fix typos and file layout for yamllint

authentik/kustomization.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 generators:

authentik/manifest.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: v1
 kind: Namespace
 metadata:
@@ -37,20 +38,20 @@ metadata:
   namespace: authentik
 spec:
   rules:
-  - host: "sso.services.yolokube.de"
-    http:
-      paths:
-      - pathType: Prefix
-        path: "/"
-        backend:
-          service:
-            name: authentik-outpost
-            port:
-              number: 9000
+    - host: "sso.services.yolokube.de"
+      http:
+        paths:
+          - pathType: Prefix
+            path: "/"
+            backend:
+              service:
+                name: authentik-outpost
+                port:
+                  number: 9000
   tls:
-  - hosts:
-      - sso.services.yolokube.de
-    secretName: authentik-tls-key
+    - hosts:
+        - sso.services.yolokube.de
+      secretName: authentik-tls-key
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -76,21 +77,21 @@ spec:
     spec:
       containers:
         - env:
-          - name: AUTHENTIK_HOST
-            valueFrom:
-              secretKeyRef:
-                key: authentik_host
-                name: authentik-outpost-api
-          - name: AUTHENTIK_TOKEN
-            valueFrom:
-              secretKeyRef:
-                key: token
-                name: authentik-outpost-api
-          - name: AUTHENTIK_INSECURE
-            valueFrom:
-              secretKeyRef:
-                key: authentik_host_insecure
-                name: authentik-outpost-api
+            - name: AUTHENTIK_HOST
+              valueFrom:
+                secretKeyRef:
+                  key: authentik_host
+                  name: authentik-outpost-api
+            - name: AUTHENTIK_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  key: token
+                  name: authentik-outpost-api
+            - name: AUTHENTIK_INSECURE
+              valueFrom:
+                secretKeyRef:
+                  key: authentik_host_insecure
+                  name: authentik-outpost-api
           image: ghcr.io/goauthentik/proxy:2024.8.3
           name: proxy
           ports:
@@ -104,22 +105,22 @@ spec:
 apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
-    name: authentik
-    namespace: authentik
+  name: authentik
+  namespace: authentik
 spec:
-    forwardAuth:
-        address: http://authentik-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik
-        trustForwardHeader: true
-        authResponseHeaders:
-            - X-authentik-username
-            - X-authentik-groups
-            - X-authentik-email
-            - X-authentik-name
-            - X-authentik-uid
-            - X-authentik-jwt
-            - X-authentik-grafana-role
-            - X-authentik-meta-jwks
-            - X-authentik-meta-outpost
-            - X-authentik-meta-provider
-            - X-authentik-meta-app
-            - X-authentik-meta-version
+  forwardAuth:
+    address: http://authentik-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik
+    trustForwardHeader: true
+    authResponseHeaders:
+      - X-authentik-username
+      - X-authentik-groups
+      - X-authentik-email
+      - X-authentik-name
+      - X-authentik-uid
+      - X-authentik-jwt
+      - X-authentik-grafana-role
+      - X-authentik-meta-jwks
+      - X-authentik-meta-outpost
+      - X-authentik-meta-provider
+      - X-authentik-meta-app
+      - X-authentik-meta-version

authentik/secret-generator.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: viaduct.ai/v1
 kind: ksops
 metadata:

authentik/secret.yaml

@@ -1,3 +1,4 @@
+---
 apiVersion: v1
 kind: Secret
 metadata: