authelia helm release

authelia helm

Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies.

More popular helm chart found

authelia from bjw-s-labs/helm/app-template is more popular with 21 repositories.

Install

Install with:

helm repo add bjw-s https://bjw-s-labs.github.io/helm-charts/
helm install authelia bjw-s/app-template -f values.yaml

Examples

See examples from other people.

Major version:

Filter repos who also have:

Top Repositories (2 out of 5)

Name	Repo	Stars	Version	Timestamp
authelia	Diaoul/home-ops	79	4.2.0	10 days ago
authelia	carpenike/k8s-gitops	284	2.0.1	10 months ago

Name

Repo

Stars

Version

Timestamp

authelia

Diaoul/home-ops

4.2.0

10 days ago

authelia

carpenike/k8s-gitops

284

2.0.1

10 months ago

Values

See the most popular values for this chart:

Key	Types
persistence.config.name (5) `authelia-configmap`	string
persistence.config.type (5) `configMap`	string
persistence.config.globalMounts[].path (4) `/config/configuration.yaml`	string
persistence.config.globalMounts[].readOnly (4) `true`	boolean
persistence.config.globalMounts[].subPath (4) `configuration.yaml`	string
persistence.config.enabled (2) `true`	boolean
persistence.config.mountPath (1) `/config/configuration.yaml`	string
persistence.config.readOnly (1) `false`	boolean
persistence.config.subPath (1) `configuration.yaml`	string
persistence.secret-files.globalMounts[].path (2) `/config/secret`	string
persistence.secret-files.name (2) `authelia-oauth-secret`	string
persistence.secret-files.type (2) `secret`	string
persistence.secret-files.enabled (1) `true`	boolean
persistence.data.enabled (1) `true`	boolean
persistence.data.existingClaim (1) `data-authelia`	string
persistence.data.type (1) `pvc`	string
persistence.secrets.globalMounts[].path (1) `/config/secrets`	string
persistence.secrets.globalMounts[].readOnly (1) `true`	boolean
persistence.secrets.name (1) `authelia`	string
persistence.secrets.type (1) `secret`	string
controllers.authelia.containers.app.env.AUTHELIA_SERVER_ADDRESS (4) `tcp://0.0.0.0:80`	string
controllers.authelia.containers.app.env.AUTHELIA_SERVER_DISABLE_HEALTHCHECK (4) `true`	string
controllers.authelia.containers.app.env.AUTHELIA_TELEMETRY_METRICS_ADDRESS (4) `tcp://0.0.0.0:8080`	string
controllers.authelia.containers.app.env.AUTHELIA_TELEMETRY_METRICS_ENABLED (4) `true`	string
controllers.authelia.containers.app.env.AUTHELIA_THEME (4) `dark`	string
controllers.authelia.containers.app.env.X_AUTHELIA_CONFIG (4) `/config/configuration.yaml`	string
controllers.authelia.containers.app.env.X_AUTHELIA_CONFIG_FILTERS (4) `template`	string
controllers.authelia.containers.app.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDRESS (1) `ldap://lldap.kube-auth.svc.cluster.local:389`	string
controllers.authelia.containers.app.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD.valueFrom.secretKeyRef.key (1) `password`	string
controllers.authelia.containers.app.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD.valueFrom.secretKeyRef.name (1) `search-user-secret`	string
controllers.authelia.containers.app.env.AUTHELIA_SESSION_REDIS_PASSWORD.valueFrom.secretKeyRef.key (1) `redisSecret`	string
controllers.authelia.containers.app.env.AUTHELIA_SESSION_REDIS_PASSWORD.valueFrom.secretKeyRef.name (1) `redis-standalone`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_ADDRESS.valueFrom.secretKeyRef.key (1) `HOST`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_ADDRESS.valueFrom.secretKeyRef.name (1) `database-authelia`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_DATABASE.valueFrom.secretKeyRef.key (1) `DATABASE_NAME`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_DATABASE.valueFrom.secretKeyRef.name (1) `database-authelia`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_PASSWORD.valueFrom.secretKeyRef.key (1) `PASSWORD`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_PASSWORD.valueFrom.secretKeyRef.name (1) `database-authelia`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_USERNAME.valueFrom.secretKeyRef.key (1) `LOGIN`	string
controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_USERNAME.valueFrom.secretKeyRef.name (1) `database-authelia`	string
controllers.authelia.containers.app.envFrom[].secretRef.name (4) `authelia-secret`	string
controllers.authelia.containers.app.image.repository (4) `ghcr.io/authelia/authelia`	string
controllers.authelia.containers.app.image.tag (4) `4.39.6@sha256:08776367d54d4482c54ac8ca75b18f7db3287b751106e19736780c5f6811374d`	string
controllers.authelia.containers.app.probes.liveness.custom (4) `true`	boolean
controllers.authelia.containers.app.probes.liveness.enabled (4) `true`	boolean
controllers.authelia.containers.app.probes.liveness.spec.failureThreshold (4) `3`	number
controllers.authelia.containers.app.probes.liveness.spec.httpGet.path (4) `/api/health`	string
controllers.authelia.containers.app.probes.liveness.spec.httpGet.port (4) `80`	number
controllers.authelia.containers.app.probes.liveness.spec.initialDelaySeconds (4) `0`	number
controllers.authelia.containers.app.probes.liveness.spec.periodSeconds (4) `10`	number
controllers.authelia.containers.app.probes.liveness.spec.timeoutSeconds (4) `1`	number
controllers.authelia.containers.app.probes.readiness.custom (4) `true`	boolean
controllers.authelia.containers.app.probes.readiness.enabled (4) `true`	boolean
controllers.authelia.containers.app.probes.readiness.spec.failureThreshold (4) `3`	number
controllers.authelia.containers.app.probes.readiness.spec.httpGet.path (4) `/api/health`	string
controllers.authelia.containers.app.probes.readiness.spec.httpGet.port (4) `80`	number
controllers.authelia.containers.app.probes.readiness.spec.initialDelaySeconds (4) `0`	number
controllers.authelia.containers.app.probes.readiness.spec.periodSeconds (4) `10`	number
controllers.authelia.containers.app.probes.readiness.spec.timeoutSeconds (4) `1`	number
controllers.authelia.containers.app.resources.limits.memory (4) `128Mi`	string
controllers.authelia.containers.app.resources.requests.cpu (4) `10m`	string
controllers.authelia.containers.app.resources.requests.memory (2) `40Mi`	string
controllers.authelia.containers.app.securityContext.allowPrivilegeEscalation (4) `false`	boolean
controllers.authelia.containers.app.securityContext.capabilities.drop[] (4) `- ALL`	string
controllers.authelia.containers.app.securityContext.readOnlyRootFilesystem (4) `true`	boolean
controllers.authelia.replicas (4) `2`	number
controllers.authelia.strategy (4) `RollingUpdate`	string
controllers.authelia.annotations."reloader.stakater.com/auto" (3) `true`	string
controllers.authelia.initContainers.init-db.envFrom[].secretRef.name (2) `authelia`	string
controllers.authelia.initContainers.init-db.image.repository (2) `ghcr.io/home-operations/postgres-init`	string
controllers.authelia.initContainers.init-db.image.tag (2) `17`	number
controllers.authelia.pod.securityContext.runAsGroup (2) `65534`	number
controllers.authelia.pod.securityContext.runAsNonRoot (2) `true`	boolean
controllers.authelia.pod.securityContext.runAsUser (2) `65534`	number
controllers.authelia.pod.securityContext.seccompProfile.type (2) `RuntimeDefault`	string
controllers.authelia.pod.securityContext.fsGroup (1) `1000`	number
controllers.authelia.pod.securityContext.fsGroupChangePolicy (1) `OnRootMismatch`	string
controllers.authelia.pod.annotations."reloader.stakater.com/auto" (1) `true`	string
controllers.authelia.pod.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1) `authelia`	string
controllers.authelia.pod.topologySpreadConstraints[].maxSkew (1) `1`	number
controllers.authelia.pod.topologySpreadConstraints[].topologyKey (1) `kubernetes.io/hostname`	string
controllers.authelia.pod.topologySpreadConstraints[].whenUnsatisfiable (1) `DoNotSchedule`	string
service.app.controller (4) `authelia`	string
service.app.ports.http.port (4) `80`	number
service.app.ports.metrics.port (4) `8080`	number
service.app.ports.metrics.enabled (1) `true`	boolean
