authentik helm

No introduction found. Create it?

Install

Install with:

helm repo add authentik-charts https://charts.goauthentik.io/
helm install authentik authentik-charts/authentik -f values.yaml

Top Repositories (5 out of 36)

See examples from other people.

NameRepoStarsVersionTimestamp
authentikkashalls/home-cluster512023.10.4a day ago
authentikLilDrunkenSmurf/k3s-home-cluster362023.10.42 days ago
authentiksamip5/k8s-cluster612023.10.417 days ago
authentikangelnu/k8s-gitops1102023.10.419 days ago
authentikh3mmy/bloopySphere412023.10.419 days ago

Values

See the most popular values for this chart:

KeyTypes
ingress.enabled (36)
true
boolean
ingress.hosts[].host (36)
authentik.${SECRET_DOMAIN}
string
ingress.hosts[].paths[].path (36)
/
string
ingress.hosts[].paths[].pathType (24)
Prefix
string
ingress.hosts[].paths[].service.port (1)
number
ingress.tls[].hosts[] (35)
- authentik.${SECRET_DOMAIN}
string
ingress.tls[].secretName (22)
authentik-tls
string
ingress.ingressClassName (34)
nginx
string
ingress.annotations."external-dns.alpha.kubernetes.io/target" (17)
ingress.${SECRET_DOMAIN}
string
ingress.annotations."cert-manager.io/cluster-issuer" (12)
letsencrypt-production
string
ingress.annotations."hajimari.io/icon" (11)
string
ingress.annotations."hajimari.io/enable" (8)
true
string
ingress.annotations."nginx.ingress.kubernetes.io/proxy-read-timeout" (8)
3600
string
ingress.annotations."nginx.ingress.kubernetes.io/proxy-send-timeout" (8)
3600
string
ingress.annotations."external-dns.home.arpa/enabled" (4)
true
string
ingress.annotations."hajimari.io/appName" (4)
Authentik
string
ingress.annotations."nginx.ingress.kubernetes.io/enable-global-auth" (4)
false
string
ingress.annotations."nginx.org/websocket-services" (4)
authentik
string
ingress.annotations."traefik.ingress.kubernetes.io/router.entrypoints" (4)
websecure
string
ingress.annotations."gethomepage.dev/enabled" (3)
true
string
ingress.annotations."gethomepage.dev/group" (3)
string
ingress.annotations."gethomepage.dev/icon" (3)
string
ingress.annotations."gethomepage.dev/name" (3)
string
ingress.annotations.external-dns/is-public (2)
string
ingress.annotations."external-dns.alpha.kubernetes.io/hostname" (2)
string
ingress.annotations."gethomepage.dev/description" (2)
string
ingress.annotations."gethomepage.dev/widget.type" (2)
string
ingress.annotations."gethomepage.dev/widget.url" (2)
string
ingress.annotations."hajimari.io/group" (2)
string
ingress.annotations."kubernetes.io/tls-acme" (2)
string
ingress.annotations."nginx.ingress.kubernetes.io/router.entrypoints" (2)
string
ingress.annotations."traefik.ingress.kubernetes.io/router.middlewares" (2)
string
ingress.annotations."coredns.io/hostname" (1)
string
ingress.annotations."external-dns.alpha.kubernetes.io/cloudflare-proxied" (1)
string
ingress.annotations."external-dns.alpha.kubernetes.io/public" (1)
string
ingress.annotations."external-dns.target/enabled" (1)
string
ingress.annotations."external.home.arpa/enabled" (1)
string
ingress.annotations."gethomepage.dev/widget.key" (1)
string
ingress.annotations."hajimari.io/info" (1)
string
ingress.annotations."hajimari.io/instance" (1)
string
