authelia helm release

authelia helm

Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies.

More popular helm chart found

authelia from bjw-s is more popular with 24 repositories.

Install

Install with:

helm repo add authelia https://charts.authelia.com/ helm install authelia authelia/authelia -f values.yaml

Top Repositories (2 out of 5)

See examples from other people.

Filter repos who also have:

Name	Repo	Stars	Version	Timestamp
authelia	Pumba98/flux2-gitops	33	0.8.58	a month ago
authelia	dfroberg/cluster	47	0.8.38	6 months ago

Name

Repo

Stars

Version

Timestamp

authelia

Pumba98/flux2-gitops

0.8.58

a month ago

authelia

dfroberg/cluster

0.8.38

6 months ago

Values

See the most popular values for this chart:

Key	Types
configMap.authentication_backend.file.enabled (5) `true`	boolean
configMap.authentication_backend.file.password.algorithm (4) `argon2id`	string
configMap.authentication_backend.file.password.argon2.iterations (2) `1`	number
configMap.authentication_backend.file.password.argon2.key_length (2) `32`	number
configMap.authentication_backend.file.password.argon2.memory (2) `1024`	number
configMap.authentication_backend.file.password.argon2.parallelism (2) `8`	number
configMap.authentication_backend.file.password.argon2.salt_length (2) `16`	number
configMap.authentication_backend.file.password.argon2.variant (2) `argon2id`	string
configMap.authentication_backend.file.path (3) `/config/users_database.yml`	string
configMap.authentication_backend.ldap.enabled (5) `false`	boolean
configMap.authentication_backend.ldap.additional_groups_dn (1)	string
configMap.authentication_backend.ldap.additional_users_dn (1)	string
configMap.authentication_backend.ldap.base_dn (1) `${SECRET_LDAP_BASE_DN}`	string
configMap.authentication_backend.ldap.groups_filter (1) `(&(member={dn})(objectclass=*))`	string
configMap.authentication_backend.ldap.implementation (1) `custom`	string
configMap.authentication_backend.ldap.mail_attribute (1) `${SECRET_ACME_EMAIL}`	string
configMap.authentication_backend.ldap.url (1) `ldap://glauth.kube-system.svc.cluster.local:389`	string
configMap.authentication_backend.ldap.user (1) `${SECRET_LDAP_USER},${SECRET_LDAP_BASE_DN}`	string
configMap.authentication_backend.ldap.username_attribute (1) `uid`	string
configMap.authentication_backend.ldap.users_filter (1) `(&(\|({username_attribute}={input})({mail_attribute}={input}))(objectClass=*))`	string
configMap.authentication_backend.disable_reset_password (1) `true`	boolean
configMap.notifier.smtp.enabled (5) `true`	boolean
configMap.notifier.smtp.enabledSecret (3) `true`	boolean
configMap.notifier.smtp.host (3) `smtp.gmail.com`	string
configMap.notifier.smtp.port (3) `587`	number
configMap.notifier.smtp.sender (3) `authelia@${SECRET_DOMAIN}`	string
configMap.notifier.smtp.subject (2) `[Authelia] {title}`	string
configMap.notifier.smtp.username (2) `mail@${SECRET_DOMAIN}`	string
configMap.notifier.smtp.disable_html_emails (1) `false`	boolean
configMap.notifier.smtp.disable_require_tls (1) `false`	boolean
configMap.notifier.smtp.identifier (1) `${SECRET_DOMAIN}`	string
configMap.notifier.smtp.startup_check_address (1) `${SECRET_SMTP_USER}`	string
configMap.notifier.smtp.timeout (1) `5s`	string
configMap.notifier.disable_startup_check (3) `true`	boolean
configMap.notifier.filesystem.enabled (2) `true`	boolean
configMap.notifier.filesystem.filename (1) `/config/notification.txt`	string
configMap.session.redis.enabled (5) `true`	boolean
configMap.session.redis.enabledSecret (3) `true`	boolean
configMap.session.redis.host (3) `authelia-redis-master`	string
configMap.session.redis.database_index (1) `3`	number