service.main.ports.http.port (1) `80`	number
service.main.ports.metrics.enabled (1) `true`	boolean
service.main.ports.metrics.port (1) `8080`	number
ingress.app.className (3) `external`	string
ingress.app.hosts[].host (3) `auth.${DOMAIN_NAME}`	string
ingress.app.hosts[].paths[].path (3) `/`	string
ingress.app.hosts[].paths[].service.identifier (3) `app`	string
ingress.app.hosts[].paths[].service.port (3) `http`	string
ingress.app.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (2) `add_header Cache-Control "no-store"; add_header Pragma "no-cache"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block";`	string
ingress.app.annotations."auth.home.arpa/disabled" (1) `true`	string
ingress.app.annotations."hajimari.io/icon" (1) `mdi:shield-account`	string
ingress.app.annotations."traefik.ingress.kubernetes.io/router.middlewares" (1) `network-system-authelia-headers@kubernetescrd`	string
ingress.app.enabled (1) `true`	boolean
ingress.app.tls[].hosts[] (1) `- auth.ergho.org`	string
ingress.main.annotations."external-dns.alpha.kubernetes.io/target" (1) `external.holthome.net`	string
ingress.main.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (1) `add_header Cache-Control "no-store"; add_header Pragma "no-cache"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block";`	string
ingress.main.enabled (1) `true`	boolean
ingress.main.hosts[].host (1) `auth.holthome.net`	string
ingress.main.hosts[].paths[].path (1) `/`	string
ingress.main.hosts[].paths[].pathType (1) `Prefix`	string
ingress.main.ingressClassName (1) `external-nginx`	string
ingress.main.tls[].hosts[] (1) `- auth.holthome.net`	string
serviceMonitor.app.endpoints[].interval (3) `1m`	string
serviceMonitor.app.endpoints[].path (3) `/metrics`	string
serviceMonitor.app.endpoints[].port (3) `metrics`	string
serviceMonitor.app.endpoints[].scheme (3) `http`	string
serviceMonitor.app.endpoints[].scrapeTimeout (3) `10s`	string
serviceMonitor.app.serviceName (3) `authelia`	string
serviceMonitor.app.enabled (1) `true`	boolean
serviceMonitor.main.enabled (1) `true`	boolean
serviceMonitor.main.endpoints[].interval (1) `1m`	string
serviceMonitor.main.endpoints[].path (1) `/metrics`	string
serviceMonitor.main.endpoints[].port (1) `metrics`	string
serviceMonitor.main.endpoints[].scheme (1) `http`	string
serviceMonitor.main.endpoints[].scrapeTimeout (1) `10s`	string
defaultPodOptions.securityContext.runAsGroup (2) `65534`	number
defaultPodOptions.securityContext.runAsNonRoot (2) `true`	boolean
defaultPodOptions.securityContext.runAsUser (2) `65534`	number
defaultPodOptions.securityContext.seccompProfile.type (2) `RuntimeDefault`	string
defaultPodOptions.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (2) `authelia`	string
defaultPodOptions.topologySpreadConstraints[].maxSkew (2) `1`	number
defaultPodOptions.topologySpreadConstraints[].topologyKey (2) `kubernetes.io/hostname`	string
defaultPodOptions.topologySpreadConstraints[].whenUnsatisfiable (2) `DoNotSchedule`	string
defaultPodOptions.enableServiceLinks (1) `false`	boolean
args[] (1) `- --config - /config/configuration.yaml - --config.experimental.filters - expand-env`	string
controller.annotations."reloader.stakater.com/auto" (1) `true`	string
controller.replicas (1) `1`	number
controller.strategy (1) `Recreate`	string
enableServiceLinks (1) `false`	boolean
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_GROUPS_DN (1) `ou=groups`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_USERS_DN (1) `ou=people`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN (1) `dc=holthome,dc=net`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_DISPLAY_NAME_ATTRIBUTE (1) `displayName`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUP_NAME_ATTRIBUTE (1) `cn`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUPS_FILTER (1) `(member={dn})`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_IMPLEMENTATION (1) `custom`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_MAIL_ATTRIBUTE (1) `mail`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_START_TLS (1) `false`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TIMEOUT (1) `5s`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_URL (1) `ldap://lldap.security.svc.cluster.local:389`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERNAME_ATTRIBUTE (1) `uid`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERS_FILTER (1) `(&({username_attribute}={input})(objectClass=person))`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_RESET_DISABLE (1) `true`	string
