home/kubernetes-deployments
2
0
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Wiki Activity Actions

Move authentik off longhorn

Browse source
This commit is contained in:
Pim Kunis 2025-05-28 23:28:52 +02:00
parent a0cca7f78b
commit b52262792d
2 changed files with 35 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

38
modules/authentik.nix
View file

@ -26,13 +26,42 @@
postgresql = {
enabled = true;
auth.password = "ref+sops://secrets.yml#/authentik/postgresql_password";
primary.persistence.existingClaim = "db";
primary.extraEnvVarsSecret = "postgresql-env";
primary = {
persistence.enabled = false;
extraEnvVarsSecret = "postgresql-env";
extraVolumes = [
{
name = "data";
hostPath = {
path = "/mnt/longhorn/persistent/volumes/authentik-db";
type = "Directory";
};
}
];
};
};
redis = {
enabled = true;
master.persistence.existingClaim = "redis";
master = {
persistence.enabled = false;
extraVolumes = [
{
name = "authentik-redis";
hostPath = {
path = "/mnt/longhorn/persistent/volumes/authentik-redis";
type = "Directory";
};
}
];
extraVolumeMounts = [
{
mountPath = "/data";
name = "authentik-redis";
}
];
};
};
};
};
@ -53,6 +82,9 @@
authentik-server.spec.template.spec.containers.server.env = env;
authentik-worker.spec.template.spec.containers.worker.env = env;
};
statefulSets.authentik-postgresql.spec.template.spec.nodeName = "atlas";
statefulSets.authentik-redis-master.spec.template.spec.nodeName = "atlas";
};
};

5
modules/bootstrap-default.nix
View file

@ -85,11 +85,6 @@
};
lab = {
longhorn.persistentVolume = {
authentik-db.storage = "10Gi";
authentik-redis.storage = "5Gi";
};
tailscaleIngresses.tailscale-longhorn = {
host = "longhorn";