ingress.annotations."hajimari.io/url" (1)
string
ingress.annotations."haproxy-ingress-proxy.pfsense.org/backend" (1)
string
ingress.annotations."haproxy-ingress-proxy.pfsense.org/enabled" (1)
string
ingress.annotations."haproxy-ingress-proxy.pfsense.org/frontend" (1)
string
ingress.annotations."kubernetes.io/ingress.class" (1)
string
ingress.annotations."nginx.ingress.kubernetes.io/force-ssl-redirect" (1)
string
redis.enabled (34)
true
boolean
redis.auth.enabled (10)
true
boolean
redis.auth.password (4)
string
redis.metrics.enabled (5)
true
boolean
redis.metrics.serviceMonitor.enabled (5)
true
boolean
redis.metrics.resources.limits.memory (1)
string
redis.metrics.resources.requests.cpu (1)
string
redis.metrics.resources.requests.memory (1)
string
redis.persistence.enabled (4)
false
boolean
redis.global.imageRegistry (2)
string
redis.global.storageClass (2)
string
redis.architecture (1)
string
redis.commonConfiguration (1)
string
redis.image.tag (1)
string
redis.master.persistence.enabled (1)
boolean
redis.master.persistence.existingClaim (1)
string
redis.master.persistence.size (1)
string
redis.master.podSecurityContext.enabled (1)
boolean
redis.master.podSecurityContext.fsGroup (1)
number
redis.master.podSecurityContext.fsGroupChangePolicy (1)
string
redis.master.podSecurityContext.runAsGroup (1)
number
redis.master.podSecurityContext.runAsUser (1)
number
redis.master.resources.limits.memory (1)
string
redis.master.resources.requests.cpu (1)
string
redis.master.resources.requests.memory (1)
string
redis.master.securityContext.enabled (1)
boolean
redis.replica.podSecurityContext.enabled (1)
boolean
redis.replica.podSecurityContext.fsGroup (1)
number
redis.replica.podSecurityContext.fsGroupChangePolicy (1)
string
redis.replica.podSecurityContext.runAsGroup (1)
number
redis.replica.podSecurityContext.runAsUser (1)
number
authentik.log_level (25)
debug
string
authentik.email.port (19)
587
number, string
authentik.email.from (17)
string
authentik.email.host (15)
smtp-relay.default.svc.cluster.local
string
authentik.email.use_tls (12)
true
boolean, string
authentik.email.password (7)
string
authentik.email.use_ssl (7)
true
boolean, string
authentik.email.username (7)
string
authentik.email.timeout (1)
string
authentik.error_reporting.enabled (18)
true
boolean
authentik.error_reporting.send_pii (7)
false
boolean
authentik.error_reporting.environment (3)
string
authentik.error_reporting.sample_rate (2)
number
authentik.error_reporting.sentry_dsn (2)
string
authentik.error_reporting.enable (1)
boolean
authentik.postgresql.name (18)
authentik
string
authentik.postgresql.user (16)
authentik
string
authentik.postgresql.host (15)
string
authentik.postgresql.password (15)
${SECRET_AUTHENTIK_POSTGRES_PASSWORD}
string
authentik.postgresql.port (4)
5432
number
authentik.postgresql.enabled (2)
boolean
authentik.postgresql.s3_backup.access_key (2)
string
authentik.postgresql.s3_backup.bucket (2)
string
authentik.postgresql.s3_backup.host (2)
string
authentik.postgresql.s3_backup.secret_key (2)
string
authentik.postgresql.username (1)
string
authentik.redis.host (17)
{{ .Release.Name }}-redis-master
string
authentik.redis.password (10)