env.AUTHELIA_AUTHENTICATION_BACKEND_REFRESH_INTERVAL (1) `1m`	string
env.AUTHELIA_DEFAULT_REDIRECTION_URL (1) `https://auth.holthome.net`	string
env.AUTHELIA_DUO_API_DISABLE (1) `true`	string
env.AUTHELIA_LOG_LEVEL (1) `info`	string
env.AUTHELIA_NOTIFIER_SMTP_HOST (1) `smtp.mailgun.org`	string
env.AUTHELIA_NOTIFIER_SMTP_PORT (1) `587`	string
env.AUTHELIA_NOTIFIER_SMTP_SENDER (1) `Authelia <authelia@holthome.net>`	string
env.AUTHELIA_NOTIFIER_SMTP_USERNAME (1) `authelia@holthome.net`	string
env.AUTHELIA_SERVER_DISABLE_HEALTHCHECK (1) `true`	string
env.AUTHELIA_SERVER_PORT (1) `80`	number
env.AUTHELIA_SESSION_DOMAIN (1) `holthome.net`	string
env.AUTHELIA_SESSION_NAME (1) `authelia-home-ops`	string
env.AUTHELIA_STORAGE_LOCAL_PATH (1) `/data/db.sqlite3`	string
env.AUTHELIA_TELEMETRY_METRICS_ADDRESS (1) `tcp://0.0.0.0:8080`	string
env.AUTHELIA_TELEMETRY_METRICS_ENABLED (1) `true`	string
env.AUTHELIA_THEME (1) `dark`	string
env.AUTHELIA_TOTP_ISSUER (1) `authelia.com`	string
env.AUTHELIA_WEBAUTHN_DISABLE (1) `true`	string
envFrom[].secretRef.name (1) `authelia-secret`	string
image.repository (1) `ghcr.io/authelia/authelia`	string
image.tag (1) `master@sha256:bf33fbcf6a63e76be876908118a522c1d3aa99049957f9f83c490f076348e615`	string
podSecurityContext.fsGroup (1) `568`	number
podSecurityContext.fsGroupChangePolicy (1) `OnRootMismatch`	string
podSecurityContext.runAsGroup (1) `568`	number
podSecurityContext.runAsUser (1) `568`	number
probes.liveness.custom (1) `true`	boolean
probes.liveness.enabled (1) `true`	boolean
probes.liveness.spec.failureThreshold (1) `3`	number
probes.liveness.spec.httpGet.path (1) `/api/health`	string
probes.liveness.spec.httpGet.port (1) `80`	number
probes.liveness.spec.initialDelaySeconds (1) `0`	number
probes.liveness.spec.periodSeconds (1) `10`	number
probes.liveness.spec.timeoutSeconds (1) `1`	number
probes.readiness.custom (1) `true`	boolean
probes.readiness.enabled (1) `true`	boolean
probes.readiness.spec.failureThreshold (1) `3`	number
probes.readiness.spec.httpGet.path (1) `/api/health`	string
probes.readiness.spec.httpGet.port (1) `80`	number
probes.readiness.spec.initialDelaySeconds (1) `0`	number
probes.readiness.spec.periodSeconds (1) `10`	number
probes.readiness.spec.timeoutSeconds (1) `1`	number
probes.startup.custom (1) `true`	boolean
probes.startup.enabled (1) `true`	boolean
probes.startup.spec.failureThreshold (1) `30`	number
probes.startup.spec.httpGet.path (1) `/api/health`	string
probes.startup.spec.httpGet.port (1) `80`	number
probes.startup.spec.periodSeconds (1) `5`	number
probes.startup.spec.successThreshold (1) `1`	number
probes.startup.spec.timeoutSeconds (1) `1`	number
resources.limits.memory (1) `200Mi`	string
resources.requests.cpu (1) `5m`	string
resources.requests.memory (1) `10Mi`	string
route.app.hostnames[] (1) `- auth.${SECRET_PUBLIC_DOMAIN}`	string
route.app.parentRefs[].name (1) `traefik-gateway`	string
route.app.parentRefs[].namespace (1) `networking`	string
route.app.parentRefs[].sectionName (1) `websecure`	string
route.app.rules[].backendRefs[].identifier (1) `app`	string
route.app.rules[].backendRefs[].port (1) `80`	number
topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1) `authelia`	string
topologySpreadConstraints[].maxSkew (1) `1`	number
topologySpreadConstraints[].topologyKey (1) `kubernetes.io/hostname`	string
topologySpreadConstraints[].whenUnsatisfiable (1) `DoNotSchedule`	string