configMap.session.expiration (3) `1h`	string
configMap.session.inactivity (3) `5m`	string
configMap.session.remember_me_duration (3) `1M`	string
configMap.session.name (2) `authelia_session`	string
configMap.session.same_site (2) `lax`	string
configMap.storage.postgres.enabled (5) `true`	boolean
configMap.storage.postgres.host (2) `authelia-postgresql`	string
configMap.storage.postgres.database (1) `authelia`	string
configMap.storage.postgres.username (1) `authelia`	string
configMap.storage.local.enabled (2) `true`	boolean
configMap.storage.local.path (1) `/config/db.sqlite3`	string
configMap.storage.mysql.enabled (1) `false`	boolean
configMap.access_control.default_policy (4) `deny`	string
configMap.access_control.rules[].policy (4) `bypass two_factor one_factor one_factor`	string
configMap.access_control.rules[].domain (3) `*.${SECRET_DOMAIN}`	string
configMap.access_control.rules[].domain[] (3) `- paperless.${SECRET_DOMAIN} - longhorn.${SECRET_DOMAIN} - jd2.${SECRET_DOMAIN} - grafana.${SECRET_DOMAIN} - gitops.${SECRET_DOMAIN} - receipes.${SECRET_DOMAIN} - homer.${SECRET_DOMAIN} - prometheus.${SECRET_DOMAIN} - alert-manager.${SECRET_DOMAIN} - goldilocks.${SECRET_DOMAIN}`	string
configMap.access_control.rules[].networks[] (3) `- private`	string
configMap.access_control.rules[].subject[] (2) `- group:admins - group:admins`	string
configMap.access_control.rules[].resources[] (1) `- ^/api([/?].)?$ - ^/(.)/api([/?].)?$ - ^/static([/?].)?$ - ^/manifest[.]json$`	string
configMap.access_control.networks[].name (3) `private`	string
configMap.access_control.networks[].networks[] (3) `- ${PRIVATE_NETWORK}`	string
configMap.theme (4) `dark`	string
configMap.enabled (3) `true`	boolean
configMap.regulation.ban_time (3) `5m`	string
configMap.regulation.find_time (3) `2m`	string
configMap.regulation.max_retries (3) `3`	number
configMap.log.level (2) `trace`	string
configMap.server.read_buffer_size (1) `8192`	number
configMap.server.write_buffer_size (1) `8192`	number
configMap.telemetry.metrics.enabled (1) `true`	boolean
configMap.telemetry.metrics.serviceMonitor.enabled (1) `true`	boolean
domain (5) `${SECRET_DOMAIN}`	string
pod.kind (5) `Deployment`	string
pod.extraVolumeMounts[].mountPath (3) `/config/users_database.yml`	string
pod.extraVolumeMounts[].name (3) `users-volume`	string
pod.extraVolumeMounts[].subPath (2) `users_database.yml`	string
pod.extraVolumes[].name (3) `users-volume`	string
pod.extraVolumes[].secret.secretName (2) `authelia-users`	string
pod.extraVolumes[].configMap.items[].key (1) `users_database.yml`	string
pod.extraVolumes[].configMap.items[].path (1) `users_database.yml`	string
pod.extraVolumes[].configMap.name (1) `authelia-config-custom`	string
pod.replicas (3) `1`	number
pod.resources.requests.cpu (3) `150m`	string, number
pod.resources.requests.memory (3) `200Mi`	string
pod.resources.limits.memory (1) `125Mi`	string
pod.strategy.type (3) `Recreate`	string
pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].key (1) `kubernetes.io/arch`	string
pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].operator (1) `In`	string
pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].values[] (1) `- amd64`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_GROUPS_DN (1) `ou=groups`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_USERS_DN (1) `ou=people`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN (1) `dc=home,dc=arpa`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_DISPLAY_NAME_ATTRIBUTE (1) `displayName`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUP_NAME_ATTRIBUTE (1) `cn`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUPS_FILTER (1) `(member={dn})`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_IMPLEMENTATION (1) `custom`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_MAIL_ATTRIBUTE (1) `mail`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_START_TLS (1) `false`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TIMEOUT (1) `5s`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_URL (1) `ldap://lldap.default.svc.cluster.local:389`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USER (1) `uid=admin,ou=people,dc=home,dc=arpa`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERNAME_ATTRIBUTE (1) `uid`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERS_FILTER (1) `(&({username_attribute}={input})(objectClass=person))`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_RESET_DISABLE (1) `true`	string
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_REFRESH_INTERVAL (1) `1m`	string
pod.env.AUTHELIA_DEFAULT_REDIRECTION_URL (1) `https://auth.${SECRET_DOMAIN}`	string
pod.env.AUTHELIA_DUO_API_DISABLE (1) `true`	string
pod.env.AUTHELIA_LOG_LEVEL (1) `trace`	string
pod.env.AUTHELIA_SERVER_PORT (1) `80`	number
pod.env.AUTHELIA_SESSION_DOMAIN (1) `${SECRET_DOMAIN}`	string
pod.env.AUTHELIA_THEME (1) `grey`	string
pod.env.AUTHELIA_TOTP_ISSUER (1) `authelia.com`	string
pod.env.AUTHELIA_WEBAUTHN_DISABLE (1) `true`	string
pod.env[].name (1) `TZ`	string
pod.env[].value (1) `${CLUSTER_TZ}`	string
ingress.enabled (4) `true`	boolean
ingress.subdomain (4) `auth`	string
ingress.annotations."external-dns.alpha.kubernetes.io/target" (3) `${SECRET_GATEWAY}`	string
ingress.annotations."hajimari.io/appName" (2) `Authelia`	string
ingress.annotations."hajimari.io/icon" (2) `login`	string
ingress.annotations."cert-manager.io/cluster-issuer" (1) `letsencrypt`	string
ingress.annotations.external-dns/is-public (1) `true`	string
ingress.annotations."external-dns.alpha.kubernetes.io/hostname" (1) `authelia.${DOMAIN}.`	string
ingress.annotations."hajimari.io/enable" (1) `true`	string
ingress.annotations."haproxy-ingress-proxy.pfsense.org/backend" (1) `nginx-443`	string
ingress.annotations."haproxy-ingress-proxy.pfsense.org/enabled" (1) `true`	string
ingress.annotations."haproxy-ingress-proxy.pfsense.org/frontend" (1) `https-443`	string
ingress.tls.enabled (3) `true`	boolean
ingress.tls.secret (1) `${SECRET_DOMAIN//./-}-tls`	string
ingress.className (2) `nginx`	string
ingress.ingressClassName (1) `nginx`	string
secret.existingSecret (3) `authelia`	string
secret.jwt.filename (1) `JWT_TOKEN`	string
secret.jwt.key (1) `JWT_TOKEN`	string
secret.jwt.value (1) `${SECRET_AUTHELIA_JWT_SECRET}`	string
secret.redis.filename (1) `REDIS_PASSWORD`	string
secret.redis.key (1) `REDIS_PASSWORD`	string
secret.redis.value (1) `${SECRET_REDIS_PASSWORD}`	string
secret.smtp.filename (1) `SMTP_PASSWORD`	string
secret.smtp.key (1) `SMTP_PASSWORD`	string
secret.smtp.value (1) `${SECRET_AUTHELIA_SMTP_PASSWORD}`	string
secret.storage.filename (1) `STORAGE_PASSWORD`	string
secret.storage.key (1) `STORAGE_PASSWORD`	string
secret.storage.value (1) `${SECRET_AUTHELIA_POSTGRES_PASSWORD}`	string
secret.storageEncryptionKey.filename (1) `STORAGE_ENCRYPTION_KEY`	string
secret.storageEncryptionKey.key (1) `STORAGE_ENCRYPTION_KEY`	string
secret.storageEncryptionKey.value (1) `${SECRET_AUTHELIA_STORAGE_ENCRYPTION_KEY}`	string
envFrom[].secretRef.name (1) `authelia-secrets`	string
persistence.enabled (1) `true`	boolean
persistence.existingClaim (1) `pvc-authelia`	string
service.annotations."prometheus.io/probe" (1) `true`	string
service.annotations."prometheus.io/protocol" (1) `http`	string
service.port (1) `80`	number

