Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies.
authelia from bjw-s is more popular with 54 repositories.
Install with:
helm repo add authelia https://charts.authelia.com/
helm install authelia authelia/authelia -f values.yaml
See examples from other people.
Name | Repo | Stars | Version | Timestamp |
---|---|---|---|---|
authelia | wrmilling/k3s-gitops | 200 | 0.8.58 | 6 hours ago |
authelia | pascaliske/infrastructure | 48 | 0.9.0-beta7 | 5 days ago |
See the most popular values for this chart:
Key | Types |
---|---|
boolean | |
boolean | |
configMap.notifier.smtp.sender (2) ${SMTP_ACCOUNT_AUTH_EMAIL} | string |
configMap.notifier.smtp.subject (2) [auth@infrastructure] {title} | string |
configMap.notifier.smtp.username (2) ${SMTP_ACCOUNT_AUTH_EMAIL} | string |
configMap.notifier.smtp.address (1) ${SMTP_HOST}:587 | string |
configMap.notifier.smtp.host (1) ${SECRET_SMTP_DOMAIN} | string |
string | |
configMap.notifier.smtp.password.path (1) SMTP_PASSWORD | string |
number | |
configMap.notifier.smtp.startup_check_address (1) ${SECRET_AUTH_SMTP_USER} | string |
boolean | |
boolean | |
configMap.notifier.filesystem.filename (1) /config/notification.txt | string |
string | |
configMap.access_control.rules[].domain (2) authelia.${SECRET_DOMAIN} | string |
configMap.access_control.rules[].policy (2) bypass | string |
configMap.access_control.rules[].subject[] (2) - group:admins | string |
configMap.access_control.rules[].domain[] (1) - unifi.${DOMAIN_INTERNAL} | string |
configMap.access_control.rules[].resources[] (1) - /dns-query | string |
boolean | |
boolean | |
string | |
configMap.authentication_backend.file.path (2) /config/users_database.yml | string |
boolean | |
boolean | |
boolean | |
string | |
string | |
configMap.authentication_backend.ldap.base_dn (1) ${SECRET_LDAP_BASE_DN} | string |
boolean | |
configMap.authentication_backend.ldap.groups_filter (1) (&(member={dn})(objectclass=groupOfNames)) | string |
string | |
configMap.authentication_backend.ldap.url (1) ldap://openldap:1389 | string |
configMap.authentication_backend.ldap.user (1) CN=${SECRET_LDAP_ADMIN_USERNAME},${SECRET_LDAP_BASE_DN} | string |
string | |
configMap.authentication_backend.ldap.users_filter (1) (&({username_attribute}={input})(objectClass=person)) | string |
boolean | |
boolean | |
string | |
string | |
boolean | |
configMap.session.redis.host (2) redis.redis.svc.cluster.local | string |
number | |
boolean | |
number | |
string | |
configMap.session.cookies[].default_redirection_url (1) https://${DOMAIN_INTERNAL} | string |
configMap.session.cookies[].domain (1) ${DOMAIN_INTERNAL} | string |
string | |
configMap.session.encryption_key.path (1) STORAGE_ENCRYPTION_KEY | string |
string | |
string | |
boolean | |
configMap.storage.local.path (2) /config/db.sqlite3 | string |
boolean | |
string | |
configMap.storage.postgres.host (1) shared-psql-v16-rw.default.svc | string |
number | |
string | |
string | |
configMap.storage.encryption_key.path (1) STORAGE_ENCRYPTION_KEY | string |
boolean | |
string | |
configMap.identity_providers.oidc.clients[].authorization_policy (1) two_factor | string |
configMap.identity_providers.oidc.clients[].client_id (1) synology-dsm | string |
configMap.identity_providers.oidc.clients[].client_name (1) Synology DSM | string |
configMap.identity_providers.oidc.clients[].client_secret (1) ${AUTH_OIDC_CLIENT_SECRET_HASH} | string |
boolean | |