string
authentik.secret_key (15)
${AUTHENTIK_SECRET_KEY}
string
authentik.outposts.docker_image_base (13)
ghcr.io/goauthentik/%(type)s:%(version)s
string
authentik.outposts.container_image_base (6)
ghcr.io/goauthentik/%(type)s:%(version)s
string
authentik.avatars (4)
gravatar,initials
string
authentik.disable_startup_analytics (1)
boolean
authentik.geoip (1)
string
authentik.security_key (1)
string
prometheus.serviceMonitor.create (25)
true
boolean
prometheus.serviceMonitor.interval (6)
30s
string
prometheus.serviceMonitor.scrapeTimeout (6)
3s
string
prometheus.rules.create (20)
true
boolean
postgresql.enabled (24)
false
boolean
postgresql.postgresqlPassword (6)
${SECRET_AUTHENTIK_POSTGRES_PASSWORD}
string
postgresql.persistence.enabled (4)
true
boolean
postgresql.persistence.existingClaim (4)
string
postgresql.postgresqlDatabase (4)
authentik
string
postgresql.postgresqlUsername (4)
authentik
string
postgresql.metrics.enabled (3)
true
boolean
postgresql.metrics.serviceMonitor.enabled (3)
true
boolean
postgresql.global.imageRegistry (2)
string
postgresql.postgresqlMaxConnections (1)
number
postgresql.primary.podSecurityContext.enabled (1)
boolean
postgresql.primary.podSecurityContext.fsGroup (1)
number
postgresql.primary.podSecurityContext.fsGroupChangePolicy (1)
string
postgresql.primary.podSecurityContext.runAsGroup (1)
number
postgresql.primary.podSecurityContext.runAsUser (1)
number
image.repository (21)
ghcr.io/goauthentik/server
string
image.tag (21)
2023.10.4
string
image.pullPolicy (11)
IfNotPresent
string
initContainers.init-db.envFrom[].secretRef.name (11)
authentik-secret
string
initContainers.init-db.image (11)
ghcr.io/onedr0p/postgres-init:16
string
initContainers.init-db.imagePullPolicy (9)
IfNotPresent
string
initContainers.01-init-db.envFrom[].secretRef.name (1)
string
initContainers.01-init-db.image (1)
string
initContainers.01-init-db.imagePullPolicy (1)
string
envFrom[].secretRef.name (10)
authentik-secret
string
geoip.enabled (9)
false
boolean
geoip.accountId (1)
string
geoip.editionIds (1)
string
geoip.image (1)
string
geoip.licenseKey (1)
string
geoip.updateInterval (1)
number
replicas (8)
1
number
envValueFrom.AUTHENTIK_POSTGRESQL__PASSWORD.secretKeyRef.key (7)
password
string
envValueFrom.AUTHENTIK_POSTGRESQL__PASSWORD.secretKeyRef.name (7)
string
envValueFrom.AUTHENTIK_POSTGRESQL__USER.secretKeyRef.key (7)
string
envValueFrom.AUTHENTIK_POSTGRESQL__USER.secretKeyRef.name (7)
string
envValueFrom.AUTHENTIK_POSTGRESQL__NAME.secretKeyRef.key (6)
string
envValueFrom.AUTHENTIK_POSTGRESQL__NAME.secretKeyRef.name (6)
string
envValueFrom.AUTHENTIK_POSTGRESQL__HOST.secretKeyRef.key (4)
string
envValueFrom.AUTHENTIK_POSTGRESQL__HOST.secretKeyRef.name (4)
string
envValueFrom.AUTHENTIK_SECRET_KEY.secretKeyRef.key (3)
AUTHENTIK_SECRET_KEY
string
envValueFrom.AUTHENTIK_SECRET_KEY.secretKeyRef.name (3)
string
envValueFrom.AUTHENTIK_EMAIL__FROM.secretKeyRef.key (2)
string
envValueFrom.AUTHENTIK_EMAIL__FROM.secretKeyRef.name (2)
string
envValueFrom.AUTHENTIK_EMAIL__HOST.secretKeyRef.key (2)
string
envValueFrom.AUTHENTIK_EMAIL__HOST.secretKeyRef.name (2)
string
envValueFrom.AUTHENTIK_EMAIL__PASSWORD.secretKeyRef.key (2)
string
envValueFrom.AUTHENTIK_EMAIL__PASSWORD.secretKeyRef.name (2)
string
envValueFrom.AUTHENTIK_EMAIL__USERNAME.secretKeyRef.key (2)
string
envValueFrom.AUTHENTIK_EMAIL__USERNAME.secretKeyRef.name (2)
string
envValueFrom.AUTHENTIK_REDIS__PASSWORD.secretKeyRef.key (2)
string
envValueFrom.AUTHENTIK_REDIS__PASSWORD.secretKeyRef.name (2)
string
envValueFrom.AUTHENTIK_EMAIL__PORT.secretKeyRef.key (1)
string
envValueFrom.AUTHENTIK_EMAIL__PORT.secretKeyRef.name (1)
string
envValueFrom.AUTHENTIK_EMAIL__USE_TLS.secretKeyRef.key (1)
string