Key

Types

configMap.authentication_backend.file.enabled (5)

true

boolean

configMap.authentication_backend.file.password.algorithm (4)

argon2id

string

configMap.authentication_backend.file.password.argon2.iterations (2)

number

configMap.authentication_backend.file.password.argon2.key_length (2)

number

configMap.authentication_backend.file.password.argon2.memory (2)

number

configMap.authentication_backend.file.password.argon2.parallelism (2)

number

configMap.authentication_backend.file.password.argon2.salt_length (2)

number

configMap.authentication_backend.file.password.argon2.variant (2)

argon2id

string

configMap.authentication_backend.file.path (3)

/config/users_database.yml

string

configMap.authentication_backend.ldap.enabled (5)

false

boolean

configMap.authentication_backend.ldap.additional_groups_dn (1)

string

configMap.authentication_backend.ldap.additional_users_dn (1)

string

configMap.authentication_backend.ldap.base_dn (1)

${SECRET_LDAP_BASE_DN}

string

configMap.authentication_backend.ldap.groups_filter (1)

(&(member={dn})(objectclass=*))

string

configMap.authentication_backend.ldap.implementation (1)

custom

string

configMap.authentication_backend.ldap.mail_attribute (1)

${SECRET_ACME_EMAIL}

string

configMap.authentication_backend.ldap.url (1)

ldap://glauth.kube-system.svc.cluster.local:389

string

configMap.authentication_backend.ldap.user (1)

${SECRET_LDAP_USER},${SECRET_LDAP_BASE_DN}

string

configMap.authentication_backend.ldap.username_attribute (1)

uid

string

configMap.authentication_backend.ldap.users_filter (1)

(&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=*))

string

configMap.authentication_backend.disable_reset_password (1)

true

boolean

configMap.notifier.smtp.enabled (5)

true

boolean

configMap.notifier.smtp.enabledSecret (3)

true

boolean

configMap.notifier.smtp.host (3)

smtp.gmail.com

string

configMap.notifier.smtp.port (3)

number

configMap.notifier.smtp.sender (3)

authelia@${SECRET_DOMAIN}

string

configMap.notifier.smtp.subject (2)

[Authelia] {title}

string

configMap.notifier.smtp.username (2)

mail@${SECRET_DOMAIN}

string

configMap.notifier.smtp.disable_html_emails (1)

false

boolean

configMap.notifier.smtp.disable_require_tls (1)

false

boolean

configMap.notifier.smtp.identifier (1)

${SECRET_DOMAIN}

string

configMap.notifier.smtp.startup_check_address (1)

${SECRET_SMTP_USER}

string

configMap.notifier.smtp.timeout (1)

5s

string

configMap.notifier.disable_startup_check (3)

true

boolean

configMap.notifier.filesystem.enabled (2)

true

boolean

configMap.notifier.filesystem.filename (1)

/config/notification.txt

string

configMap.session.redis.enabled (5)

true

boolean

configMap.session.redis.enabledSecret (3)

true

boolean

configMap.session.redis.host (3)

authelia-redis-master

string

configMap.session.redis.database_index (1)

number

configMap.session.expiration (3)

1h

string

configMap.session.inactivity (3)

5m

string

configMap.session.remember_me_duration (3)