configMap.identity_providers.oidc.clients[].redirect_uris[] (1) - https://ryloth.${DOMAIN_INTERNAL} | string |
configMap.identity_providers.oidc.clients[].scopes[] (1) - openid | string |
configMap.identity_providers.oidc.clients[].token_endpoint_auth_method (1) client_secret_post | string |
string | |
boolean | |
configMap.identity_providers.oidc.hmac_secret.path (1) OIDC_HMAC_SECRET | string |
configMap.identity_providers.oidc.jwks[].key.path (1) /extras/oidc-jwks-key.pem | string |
string | |
string | |
string | |
number | |
string | |
string | |
string | |
boolean | |
boolean | |
configMap.webauthn.display_name (1) auth@infrastructure | string |
domain (2) ${SECRET_DOMAIN} | string |
boolean | |
persistence.existingClaim (1) pvc-authelia | string |
persistence.storageClass (1) local-path | string |
pod.kind (2) Deployment | string |
string | |
string | |
string | |
string | |
string | |
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN (1) dc=home,dc=arpa | string |
string | |
string | |
string | |
string | |
string | |
string | |
string | |
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_URL (1) ldap://lldap.default.svc.cluster.local:389 | string |
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USER (1) uid=admin,ou=people,dc=home,dc=arpa | string |
string | |
pod.env.AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERS_FILTER (1) (&({username_attribute}={input})(objectClass=person)) | string |
string | |
string | |
pod.env.AUTHELIA_DEFAULT_REDIRECTION_URL (1) https://auth.${SECRET_DOMAIN} | string |
string | |
string | |
number | |
pod.env.AUTHELIA_SESSION_DOMAIN (1) ${SECRET_DOMAIN} | string |
string | |
pod.env.AUTHELIA_TOTP_ISSUER (1) authelia.com | string |
string | |
string | |
pod.env[].value (1) ${TIMEZONE} | string |
pod.extraVolumeMounts[].mountPath (1) /extras/users.yaml | string |
pod.extraVolumeMounts[].name (1) users | string |
boolean | |
pod.extraVolumeMounts[].subPath (1) users.yaml | string |
string | |
string | |
pod.extraVolumes[].configMap.name (1) authelia-users | string |
pod.extraVolumes[].name (1) users | string |
pod.extraVolumes[].secret.items[].key (1) oidc-jwks-key.pem | string |
pod.extraVolumes[].secret.items[].path (1) oidc-jwks-key.pem | string |
pod.extraVolumes[].secret.secretName (1) authelia-oidc-jwks-key | string |
number | |
string | |
string | |
pod.strategy.type (1) Recreate | string |
string | |
string | |
secret.existingSecret (2) authelia-secrets | string |
secret.ldap.key (1) LDAP_PASSWORD | string |
secret.ldap.value (1) ${SECRET_LDAP_ADMIN_PASSWORD} | string |
secret.redis.key (1) REDIS_PASSWORD | string |
secret.redis.value (1) ${SECRET_AUTH_REDIS_PASSWORD} | string |
secret.smtp.key (1) SMTP_PASSWORD | string |
secret.smtp.value (1) ${SECRET_AUTH_SMTP_PASSWORD} | string |
secret.storage.key (1) STORAGE_PASSWORD | string |
secret.storage.value (1) ${SECRET_AUTH_STORAGE_PASSWORD} | string |
secret.storageEncryptionKey.key (1) STORAGE_ENCRYPTION_KEY | string |
secret.storageEncryptionKey.value (1) ${SECRET_AUTH_STORAGE_ENC_KEY} | string |
envFrom[].secretRef.name (1) authelia-secrets | string |
image.registry (1) ghcr.io | string |
image.repository (1) authelia/authelia | string |
image.tag (1) 4.38.9 | string |
ingress.annotations."cert-manager.io/cluster-issuer" (1) letsencrypt-prod | string |
string | |
ingress.className (1) nginx-external | string |
boolean | |
string | |
boolean | |
ingress.tls.secret (1) authelia-cert | string |
number |