Key

Types

persistence.config.name (5)

authelia-configmap

string

persistence.config.type (5)

configMap

string

persistence.config.globalMounts[].path (4)

/config/configuration.yaml

string

persistence.config.globalMounts[].readOnly (4)

true

boolean

persistence.config.globalMounts[].subPath (4)

configuration.yaml

string

persistence.config.enabled (2)

true

boolean

persistence.config.mountPath (1)

/config/configuration.yaml

string

persistence.config.readOnly (1)

false

boolean

persistence.config.subPath (1)

configuration.yaml

string

persistence.secret-files.globalMounts[].path (2)

/config/secret

string

persistence.secret-files.name (2)

authelia-oauth-secret

string

persistence.secret-files.type (2)

secret

string

persistence.secret-files.enabled (1)

true

boolean

persistence.data.enabled (1)

true

boolean

persistence.data.existingClaim (1)

data-authelia

string

persistence.data.type (1)

pvc

string

persistence.secrets.globalMounts[].path (1)

/config/secrets

string

persistence.secrets.globalMounts[].readOnly (1)

true

boolean

persistence.secrets.name (1)

authelia

string

persistence.secrets.type (1)

secret

string

controllers.authelia.containers.app.env.AUTHELIA_SERVER_ADDRESS (4)

tcp://0.0.0.0:80

string

controllers.authelia.containers.app.env.AUTHELIA_SERVER_DISABLE_HEALTHCHECK (4)

true

string

controllers.authelia.containers.app.env.AUTHELIA_TELEMETRY_METRICS_ADDRESS (4)

tcp://0.0.0.0:8080

string

controllers.authelia.containers.app.env.AUTHELIA_TELEMETRY_METRICS_ENABLED (4)

true

string

controllers.authelia.containers.app.env.AUTHELIA_THEME (4)

dark

string

controllers.authelia.containers.app.env.X_AUTHELIA_CONFIG (4)

/config/configuration.yaml

string

controllers.authelia.containers.app.env.X_AUTHELIA_CONFIG_FILTERS (4)

template

string

controllers.authelia.containers.app.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDRESS (1)

ldap://lldap.kube-auth.svc.cluster.local:389

string

controllers.authelia.containers.app.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD.valueFrom.secretKeyRef.key (1)

password

string

controllers.authelia.containers.app.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD.valueFrom.secretKeyRef.name (1)

search-user-secret

string

controllers.authelia.containers.app.env.AUTHELIA_SESSION_REDIS_PASSWORD.valueFrom.secretKeyRef.key (1)

redisSecret

string

controllers.authelia.containers.app.env.AUTHELIA_SESSION_REDIS_PASSWORD.valueFrom.secretKeyRef.name (1)

redis-standalone

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_ADDRESS.valueFrom.secretKeyRef.key (1)

HOST

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_ADDRESS.valueFrom.secretKeyRef.name (1)

database-authelia

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_DATABASE.valueFrom.secretKeyRef.key (1)

DATABASE_NAME

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_DATABASE.valueFrom.secretKeyRef.name (1)

database-authelia

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_PASSWORD.valueFrom.secretKeyRef.key (1)

PASSWORD

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_PASSWORD.valueFrom.secretKeyRef.name (1)

database-authelia

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_USERNAME.valueFrom.secretKeyRef.key (1)

