From 04b745d0d62455ab896ecfda6617a4cc57715358 Mon Sep 17 00:00:00 2001 From: Aaron Riedel Date: Sun, 29 Sep 2024 14:10:34 +0200 Subject: [PATCH] add SSO to prometheus, longhorn, alertmanager --- examples/example-deployment.yaml | 2 ++ longhorn/values.yaml | 2 +- prometheus/values.yaml | 8 ++++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/examples/example-deployment.yaml b/examples/example-deployment.yaml index 6af57ee..3cf0995 100644 --- a/examples/example-deployment.yaml +++ b/examples/example-deployment.yaml @@ -69,6 +69,8 @@ metadata: kubernetes.io/tls-acme: "true" # Use for Basic auth: # traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd + # Use for authentik SSO: + # traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd name: example-ingress namespace: example spec: diff --git a/longhorn/values.yaml b/longhorn/values.yaml index 3024b2a..9fdce3c 100644 --- a/longhorn/values.yaml +++ b/longhorn/values.yaml @@ -25,7 +25,7 @@ ingress: host: longhorn.services.yolokube.de annotations: kubernetes.io/tls-acme: "true" - traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd tls: true tlsSecret: longhorn-tls-key metrics: diff --git a/prometheus/values.yaml b/prometheus/values.yaml index 957374d..b3dc812 100644 --- a/prometheus/values.yaml +++ b/prometheus/values.yaml @@ -59,7 +59,7 @@ alertmanager: hosts: - alertmanager.services.yolokube.de annotations: - traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd kubernetes.io/tls-acme: "true" tls: - secretName: alertmanager-tls-key @@ -73,7 +73,7 @@ alertmanager: hostPrefix: alertmanager hostDomain: services.yolokube.de annotations: - traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd kubernetes.io/tls-acme: "true" tlsSecretPerReplica: enabled: true @@ -120,7 +120,7 @@ prometheus: hosts: - prometheus.services.yolokube.de annotations: - traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd kubernetes.io/tls-acme: "true" tls: - secretName: prometheus-tls-key @@ -134,7 +134,7 @@ prometheus: hostPrefix: prometheus hostDomain: services.yolokube.de annotations: - traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd + traefik.ingress.kubernetes.io/router.middlewares: authentik-authentik@kubernetescrd kubernetes.io/tls-acme: "true" tlsSecretPerReplica: enabled: true