global: env: # PostgreSQL primary (via pooler) - name: AUTHENTIK_POSTGRESQL__HOST value: postgres-pooler-rw - name: AUTHENTIK_POSTGRESQL__PORT value: "5432" - name: AUTHENTIK_POSTGRESQL__NAME value: authentik - name: AUTHENTIK_POSTGRESQL__USER valueFrom: secretKeyRef: name: postgres-credentials key: username - name: AUTHENTIK_POSTGRESQL__PASSWORD valueFrom: secretKeyRef: name: postgres-credentials key: password # PostgreSQL read replica (via pooler) - name: AUTHENTIK_POSTGRESQL__READ_REPLICAS__0__HOST value: postgres-pooler-ro - name: AUTHENTIK_POSTGRESQL__READ_REPLICAS__0__PORT value: "5432" - name: AUTHENTIK_POSTGRESQL__READ_REPLICAS__0__NAME value: authentik - name: AUTHENTIK_POSTGRESQL__READ_REPLICAS__0__USER valueFrom: secretKeyRef: name: postgres-credentials key: username - name: AUTHENTIK_POSTGRESQL__READ_REPLICAS__0__PASSWORD valueFrom: secretKeyRef: name: postgres-credentials key: password # PostgreSQL pooler settings - name: AUTHENTIK_POSTGRESQL__DISABLE_SERVER_SIDE_CURSORS value: "true" - name: AUTHENTIK_POSTGRESQL__CONN_MAX_AGE value: "0" - name: AUTHENTIK_POSTGRESQL__CONN_HEALTH_CHECKS value: "true" # Redis - name: AUTHENTIK_REDIS__HOST value: redis - name: AUTHENTIK_REDIS__PORT value: "6379" # S3 storage - name: AUTHENTIK_STORAGE__BACKEND value: s3 - name: AUTHENTIK_STORAGE__S3__ENDPOINT value: https://radosgw.service.consul/ - name: AUTHENTIK_STORAGE__S3__BUCKET_NAME value: authentik - name: AUTHENTIK_STORAGE__S3__ADDRESSING_STYLE value: path - name: AUTHENTIK_STORAGE__S3__ACCESS_KEY valueFrom: secretKeyRef: name: s3-credentials key: AUTHENTIK_STORAGE__S3__ACCESS_KEY - name: AUTHENTIK_STORAGE__S3__SECRET_KEY valueFrom: secretKeyRef: name: s3-credentials key: AUTHENTIK_STORAGE__S3__SECRET_KEY # Secret key - name: AUTHENTIK_SECRET_KEY valueFrom: secretKeyRef: name: authentik-credentials key: AUTHENTIK_SECRET_KEY server: replicas: 3 annotations: reloader.stakater.com/auto: "true" ingress: enabled: false resources: limits: cpu: "2" memory: 2Gi requests: cpu: 250m memory: 512Mi worker: replicas: 2 annotations: reloader.stakater.com/auto: "true" resources: limits: cpu: "2" memory: 2Gi requests: cpu: 250m memory: 512Mi postgresql: enabled: false redis: enabled: false