1M

string

configMap.session.name (2)

authelia_session

string

configMap.session.same_site (2)

lax

string

configMap.storage.postgres.enabled (5)

true

boolean

configMap.storage.postgres.host (2)

authelia-postgresql

string

configMap.storage.postgres.database (1)

authelia

string

configMap.storage.postgres.username (1)

authelia

string

configMap.storage.local.enabled (2)

true

boolean

configMap.storage.local.path (1)

/config/db.sqlite3

string

configMap.storage.mysql.enabled (1)

false

boolean

configMap.access_control.default_policy (4)

deny

string

configMap.access_control.rules[].policy (4)

bypass
two_factor
one_factor
one_factor

string

configMap.access_control.rules[].domain (3)

*.${SECRET_DOMAIN}

string

configMap.access_control.rules[].domain[] (3)

- paperless.${SECRET_DOMAIN}
- longhorn.${SECRET_DOMAIN}
- jd2.${SECRET_DOMAIN}
- grafana.${SECRET_DOMAIN}
- gitops.${SECRET_DOMAIN}
- receipes.${SECRET_DOMAIN}
- homer.${SECRET_DOMAIN}
- prometheus.${SECRET_DOMAIN}
- alert-manager.${SECRET_DOMAIN}
- goldilocks.${SECRET_DOMAIN}

string

configMap.access_control.rules[].networks[] (3)

- private

string

configMap.access_control.rules[].subject[] (2)

- group:admins
- group:admins

string

configMap.access_control.rules[].resources[] (1)

- ^/api([/?].*)?$
- ^/(.*)/api([/?].*)?$
- ^/static([/?].*)?$
- ^/manifest[.]json$

string

configMap.access_control.networks[].name (3)

private

string

configMap.access_control.networks[].networks[] (3)

- ${PRIVATE_NETWORK}

string

configMap.theme (4)

dark

string

configMap.enabled (3)

true

boolean

configMap.regulation.ban_time (3)

5m

string

configMap.regulation.find_time (3)

2m

string

configMap.regulation.max_retries (3)

number

configMap.log.level (2)

trace

string

configMap.server.read_buffer_size (1)

number

configMap.server.write_buffer_size (1)

number

configMap.telemetry.metrics.enabled (1)

true

boolean

configMap.telemetry.metrics.serviceMonitor.enabled (1)

true

boolean

domain (5)

${SECRET_DOMAIN}

string

pod.kind (5)

Deployment

string

pod.extraVolumeMounts[].mountPath (3)

/config/users_database.yml

string

pod.extraVolumeMounts[].name (3)

users-volume

string

pod.extraVolumeMounts[].subPath (2)

users_database.yml

string

pod.extraVolumes[].name (3)

users-volume

string

pod.extraVolumes[].secret.secretName (2)

authelia-users

string

pod.extraVolumes[].configMap.items[].key (1)

users_database.yml

string

pod.extraVolumes[].configMap.items[].path (1)

users_database.yml

string

pod.extraVolumes[].configMap.name (1)

authelia-config-custom

string

pod.replicas (3)

number

pod.resources.requests.cpu (3)

150m

string, number

pod.resources.requests.memory (3)

200Mi

string

pod.resources.limits.memory (1)

125Mi

string

pod.strategy.type (3)

Recreate

string

pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].key (1)

kubernetes.io/arch

string

pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].operator (1)

In

string

pod.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[].matchExpressions[].values[] (1)

- amd64

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_GROUPS_DN (1)

ou=groups

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_USERS_DN (1)

ou=people

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN (1)

dc=home,dc=arpa

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_DISPLAY_NAME_ATTRIBUTE (1)

displayName

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUP_NAME_ATTRIBUTE (1)

cn

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUPS_FILTER (1)

(member={dn})

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_IMPLEMENTATION (1)

custom

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_MAIL_ATTRIBUTE (1)

mail

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_START_TLS (1)

false

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TIMEOUT (1)

5s

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_URL (1)

ldap://lldap.default.svc.cluster.local:389

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USER (1)

uid=admin,ou=people,dc=home,dc=arpa

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERNAME_ATTRIBUTE (1)

uid

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERS_FILTER (1)