envValueFrom.AUTHENTIK_EMAIL__USE_TLS.secretKeyRef.name (1)
string
envValueFrom.AUTHENTIK_REDIS__URL.secretKeyRef.key (1)
string
envValueFrom.AUTHENTIK_REDIS__URL.secretKeyRef.name (1)
string
serviceAccount.create (7)
true
boolean
serviceAccount.fullnameOverride (2)
string
serviceAccount.nameOverride (2)
string
serviceAccount.serviceAccountSecret.enabled (2)
boolean
volumeMounts[].mountPath (7)
string
volumeMounts[].name (7)
string
volumeMounts[].readOnly (3)
boolean
volumes[].name (7)
string
volumes[].configMap.name (3)
string
volumes[].secret.items[].key (3)
tls.crt
tls.key
string
volumes[].secret.items[].path (3)
fullchain.pem
privkey.pem
string
volumes[].secret.optional (3)
false
boolean
volumes[].secret.secretName (3)
string
volumes[].persistentVolumeClaim.claimName (1)
string
volumes[].projected.defaultMode (1)
number
volumes[].projected.sources[].configMap.items[].key (1)
string
volumes[].projected.sources[].configMap.items[].path (1)
string
volumes[].projected.sources[].configMap.name (1)
string
worker.replicas (7)
1
number
autoscaling.server.enabled (4)
true
boolean
autoscaling.server.minReplicas (2)
number
autoscaling.worker.enabled (2)
boolean
fullnameOverride (4)
authentik
string
resources.server.requests.cpu (4)
200m
string
resources.server.requests.memory (1)
string
resources.server.limits.cpu (3)
2
string
resources.server.limits.memory (1)
string
resources.limits.memory (2)
string
resources.requests.cpu (2)
string
resources.requests.memory (2)
string
resources.worker.limits.memory (1)
string
resources.worker.requests.cpu (1)
string
resources.worker.requests.memory (1)
string
annotations."secret.reloader.stakater.com/reload" (3)
string
annotations."configmap.reloader.stakater.com/reload" (1)
string
annotations."reloader.stakater.com/auto" (1)
string
global.storageClass (3)
string
service.port (3)
number
service.enabled (2)
boolean
service.name (2)
string
service.protocol (2)
string
service.type (2)
string
affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchExpressions[].key (2)
string
affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchExpressions[].operator (2)
string
affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].preference.matchExpressions[].values[] (2)
string
affinity.nodeAffinity.preferredDuringSchedulingIgnoredDuringExecution[].weight (2)
number
controller.annotations."secret.reloader.stakater.com/reload" (2)
string
controller.annotations."reloader.stakater.com/auto" (1)
string
env.AUTHENTIK_EMAIL__PORT (2)
string, number
env.AUTHENTIK_EMAIL__USE_TLS (2)
string
env.AUTHENTIK_COOKIE_DOMAIN (1)
string
env.AUTHENTIK_EMAIL__HOST (1)
string
env.AUTHENTIK_POSTGRESQL__HOST (1)
string
env.AUTHENTIK_POSTGRESQL__SSLMODE (1)
string
env.AUTHENTIK_REDIS__DB (1)
string
env.AUTHENTIK_REDIS__HOST (1)
string
podAnnotations."secret.reloader.stakater.com/reload" (2)
string
controllers.annotations."secret.reloader.stakater.com/reload" (1)
string
kubernetesIntegration (1)
boolean
livenessProbe.enabled (1)
boolean
livenessProbe.httpGet.path (1)
string
livenessProbe.httpGet.port (1)
string
livenessProbe.initialDelaySeconds (1)
number
livenessProbe.periodSeconds (1)
number
nodeSelector.worker (1)
string
outposts.docker_image_base (1)
string
podLabels."spiffe.bloopysphere.arpa/enabled" (1)
string
podSecurityContext.fsGroup (1)
number
podSecurityContext.fsGroupChangePolicy (1)
string
podSecurityContext.runAsGroup (1)
number
podSecurityContext.runAsUser (1)
number
postgres.enabled (1)
boolean
readinessProbe.enabled (1)
boolean
readinessProbe.httpGet.path (1)
string
readinessProbe.httpGet.port (1)
string
readinessProbe.initialDelaySeconds (1)
number
readinessProbe.periodSeconds (1)
number
replicaCount (1)
number
securityContext.fsGroup (1)
number