authelia helm

Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies.

More popular helm chart found

authelia from bjw-s-labs/charts/ is more popular with 27 repositories.

Install

Install with:

helm repo add authelia oci://ghcr.io/bjw-s-labs/charts/
helm install authelia authelia/authelia -f values.yaml

Examples

See examples from other people.

Top Repositories (2 out of 6)

NameRepoStarsVersionTimestamp
autheliaauricom/home-ops2034.6.25 days ago
autheliaahgraber/homelab-gitops-k3s1084.6.225 days ago

Values

See the most popular values for this chart:

KeyTypes
controllers.authelia.strategy (6)
RollingUpdate
string
controllers.authelia.annotations."reloader.stakater.com/auto" (5)
true
string
controllers.authelia.annotations."reloader.stakater.com/search" (1)
true
string
controllers.authelia.containers.app.env.X_AUTHELIA_CONFIG (5)
/config/configuration.yaml
string
controllers.authelia.containers.app.env.X_AUTHELIA_CONFIG_FILTERS (5)
template
string
controllers.authelia.containers.app.env.AUTHELIA_SERVER_ADDRESS (4)
tcp://0.0.0.0:80
string
controllers.authelia.containers.app.env.AUTHELIA_SERVER_DISABLE_HEALTHCHECK (4)
true
string
controllers.authelia.containers.app.env.AUTHELIA_TELEMETRY_METRICS_ADDRESS (4)
tcp://0.0.0.0:8080
string
controllers.authelia.containers.app.env.AUTHELIA_TELEMETRY_METRICS_ENABLED (4)
true
string
controllers.authelia.containers.app.env.AUTHELIA_THEME (4)
dark
string
controllers.authelia.containers.app.env.AUTHELIA_NOTIFIER_SMTP_SENDER (2)
Authelia <authelia@${SECRET_DOMAIN}>
string
controllers.authelia.containers.app.env.AUTHELIA_TOTP_ISSUER (2)
authelia.com
string
controllers.authelia.containers.app.env.TZ (2)
America/New_York
string
controllers.authelia.containers.app.env.AUTHELIA_DUO_API_DISABLE (1)
true
string
controllers.authelia.containers.app.env.AUTHELIA_LOG_LEVEL (1)
info
string
controllers.authelia.containers.app.env.AUTHELIA_WEBAUTHN_DISABLE (1)
true
string
controllers.authelia.containers.app.image.repository (5)
ghcr.io/authelia/authelia
string
controllers.authelia.containers.app.image.tag (5)
4.39.15@sha256:d23ee3c721d465b4749cc58541cda4aebe5aa6f19d7b5ce0afebb44ebee69591
string
controllers.authelia.containers.app.probes.liveness.enabled (5)
true
boolean
controllers.authelia.containers.app.probes.liveness.custom (4)
true
boolean
controllers.authelia.containers.app.probes.liveness.spec.failureThreshold (4)
3
number
controllers.authelia.containers.app.probes.liveness.spec.httpGet.path (4)
/api/health
string
controllers.authelia.containers.app.probes.liveness.spec.httpGet.port (4)
80
number
controllers.authelia.containers.app.probes.liveness.spec.periodSeconds (4)
10
number
controllers.authelia.containers.app.probes.liveness.spec.timeoutSeconds (4)
1
number
controllers.authelia.containers.app.probes.liveness.spec.initialDelaySeconds (3)
0
number
controllers.authelia.containers.app.probes.readiness.enabled (5)
true
boolean
controllers.authelia.containers.app.probes.readiness.custom (4)
true
boolean
controllers.authelia.containers.app.probes.readiness.spec.failureThreshold (4)
3
number
controllers.authelia.containers.app.probes.readiness.spec.httpGet.path (4)
/api/health
string
controllers.authelia.containers.app.probes.readiness.spec.httpGet.port (4)
80
number
controllers.authelia.containers.app.probes.readiness.spec.periodSeconds (4)
10
number
controllers.authelia.containers.app.probes.readiness.spec.timeoutSeconds (4)
1
number
