add SSO to prometheus, longhorn, alertmanager
All checks were successful
ci/woodpecker/push/dashboard Pipeline was successful

This commit is contained in:
Aaron Riedel 2024-09-29 14:10:34 +02:00
parent afc55a389d
commit 04b745d0d6
Signed by: aaron
GPG key ID: 643004654D40D577
3 changed files with 7 additions and 5 deletions

View file

@ -69,6 +69,8 @@ metadata:
kubernetes.io/tls-acme: "true"
# Use for Basic auth:
# traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
# Use for authentik SSO:
# traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
name: example-ingress
namespace: example
spec:

View file

@ -25,7 +25,7 @@ ingress:
host: longhorn.services.yolokube.de
annotations:
kubernetes.io/tls-acme: "true"
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
tls: true
tlsSecret: longhorn-tls-key
metrics:

View file

@ -59,7 +59,7 @@ alertmanager:
hosts:
- alertmanager.services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
kubernetes.io/tls-acme: "true"
tls:
- secretName: alertmanager-tls-key
@ -73,7 +73,7 @@ alertmanager:
hostPrefix: alertmanager
hostDomain: services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
kubernetes.io/tls-acme: "true"
tlsSecretPerReplica:
enabled: true
@ -120,7 +120,7 @@ prometheus:
hosts:
- prometheus.services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
kubernetes.io/tls-acme: "true"
tls:
- secretName: prometheus-tls-key
@ -134,7 +134,7 @@ prometheus:
hostPrefix: prometheus
hostDomain: services.yolokube.de
annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd
kubernetes.io/tls-acme: "true"
tlsSecretPerReplica:
enabled: true