipConfigName := printf "%s-geoip-config" (include "tc.common.names.fullname" .) }}
|
||||
{{- $ldapConfigName := printf "%s-ldap-config" (include "tc.common.names.fullname" .) }}
|
||||
{{- $proxyConfigName := printf "%s-proxy-config" (include "tc.common.names.fullname" .) }}
|
||||
{{ $host := printf "http://localhost:%v" .Values.service.http.ports.http.targetPort }}
|
||||
{{ $host := printf "https://localhost:%v" .Values.service.main.ports.main.targetPort }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{ $first := (first .Values.ingress.main.hosts) }}
|
||||
{{- if $first }}
|
||||
@@ -98,7 +98,7 @@ metadata:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
data:
|
||||
AUTHENTIK_INSECURE: {{ .Values.outposts.ldap.insecure | default "true" | quote }}
|
||||
AUTHENTIK_HOST: {{ .Values.outposts.ldap.host | default (printf "http://localhost:%v" .Values.service.http.ports.http.targetPort) }}
|
||||
AUTHENTIK_HOST: {{ .Values.outposts.ldap.host | default (printf "https://localhost:%v" .Values.service.main.ports.main.targetPort) }}
|
||||
AUTHENTIK_HOST_BROWSER: {{ .Values.outposts.ldap.host_browser | default $host }}
|
||||
AUTHENTIK_LISTEN__LDAPS: 0.0.0.0:{{ .Values.service.ldapldaps.ports.ldapldaps.targetPort | default 6636 }}
|
||||
AUTHENTIK_LISTEN__LDAP: 0.0.0.0:{{ .Values.service.ldapldap.ports.ldapldap.targetPort | default 3389 }}
|
||||
@@ -115,7 +115,7 @@ metadata:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
data:
|
||||
AUTHENTIK_INSECURE: {{ .Values.outposts.proxy.insecure | default "true" | quote }}
|
||||
AUTHENTIK_HOST: {{ .Values.outposts.proxy.host | default (printf "http://localhost:%v" .Values.service.http.ports.http.targetPort) }}
|
||||
AUTHENTIK_HOST: {{ .Values.outposts.proxy.host | default (printf "https://localhost:%v" .Values.service.main.ports.main.targetPort) }}
|
||||
AUTHENTIK_HOST_BROWSER: {{ .Values.outposts.proxy.host_browser | default $host }}
|
||||
AUTHENTIK_LISTEN__HTTPS: 0.0.0.0:{{ .Values.service.proxyhttps.ports.proxyhttps.targetPort | default 9444 }}
|
||||
AUTHENTIK_LISTEN__HTTP: 0.0.0.0:{{ .Values.service.proxyhttp.ports.proxyhttp.targetPort | default 9001 }}
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
{{- $geoipSecretName := printf "%s-geoip-secret" (include "tc.common.names.fullname" .) }}
|
||||
{{- $ldapSecretName := printf "%s-ldap-secret" (include "tc.common.names.fullname" .) }}
|
||||
{{- $proxySecretName := printf "%s-proxy-secret" (include "tc.common.names.fullname" .) }}
|
||||
{{- $token := randAlphaNum 32 | b64enc }}
|
||||
{{- $token := randAlphaNum 128 | b64enc }}
|
||||
|
||||
---
|
||||
|
||||
|
||||
@@ -83,9 +83,9 @@ outposts:
|
||||
enabled: false
|
||||
# -- Host Browser by default is set to the first ingress host you set
|
||||
# host_browser: ""
|
||||
# -- Host should not need to be overridden. Defaults to http://localhost:9000
|
||||
# -- Host should not need to be overridden. Defaults to https://localhost:9443
|
||||
# host: ""
|
||||
# -- As we use http://localhost:9000 it's an unsecure connection
|
||||
# -- As we use https://localhost:9443 it's an unsecure connection
|
||||
# insecure: false
|
||||
# -- Token is only needed if you accidentally deleted the token within the UI
|
||||
# token: ""
|
||||
@@ -95,9 +95,9 @@ outposts:
|
||||
enabled: false
|
||||
# -- Host Browser by default is set to the first ingress host you set
|
||||
# host_browser: ""
|
||||
# -- As we use http://localhost:9000 it's an unsecure connection
|
||||
# -- As we use https://localhost:9443 it's an unsecure connection
|
||||
# insecure: false
|
||||
# -- Host should not need to be overridden. Defaults to http://localhost:9000
|
||||
# -- Host should not need to be overridden. Defaults to https://localhost:9443
|
||||
# host: ""
|
||||
# -- Token is only needed if you accidentally deleted the token within the UI
|
||||
# token: ""
|
||||
|
||||
Reference in New Issue
Block a user