43 lines
1.8 KiB
YAML
43 lines
1.8 KiB
YAML
---
|
|
# Set **noble_authentik_install: true** after filling **.env** (see role README and repository **.env.sample**).
|
|
noble_authentik_install: false
|
|
# When true, run **configure_authentik.py** against the Authentik API (requires bootstrap token + client secrets).
|
|
noble_authentik_configure_idp: true
|
|
|
|
noble_authentik_chart_version: "2026.2.3"
|
|
noble_authentik_oauth2_proxy_chart_version: "10.4.3"
|
|
|
|
noble_authentik_host: auth.apps.noble.lab.pcenicni.dev
|
|
noble_authentik_public_url: "https://{{ noble_authentik_host }}"
|
|
noble_authentik_api_base: "{{ noble_authentik_public_url }}/api/v3"
|
|
|
|
noble_authentik_oauth2_proxy_host: oauth2.apps.noble.lab.pcenicni.dev
|
|
|
|
# OIDC client ids (must match Authentik providers created by configure script)
|
|
noble_authentik_client_id_argocd: argocd
|
|
noble_authentik_client_id_grafana: grafana
|
|
noble_authentik_client_id_headlamp: headlamp
|
|
noble_authentik_client_id_oauth2_proxy: oauth2-proxy
|
|
|
|
# Secrets / bootstrap — prefer **lookup('env', ...)** set via repository **.env** (see from_env.yml).
|
|
noble_authentik_secret_key: ""
|
|
noble_authentik_postgresql_password: ""
|
|
noble_authentik_bootstrap_token: ""
|
|
noble_authentik_bootstrap_email: ""
|
|
noble_authentik_bootstrap_password: ""
|
|
|
|
noble_authentik_client_secret_argocd: ""
|
|
noble_authentik_client_secret_grafana: ""
|
|
noble_authentik_client_secret_headlamp: ""
|
|
noble_authentik_client_secret_oauth2_proxy: ""
|
|
noble_authentik_oauth2_proxy_cookie_secret: ""
|
|
|
|
noble_authentik_helm_wait_timeout: 25m
|
|
|
|
# Re-apply the same chart versions as the rest of noble.yml when flipping SSO on.
|
|
noble_authentik_argocd_chart_version: "9.4.17"
|
|
noble_authentik_kube_prometheus_chart_version: "82.15.1"
|
|
noble_authentik_headlamp_chart_version: "0.40.1"
|
|
noble_authentik_longhorn_chart_version: "1.11.2"
|
|
noble_authentik_kube_prometheus_helm_wait_timeout: 60m
|