WiP

2025-02-11 08:07:24 +01:00 · 2025-02-11 08:07:24 +01:00 · 39c65eae4e
commit 39c65eae4e
parent a70307111d
3 changed files with 25 additions and 17 deletions
--- a/stages/base/kustomize/csi-driver-nfs.yaml
+++ b/stages/base/kustomize/csi-driver-nfs.yaml
@ -10,4 +10,6 @@ parameters:
  share: /mnt/nas
 reclaimPolicy: Delete
 volumeBindingMode: Immediate
-allowVolumeExpansion: true
+allowVolumeExpansion: true
+mountOptions:
+  - nfsvers=4.1
--- a/stages/identity/helmfile.yaml
+++ b/stages/identity/helmfile.yaml
@ -9,4 +9,3 @@ releases:
    version: 2024.12.3
    values:
      - ./values/authentik.values.yaml.gotmpl
-    installed: false
--- a/stages/identity/values/authentik.values.yaml.gotmpl
+++ b/stages/identity/values/authentik.values.yaml.gotmpl
@ -1,7 +1,14 @@
 postgresql:
+  image:
+    debug: true
  enabled: true
  auth:
    password: {{ readFile "../.envs/.authentik-postgresql" }}
+  resources:
+    limits:
+      hugepages-2Mi: "512Mi"
+  volumePermissions:
+    enabled: true

 authentik:
  secret_key: {{ readFile "../.envs/.authentik-secret-key" }}
@ -11,18 +18,18 @@ authentik:

 redis:
  enabled: true
-
-server:
-  ingress:
-    ingressClassName: nginx
-    enabled: true
-    hosts:
-      - idp.kropcloud.net
-    annotations:
-      nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
-      nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
-      cert-manager.io/cluster-issuer: cloudflare-issuer
-    tls:
-      - hosts: 
-        - idp.kropcloud.net
-        secretName: authentik-tls
+# 
+# server:
+#   ingress:
+#     ingressClassName: nginx
+#     enabled: true
+#     hosts:
+#       - idp.kropcloud.net
+#     annotations:
+#       nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+#       nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+#       cert-manager.io/cluster-issuer: cloudflare-issuer
+#     tls:
+#       - hosts: 
+#         - idp.kropcloud.net
+#         secretName: authentik-tls