zoriya/snow
1
0
Fork 0
mirror of https://github.com/zoriya/snow.git synced 2025-12-06 07:16:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix authentik cert ns

Browse Source
This commit is contained in:
Zoe Roux
2025-07-17 13:57:20 +02:00
parent d37e399a7c
commit be8bc01370
3 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
apps/authentik.yaml
View File

@@ -29,13 +29,19 @@ spec:
env:
- name: AUTHENTIK_POSTGRESQL__SSLCERT
value: /var/postgres-ssl/tls.crt
- name: AUTHENTIK_POSTGRESQL__SSLKEY
value: /var/postgres-ssl/tls.key
volumeMounts:
- name: postgres-cert
mountPath: /var/postgres-ssl
volumes:
- name: postgres-cert
secret:
defaultMode: 0640
secretName: postgres-authentik
securityContext:
fsGroup: 1001
runAsUser: 1001
ingress:
enabled: true
@@ -64,7 +70,6 @@ spec:
kind: Certificate
metadata:
name: postgres-authentik
namespace: postgres
spec:
secretName: postgres-authentik
usages:
@@ -73,5 +78,5 @@ spec:
commonName: authentik
issuerRef:
name: postgres-ca
kind: Issuer
kind: ClusterIssuer
group: cert-manager.io

5
apps/postgres/ca.yaml
View File

@@ -2,7 +2,8 @@ apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: postgres-ca
namespace: postgres
# cert needs to be on the cluster's default resource ns aka cert-manager by default
namespace: cert-manager
spec:
isCA: true
commonName: postgres-ca
@@ -16,7 +17,7 @@ spec:
group: cert-manager.io
---
apiVersion: cert-manager.io/v1
kind: Issuer
kind: ClusterIssuer
metadata:
name: postgres-ca
namespace: postgres

4
apps/postgres/certs.yaml
View File

@@ -22,7 +22,7 @@ spec:
- postgres-cluster-ro.postgres.svc
issuerRef:
name: postgres-ca
kind: Issuer
kind: ClusterIssuer
group: cert-manager.io
---
apiVersion: cert-manager.io/v1
@@ -36,5 +36,5 @@ spec:
commonName: streaming_replica
issuerRef:
name: postgres-ca
kind: Issuer
kind: ClusterIssuer
group: cert-manager.io