LOGIN

string

controllers.authelia.containers.app.env.AUTHELIA_STORAGE_POSTGRES_USERNAME.valueFrom.secretKeyRef.name (1)

database-authelia

string

controllers.authelia.containers.app.envFrom[].secretRef.name (4)

authelia-secret

string

controllers.authelia.containers.app.image.repository (4)

ghcr.io/authelia/authelia

string

controllers.authelia.containers.app.image.tag (4)

4.39.6@sha256:08776367d54d4482c54ac8ca75b18f7db3287b751106e19736780c5f6811374d

string

controllers.authelia.containers.app.probes.liveness.custom (4)

true

boolean

controllers.authelia.containers.app.probes.liveness.enabled (4)

true

boolean

controllers.authelia.containers.app.probes.liveness.spec.failureThreshold (4)

number

controllers.authelia.containers.app.probes.liveness.spec.httpGet.path (4)

/api/health

string

controllers.authelia.containers.app.probes.liveness.spec.httpGet.port (4)

number

controllers.authelia.containers.app.probes.liveness.spec.initialDelaySeconds (4)

number

controllers.authelia.containers.app.probes.liveness.spec.periodSeconds (4)

number

controllers.authelia.containers.app.probes.liveness.spec.timeoutSeconds (4)

number

controllers.authelia.containers.app.probes.readiness.custom (4)

true

boolean

controllers.authelia.containers.app.probes.readiness.enabled (4)

true

boolean

controllers.authelia.containers.app.probes.readiness.spec.failureThreshold (4)

number

controllers.authelia.containers.app.probes.readiness.spec.httpGet.path (4)

/api/health

string

controllers.authelia.containers.app.probes.readiness.spec.httpGet.port (4)

number

controllers.authelia.containers.app.probes.readiness.spec.initialDelaySeconds (4)

number

controllers.authelia.containers.app.probes.readiness.spec.periodSeconds (4)

number

controllers.authelia.containers.app.probes.readiness.spec.timeoutSeconds (4)

number

controllers.authelia.containers.app.resources.limits.memory (4)

128Mi

string

controllers.authelia.containers.app.resources.requests.cpu (4)

10m

string

controllers.authelia.containers.app.resources.requests.memory (2)

40Mi

string

controllers.authelia.containers.app.securityContext.allowPrivilegeEscalation (4)

false

boolean

controllers.authelia.containers.app.securityContext.capabilities.drop[] (4)

- ALL

string

controllers.authelia.containers.app.securityContext.readOnlyRootFilesystem (4)

true

boolean

controllers.authelia.replicas (4)

number

controllers.authelia.strategy (4)

RollingUpdate

string

controllers.authelia.annotations."reloader.stakater.com/auto" (3)

true

string

controllers.authelia.initContainers.init-db.envFrom[].secretRef.name (2)

authelia

string

controllers.authelia.initContainers.init-db.image.repository (2)

ghcr.io/home-operations/postgres-init

string

controllers.authelia.initContainers.init-db.image.tag (2)

number

controllers.authelia.pod.securityContext.runAsGroup (2)

number

controllers.authelia.pod.securityContext.runAsNonRoot (2)

true

boolean

controllers.authelia.pod.securityContext.runAsUser (2)

number

controllers.authelia.pod.securityContext.seccompProfile.type (2)

RuntimeDefault

string

controllers.authelia.pod.securityContext.fsGroup (1)

number

controllers.authelia.pod.securityContext.fsGroupChangePolicy (1)

OnRootMismatch

string

controllers.authelia.pod.annotations."reloader.stakater.com/auto" (1)

true

string

controllers.authelia.pod.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1)

authelia

string

controllers.authelia.pod.topologySpreadConstraints[].maxSkew (1)

number

controllers.authelia.pod.topologySpreadConstraints[].topologyKey (1)

kubernetes.io/hostname

string

controllers.authelia.pod.topologySpreadConstraints[].whenUnsatisfiable (1)

