argocd-test/authentik/base/authentik-deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: authentik
  namespace: authentik
spec:
  replicas: 1
  selector:
    matchLabels:
      app: authentik
  template:
    metadata:
      labels:
        app: authentik
    spec:
      volumes:
        - name: authentik-certs
          persistentVolumeClaim:
            claimName: authentik-templates-pvc
        - name: authentik-media
          persistentVolumeClaim:
            claimName: authentik-media-pvc
        - name: authentik-templates
          persistentVolumeClaim:
            claimName: authentik-templates-pvc
      containers:
      - image: ghcr.io/goauthentik/server:2024.12.1
        name: authentik-server
        command: ["ak server"]
        environment:
            - name: AUTHENTIK_REDIS__HOST
              value: redis-server.authentik.svc.cluster.local
            - name: AUTHENTIK_POSTGRESQL__HOST
              valueFrom:
                secretKeyRef:
                  name: keycloak-pg-cluster-app
                  key: host
            - name: AUTHENTIK_POSTGRESQL__PORT
              valueFrom:
                secretKeyRef:
                  name: keycloak-pg-cluster-app
                  key: port
            - name: AUTHENTIK_POSTGRESQL__USER
              valueFrom:
                secretKeyRef:
                  name: keycloak-pg-cluster-app
                  key: user
            - name: AUTHENTIK_POSTGRESQL__NAME
              valueFrom:
                secretKeyRef:
                  name: keycloak-pg-cluster-app
                  key: dbname
            - name: AUTHENTIK_POSTGRESQL__PASSWORD
              valueFrom:
                secretKeyRef:
                  name: keycloak-pg-cluster-app
                  key: password
        ports:
          - name: web
            containerPort: 9000
        volumeMounts:
        - mountPath: /media
          name: authentik-media
        - mountPath: /templates
          name: authentik-templates
      # - image: ghcr.io/goauthentik/server:2024.12.1
      #   name: authentik-worker
      #   command: ["ak worker"]
      #   environment:
      #       - name: AUTHENTIK_REDIS__HOST
      #         value: redis-server.authentik.svc.cluster.local
      #       - name: AUTHENTIK_POSTGRESQL__HOST
      #         valueFrom:
      #           secretKeyRef:
      #             name: keycloak-pg-cluster-app
      #             key: host
      #       - name: AUTHENTIK_POSTGRESQL__PORT
      #         valueFrom:
      #           secretKeyRef:
      #             name: keycloak-pg-cluster-app
      #             key: port
      #       - name: AUTHENTIK_POSTGRESQL__USER
      #         valueFrom:
      #           secretKeyRef:
      #             name: keycloak-pg-cluster-app
      #             key: user
      #       - name: AUTHENTIK_POSTGRESQL__NAME
      #         valueFrom:
      #           secretKeyRef:
      #             name: keycloak-pg-cluster-app
      #             key: dbname
      #       - name: AUTHENTIK_POSTGRESQL__PASSWORD
      #         valueFrom:
      #           secretKeyRef:
      #             name: keycloak-pg-cluster-app
      #             key: password
      #   volumeMounts:
      #   - mountPath: /media
      #     name: authentik-media
      #   - mountPath: /certs
      #     name: authentik-certs
      #   - mountPath: /templates
      #     name: authentik-templates