diff --git a/apps/base/authentik/certificate.yaml b/apps/base/authentik/certificate.yaml deleted file mode 100644 index 1430751..0000000 --- a/apps/base/authentik/certificate.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: authentik-tls - namespace: authentik -spec: - secretName: authentik-tls - issuerRef: - kind: ClusterIssuer - name: vault-issuer - commonName: identity.unkin.net - dnsNames: - - identity.unkin.net - - identity.k8s.syd1.au.unkin.net - privateKey: - algorithm: RSA - size: 4096 diff --git a/apps/base/authentik/gateway.yaml b/apps/base/authentik/gateway.yaml index 4c6a633..bc13062 100644 --- a/apps/base/authentik/gateway.yaml +++ b/apps/base/authentik/gateway.yaml @@ -5,6 +5,9 @@ metadata: labels: traefik.io/instance: internal annotations: + cert-manager.io/cluster-issuer: vault-issuer + cert-manager.io/common-name: identity.unkin.net + cert-manager.io/private-key-size: "4096" external-dns.alpha.kubernetes.io/hostname: identity.unkin.net,identity.k8s.syd1.au.unkin.net external-dns.alpha.kubernetes.io/target: 198.18.200.4 name: authentik diff --git a/apps/base/authentik/kustomization.yaml b/apps/base/authentik/kustomization.yaml index 340420c..3c58eee 100644 --- a/apps/base/authentik/kustomization.yaml +++ b/apps/base/authentik/kustomization.yaml @@ -3,7 +3,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - certificate.yaml - cnpg_cluster.yaml - cnpg_pooler.yaml - gateway.yaml