DoNotSchedule

string

service.app.controller (4)

authelia

string

service.app.ports.http.port (4)

number

service.app.ports.metrics.port (4)

number

service.app.ports.metrics.enabled (1)

true

boolean

service.main.ports.http.port (1)

number

service.main.ports.metrics.enabled (1)

true

boolean

service.main.ports.metrics.port (1)

number

ingress.app.className (3)

external

string

ingress.app.hosts[].host (3)

auth.${DOMAIN_NAME}

string

ingress.app.hosts[].paths[].path (3)

string

ingress.app.hosts[].paths[].service.identifier (3)

app

string

ingress.app.hosts[].paths[].service.port (3)

http

string

ingress.app.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (2)

add_header Cache-Control "no-store";
add_header Pragma "no-cache";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";

string

ingress.app.annotations."auth.home.arpa/disabled" (1)

true

string

ingress.app.annotations."hajimari.io/icon" (1)

mdi:shield-account

string

ingress.app.annotations."traefik.ingress.kubernetes.io/router.middlewares" (1)

network-system-authelia-headers@kubernetescrd

string

ingress.app.enabled (1)

true

boolean

ingress.app.tls[].hosts[] (1)

- auth.ergho.org

string

ingress.main.annotations."external-dns.alpha.kubernetes.io/target" (1)

external.holthome.net

string

ingress.main.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (1)

add_header Cache-Control "no-store";
add_header Pragma "no-cache";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";

string

ingress.main.enabled (1)

true

boolean

ingress.main.hosts[].host (1)

auth.holthome.net

string

ingress.main.hosts[].paths[].path (1)

string

ingress.main.hosts[].paths[].pathType (1)

Prefix

string

ingress.main.ingressClassName (1)

external-nginx

string

ingress.main.tls[].hosts[] (1)

- auth.holthome.net

string

serviceMonitor.app.endpoints[].interval (3)

1m

string

serviceMonitor.app.endpoints[].path (3)

/metrics

string

serviceMonitor.app.endpoints[].port (3)

metrics

string

serviceMonitor.app.endpoints[].scheme (3)

http

string

serviceMonitor.app.endpoints[].scrapeTimeout (3)

10s

string

serviceMonitor.app.serviceName (3)

authelia

string

serviceMonitor.app.enabled (1)

true

boolean

serviceMonitor.main.enabled (1)

true

boolean

serviceMonitor.main.endpoints[].interval (1)

1m

string

serviceMonitor.main.endpoints[].path (1)

/metrics

string

serviceMonitor.main.endpoints[].port (1)

metrics

string

serviceMonitor.main.endpoints[].scheme (1)

http

string

serviceMonitor.main.endpoints[].scrapeTimeout (1)

10s

string

defaultPodOptions.securityContext.runAsGroup (2)

number

defaultPodOptions.securityContext.runAsNonRoot (2)

true

boolean

defaultPodOptions.securityContext.runAsUser (2)

number

defaultPodOptions.securityContext.seccompProfile.type (2)

RuntimeDefault

string

defaultPodOptions.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (2)

authelia

string

defaultPodOptions.topologySpreadConstraints[].maxSkew (2)

number

defaultPodOptions.topologySpreadConstraints[].topologyKey (2)

kubernetes.io/hostname

string

defaultPodOptions.topologySpreadConstraints[].whenUnsatisfiable (2)

DoNotSchedule

string

defaultPodOptions.enableServiceLinks (1)

false

boolean

args[] (1)

- --config
- /config/configuration.yaml
- --config.experimental.filters
- expand-env

string

controller.annotations."reloader.stakater.com/auto" (1)

true

string

controller.replicas (1)

number

controller.strategy (1)

Recreate

string

enableServiceLinks (1)

false

boolean

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_GROUPS_DN (1)

ou=groups

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_USERS_DN (1)

ou=people

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN (1)

dc=holthome,dc=net

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_DISPLAY_NAME_ATTRIBUTE (1)

displayName

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUP_NAME_ATTRIBUTE (1)

cn

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUPS_FILTER (1)

(member={dn})

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_IMPLEMENTATION (1)

custom

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_MAIL_ATTRIBUTE (1)

mail

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_START_TLS (1)

false

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TIMEOUT (1)

5s

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_URL (1)

ldap://lldap.security.svc.cluster.local:389

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERNAME_ATTRIBUTE (1)

uid

string

env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERS_FILTER (1)

(&({username_attribute}={input})(objectClass=person))

string

env.AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_RESET_DISABLE (1)

true

string

env.AUTHELIA_AUTHENTICATION_BACKEND_REFRESH_INTERVAL (1)

