fix(authentik): use https://localhost:9443 for outposts (#3708)

This commit is contained in:
Stavros Kois
2022-09-06 02:20:55 +03:00
committed by GitHub
parent 28e94fae41
commit 0a61958efa
6 changed files with 16 additions and 13 deletions

View File

@@ -27,7 +27,7 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/authentik
- https://github.com/goauthentik/authentik
- https://goauthentik.io/docs/
version: 6.0.0
version: 6.0.1
annotations:
truecharts.org/catagories: |
- authentication

View File

@@ -10,11 +10,12 @@ Enable each outpost by simple setting `enabled` to `true`.
Scale users, just have to check the checkbox
> You have to create an outpost in the GUI first.
> And afterwards enable it.
> Applications > Outposts
### Host
`host` should not need to be overridden. Defaults to `http://localhost:9000`
`host` should not need to be overridden. Defaults to `https://localhost:9443`
### Host Browser
@@ -22,4 +23,6 @@ Scale users, just have to check the checkbox
### Token
`token` is only needed if you accidentally deleted it within the UI
`token` is only needed if you accidentally deleted the bootstrap token within the UI.
> You can get one from Applications > Outposts > View Deployment Info

View File

@@ -277,7 +277,7 @@ questions:
subquestions:
- variable: token
label: API Token
description: Generated in the Authentik GUI > Directory > Token & App Passwords
description: You can get this from Applications > Outposts > View Deployment Info
schema:
type: string
private: true
@@ -347,7 +347,7 @@ questions:
subquestions:
- variable: token
label: API Token
description: Generated in the Authentik GUI > Directory > Token & App Passwords
description: You can get this from Applications > Outposts > View Deployment Info
schema:
type: string
private: true

View File

@@ -6,7 +6,7 @@
{{- $geoipConfigName := printf "%s-geoip-config" (include "tc.common.names.fullname" .) }}
{{- $ldapConfigName := printf "%s-ldap-config" (include "tc.common.names.fullname" .) }}
{{- $proxyConfigName := printf "%s-proxy-config" (include "tc.common.names.fullname" .) }}
{{ $host := printf "http://localhost:%v" .Values.service.http.ports.http.targetPort }}
{{ $host := printf "https://localhost:%v" .Values.service.main.ports.main.targetPort }}
{{- if .Values.ingress.main.enabled }}
{{ $first := (first .Values.ingress.main.hosts) }}
{{- if $first }}
@@ -98,7 +98,7 @@ metadata:
{{- include "tc.common.labels" . | nindent 4 }}
data:
AUTHENTIK_INSECURE: {{ .Values.outposts.ldap.insecure | default "true" | quote }}
AUTHENTIK_HOST: {{ .Values.outposts.ldap.host | default (printf "http://localhost:%v" .Values.service.http.ports.http.targetPort) }}
AUTHENTIK_HOST: {{ .Values.outposts.ldap.host | default (printf "https://localhost:%v" .Values.service.main.ports.main.targetPort) }}
AUTHENTIK_HOST_BROWSER: {{ .Values.outposts.ldap.host_browser | default $host }}
AUTHENTIK_LISTEN__LDAPS: 0.0.0.0:{{ .Values.service.ldapldaps.ports.ldapldaps.targetPort | default 6636 }}
AUTHENTIK_LISTEN__LDAP: 0.0.0.0:{{ .Values.service.ldapldap.ports.ldapldap.targetPort | default 3389 }}
@@ -115,7 +115,7 @@ metadata:
{{- include "tc.common.labels" . | nindent 4 }}
data:
AUTHENTIK_INSECURE: {{ .Values.outposts.proxy.insecure | default "true" | quote }}
AUTHENTIK_HOST: {{ .Values.outposts.proxy.host | default (printf "http://localhost:%v" .Values.service.http.ports.http.targetPort) }}
AUTHENTIK_HOST: {{ .Values.outposts.proxy.host | default (printf "https://localhost:%v" .Values.service.main.ports.main.targetPort) }}
AUTHENTIK_HOST_BROWSER: {{ .Values.outposts.proxy.host_browser | default $host }}
AUTHENTIK_LISTEN__HTTPS: 0.0.0.0:{{ .Values.service.proxyhttps.ports.proxyhttps.targetPort | default 9444 }}
AUTHENTIK_LISTEN__HTTP: 0.0.0.0:{{ .Values.service.proxyhttp.ports.proxyhttp.targetPort | default 9001 }}

View File

@@ -5,7 +5,7 @@
{{- $geoipSecretName := printf "%s-geoip-secret" (include "tc.common.names.fullname" .) }}
{{- $ldapSecretName := printf "%s-ldap-secret" (include "tc.common.names.fullname" .) }}
{{- $proxySecretName := printf "%s-proxy-secret" (include "tc.common.names.fullname" .) }}
{{- $token := randAlphaNum 32 | b64enc }}
{{- $token := randAlphaNum 128 | b64enc }}
---

View File

@@ -83,9 +83,9 @@ outposts:
enabled: false
# -- Host Browser by default is set to the first ingress host you set
# host_browser: ""
# -- Host should not need to be overridden. Defaults to http://localhost:9000
# -- Host should not need to be overridden. Defaults to https://localhost:9443
# host: ""
# -- As we use http://localhost:9000 it's an unsecure connection
# -- As we use https://localhost:9443 it's an unsecure connection
# insecure: false
# -- Token is only needed if you accidentally deleted the token within the UI
# token: ""
@@ -95,9 +95,9 @@ outposts:
enabled: false
# -- Host Browser by default is set to the first ingress host you set
# host_browser: ""
# -- As we use http://localhost:9000 it's an unsecure connection
# -- As we use https://localhost:9443 it's an unsecure connection
# insecure: false
# -- Host should not need to be overridden. Defaults to http://localhost:9000
# -- Host should not need to be overridden. Defaults to https://localhost:9443
# host: ""
# -- Token is only needed if you accidentally deleted the token within the UI
# token: ""