Enable Authentik installation and add support for extra public hostnames in the configuration. Updated README and values files to reflect changes for improved deployment flexibility and documentation clarity.

2026-05-14 19:58:56 -04:00
parent b90ee2d531
commit 032ffee866
6 changed files with 84 additions and 2 deletions
--- a/ansible/roles/noble_authentik/defaults/main.yml
+++ b/ansible/roles/noble_authentik/defaults/main.yml
@@ -21,6 +21,11 @@ noble_authentik_host: auth.apps.noble.lab.pcenicni.dev
 noble_authentik_public_url: "https://{{ noble_authentik_host }}"
 noble_authentik_api_base: "{{ noble_authentik_public_url }}/api/v3"

+# Optional extra Ingress hostnames (FQDN strings) for the **same** Authentik release — e.g. a **public** name
+# (Pangolin HTTP resource → Newt site → Traefik) while **`noble_authentik_host`** stays the in-lab name.
+# Ansible merges these into **server.ingress.hosts** / **tls** (one cert Secret with multiple SANs).
+noble_authentik_ingress_extra_hosts: []
+
 noble_authentik_oauth2_proxy_host: oauth2.apps.noble.lab.pcenicni.dev

 # OIDC client ids (must match Authentik providers created by configure script)