(&({username_attribute}={input})(objectClass=person))

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_RESET_DISABLE (1)

true

string

pod.env.AUTHELIA_AUTHENTICATION_BACKEND_REFRESH_INTERVAL (1)

1m

string

pod.env.AUTHELIA_DEFAULT_REDIRECTION_URL (1)

https://auth.${SECRET_DOMAIN}

string

pod.env.AUTHELIA_DUO_API_DISABLE (1)

true

string

pod.env.AUTHELIA_LOG_LEVEL (1)

trace

string

pod.env.AUTHELIA_SERVER_PORT (1)

number

pod.env.AUTHELIA_SESSION_DOMAIN (1)

${SECRET_DOMAIN}

string

pod.env.AUTHELIA_THEME (1)

grey

string

pod.env.AUTHELIA_TOTP_ISSUER (1)

authelia.com

string

pod.env.AUTHELIA_WEBAUTHN_DISABLE (1)

true

string

pod.env[].name (1)

TZ

string

pod.env[].value (1)

${CLUSTER_TZ}

string

ingress.enabled (4)

true

boolean

ingress.subdomain (4)

auth

string

ingress.annotations."external-dns.alpha.kubernetes.io/target" (3)

${SECRET_GATEWAY}

string

ingress.annotations."hajimari.io/appName" (2)

Authelia

string

ingress.annotations."hajimari.io/icon" (2)

login

string

ingress.annotations."cert-manager.io/cluster-issuer" (1)

letsencrypt

string

ingress.annotations.external-dns/is-public (1)

true

string

ingress.annotations."external-dns.alpha.kubernetes.io/hostname" (1)

authelia.${DOMAIN}.

string

ingress.annotations."hajimari.io/enable" (1)

true

string

ingress.annotations."haproxy-ingress-proxy.pfsense.org/backend" (1)

nginx-443

string

ingress.annotations."haproxy-ingress-proxy.pfsense.org/enabled" (1)

true

string

ingress.annotations."haproxy-ingress-proxy.pfsense.org/frontend" (1)

https-443

string

ingress.tls.enabled (3)

true

boolean

ingress.tls.secret (1)

${SECRET_DOMAIN//./-}-tls

string

ingress.className (2)

nginx

string

ingress.ingressClassName (1)

nginx

string

secret.existingSecret (3)

authelia

string

secret.jwt.filename (1)

JWT_TOKEN

string

secret.jwt.key (1)

JWT_TOKEN

string

secret.jwt.value (1)

${SECRET_AUTHELIA_JWT_SECRET}

string

secret.redis.filename (1)

REDIS_PASSWORD

string

secret.redis.key (1)

REDIS_PASSWORD

string

secret.redis.value (1)

${SECRET_REDIS_PASSWORD}

string

secret.smtp.filename (1)

SMTP_PASSWORD

string

secret.smtp.key (1)

SMTP_PASSWORD

string

secret.smtp.value (1)

${SECRET_AUTHELIA_SMTP_PASSWORD}

string

secret.storage.filename (1)

STORAGE_PASSWORD

string

secret.storage.key (1)

STORAGE_PASSWORD

string

secret.storage.value (1)

${SECRET_AUTHELIA_POSTGRES_PASSWORD}

string

secret.storageEncryptionKey.filename (1)

STORAGE_ENCRYPTION_KEY

string

secret.storageEncryptionKey.key (1)

STORAGE_ENCRYPTION_KEY

string

secret.storageEncryptionKey.value (1)

${SECRET_AUTHELIA_STORAGE_ENCRYPTION_KEY}

string

envFrom[].secretRef.name (1)

authelia-secrets

string

persistence.enabled (1)

true

boolean

persistence.existingClaim (1)

pvc-authelia

string

service.annotations."prometheus.io/probe" (1)

true

string

service.annotations."prometheus.io/protocol" (1)

http

string

service.port (1)

number