controllers.authelia.containers.app.probes.readiness.spec.initialDelaySeconds (3)
0
number
controllers.authelia.containers.app.probes.startup.enabled (5)
false
boolean
controllers.authelia.containers.app.probes.startup.spec.failureThreshold (1)
30
number
controllers.authelia.containers.app.probes.startup.spec.periodSeconds (1)
5
number
controllers.authelia.containers.app.resources.limits.memory (5)
128Mi
string
controllers.authelia.containers.app.resources.limits.cpu (1)
1
number
controllers.authelia.containers.app.resources.requests.cpu (5)
10m
string
controllers.authelia.containers.app.resources.requests.memory (3)
64Mi
string
controllers.authelia.containers.app.envFrom[].secretRef.name (4)
authelia-secret
string
controllers.authelia.containers.app.securityContext.allowPrivilegeEscalation (2)
false
boolean
controllers.authelia.containers.app.securityContext.capabilities.drop[] (2)
- ALL
string
controllers.authelia.containers.app.securityContext.readOnlyRootFilesystem (2)
true
boolean
controllers.authelia.containers.main.image.repository (1)
ghcr.io/authelia/authelia
string
controllers.authelia.containers.main.image.tag (1)
4.39.15
string
controllers.authelia.containers.main.probes.liveness.enabled (1)
true
boolean
controllers.authelia.containers.main.probes.readiness.enabled (1)
true
boolean
controllers.authelia.containers.main.probes.startup.enabled (1)
true
boolean
controllers.authelia.containers.main.probes.startup.spec.failureThreshold (1)
30
number
controllers.authelia.containers.main.probes.startup.spec.periodSeconds (1)
5
number
controllers.authelia.containers.main.resources.requests.cpu (1)
1m
string
controllers.authelia.containers.main.resources.requests.memory (1)
50Mi
string
controllers.authelia.replicas (5)
2
number
controllers.authelia.initContainers.init-db.image.repository (3)
ghcr.io/home-operations/postgres-init
string
controllers.authelia.initContainers.init-db.image.tag (3)
18.2.0@sha256:ae89578925b480f5972f237dda2f7a37efe36aff500d3e7bd1d3a6a3181e4191
string, number
controllers.authelia.initContainers.init-db.envFrom[].secretRef.name (2)
authelia-secret
string
controllers.authelia.pod.enableServiceLinks (2)
false
boolean
controllers.authelia.pod.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1)
{{ .Release.Name }}
string
controllers.authelia.pod.topologySpreadConstraints[].maxSkew (1)
1
number
controllers.authelia.pod.topologySpreadConstraints[].topologyKey (1)
kubernetes.io/hostname
string
controllers.authelia.pod.topologySpreadConstraints[].whenUnsatisfiable (1)
DoNotSchedule
string
controllers.authelia.defaultContainerOptions.envFrom[].secretRef.name (1)
authelia-secret
string
controllers.authelia.defaultContainerOptions.securityContext.allowPrivilegeEscalation (1)
false
boolean
controllers.authelia.defaultContainerOptions.securityContext.capabilities.drop[] (1)
- ALL
string
controllers.authelia.defaultContainerOptions.securityContext.readOnlyRootFilesystem (1)
true
boolean
controllers.authelia.defaultContainerOptionsStrategy (1)
merge
string
persistence.config.globalMounts[].path (6)
/config/configuration.yaml
string
persistence.config.globalMounts[].subPath (6)
configuration.yaml
string
persistence.config.globalMounts[].readOnly (5)
true
boolean
persistence.config.name (6)
authelia-configmap
string
persistence.config.type (6)
configMap
string
persistence.config.enabled (2)
true
boolean
persistence.data.existingClaim (2)
authelia
string