1m

string

env.AUTHELIA_DEFAULT_REDIRECTION_URL (1)

https://auth.holthome.net

string

env.AUTHELIA_DUO_API_DISABLE (1)

true

string

env.AUTHELIA_LOG_LEVEL (1)

info

string

env.AUTHELIA_NOTIFIER_SMTP_HOST (1)

smtp.mailgun.org

string

env.AUTHELIA_NOTIFIER_SMTP_PORT (1)

string

env.AUTHELIA_NOTIFIER_SMTP_SENDER (1)

Authelia <authelia@holthome.net>

string

env.AUTHELIA_NOTIFIER_SMTP_USERNAME (1)

authelia@holthome.net

string

env.AUTHELIA_SERVER_DISABLE_HEALTHCHECK (1)

true

string

env.AUTHELIA_SERVER_PORT (1)

number

env.AUTHELIA_SESSION_DOMAIN (1)

holthome.net

string

env.AUTHELIA_SESSION_NAME (1)

authelia-home-ops

string

env.AUTHELIA_STORAGE_LOCAL_PATH (1)

/data/db.sqlite3

string

env.AUTHELIA_TELEMETRY_METRICS_ADDRESS (1)

tcp://0.0.0.0:8080

string

env.AUTHELIA_TELEMETRY_METRICS_ENABLED (1)

true

string

env.AUTHELIA_THEME (1)

dark

string

env.AUTHELIA_TOTP_ISSUER (1)

authelia.com

string

env.AUTHELIA_WEBAUTHN_DISABLE (1)

true

string

envFrom[].secretRef.name (1)

authelia-secret

string

image.repository (1)

ghcr.io/authelia/authelia

string

image.tag (1)

master@sha256:bf33fbcf6a63e76be876908118a522c1d3aa99049957f9f83c490f076348e615

string

podSecurityContext.fsGroup (1)

number

podSecurityContext.fsGroupChangePolicy (1)

OnRootMismatch

string

podSecurityContext.runAsGroup (1)

number

podSecurityContext.runAsUser (1)

number

probes.liveness.custom (1)

true

boolean

probes.liveness.enabled (1)

true

boolean

probes.liveness.spec.failureThreshold (1)

number

probes.liveness.spec.httpGet.path (1)

/api/health

string

probes.liveness.spec.httpGet.port (1)

number

probes.liveness.spec.initialDelaySeconds (1)

number

probes.liveness.spec.periodSeconds (1)

number

probes.liveness.spec.timeoutSeconds (1)

number

probes.readiness.custom (1)

true

boolean

probes.readiness.enabled (1)

true

boolean

probes.readiness.spec.failureThreshold (1)

number

probes.readiness.spec.httpGet.path (1)

/api/health

string

probes.readiness.spec.httpGet.port (1)

number

probes.readiness.spec.initialDelaySeconds (1)

number

probes.readiness.spec.periodSeconds (1)

number

probes.readiness.spec.timeoutSeconds (1)

number

probes.startup.custom (1)

true

boolean

probes.startup.enabled (1)

true

boolean

probes.startup.spec.failureThreshold (1)

number

probes.startup.spec.httpGet.path (1)

/api/health

string

probes.startup.spec.httpGet.port (1)

number

probes.startup.spec.periodSeconds (1)

number

probes.startup.spec.successThreshold (1)

number

probes.startup.spec.timeoutSeconds (1)

number

resources.limits.memory (1)

200Mi

string

resources.requests.cpu (1)

5m

string

resources.requests.memory (1)

10Mi

string

route.app.hostnames[] (1)

- auth.${SECRET_PUBLIC_DOMAIN}

string

route.app.parentRefs[].name (1)

traefik-gateway

string

route.app.parentRefs[].namespace (1)

networking

string

route.app.parentRefs[].sectionName (1)

websecure

string

route.app.rules[].backendRefs[].identifier (1)

app

string

route.app.rules[].backendRefs[].port (1)

number

topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1)

authelia

string

topologySpreadConstraints[].maxSkew (1)

number

topologySpreadConstraints[].topologyKey (1)

kubernetes.io/hostname

string

topologySpreadConstraints[].whenUnsatisfiable (1)

DoNotSchedule

string