persistence.data.globalMounts[].path (2)
/data
string
persistence.tmp.type (2)
emptyDir
string
persistence.secret-files.globalMounts[].path (1)
/config/secret
string
persistence.secret-files.name (1)
authelia-secret
string
persistence.secret-files.type (1)
secret
string
persistence.secrets.globalMounts[].path (1)
/config/secrets
string
persistence.secrets.globalMounts[].readOnly (1)
true
boolean
persistence.secrets.type (1)
custom
string
persistence.secrets.volumeSpec.projected.sources[].secret.name (1)
authelia
authelia-session
string
service.app.ports.http.port (5)
80
number
service.app.ports.http.primary (2)
true
boolean
service.app.ports.metrics.port (5)
8080
number
service.app.ports.metrics.enabled (1)
true
boolean
service.app.controller (3)
authelia
string
service.main.controller (1)
authelia
string
service.main.ports.http.port (1)
9091
number
serviceMonitor.app.endpoints[].interval (5)
1m
string
serviceMonitor.app.endpoints[].path (5)
/metrics
string
serviceMonitor.app.endpoints[].port (5)
metrics
string
serviceMonitor.app.endpoints[].scheme (5)
http
string
serviceMonitor.app.endpoints[].scrapeTimeout (5)
10s
string
serviceMonitor.app.enabled (3)
true
boolean
serviceMonitor.app.serviceName (3)
authelia
string
defaultPodOptions.securityContext.runAsGroup (4)
568
number
defaultPodOptions.securityContext.runAsUser (4)
568
number
defaultPodOptions.securityContext.runAsNonRoot (3)
true
boolean
defaultPodOptions.securityContext.fsGroup (2)
568
number
defaultPodOptions.securityContext.fsGroupChangePolicy (2)
Always
string
defaultPodOptions.securityContext.seccompProfile.type (2)
RuntimeDefault
string
defaultPodOptions.enableServiceLinks (3)
false
boolean
defaultPodOptions.automountServiceAccountToken (1)
false
boolean
defaultPodOptions.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1)
authelia
string
defaultPodOptions.topologySpreadConstraints[].maxSkew (1)
1
number
defaultPodOptions.topologySpreadConstraints[].topologyKey (1)
kubernetes.io/hostname
string
defaultPodOptions.topologySpreadConstraints[].whenUnsatisfiable (1)
DoNotSchedule
string
route.app.hostnames[] (2)
- auth.${SECRET_DOMAIN}
string
route.app.parentRefs[].name (2)
envoy-external
string
route.app.parentRefs[].namespace (2)
network
string
route.app.parentRefs[].sectionName (1)
https
string
route.app.rules[].backendRefs[].port (2)
80
number
route.app.rules[].backendRefs[].identifier (1)
app
string
route.app.rules[].backendRefs[].name (1)
authelia
string
route.app.rules[].filters[].requestHeaderModifier.add[].name (1)
Cache-Control
Pragma
X-Frame-Options
X-XSS-Protection
string
route.app.rules[].filters[].requestHeaderModifier.add[].value (1)
no-store
no-cache
SAMEORIGIN
1; mode=block
string
route.app.rules[].filters[].type (1)
RequestHeaderModifier
string
route.app.annotations."gatus.home-operations.com/endpoint" (1)
conditions: ["[STATUS] == any(200,401)"]
string
route.main.hostnames[] (2)
- auth.rphilipsen.nl
string
route.main.parentRefs[].name (2)
external
string
route.main.parentRefs[].namespace (2)
network
string
route.main.parentRefs[].sectionName (1)
https
string
route.main.rules[].backendRefs[].name (2)
authelia
string
route.main.rules[].backendRefs[].port (2)
9091
number
route.external.hostnames[] (1)
- auth.${SECRET_DOMAIN}
string
route.external.parentRefs[].name (1)
envoy-external
string
route.external.parentRefs[].namespace (1)
network
string
route.external.parentRefs[].sectionName (1)
https
string
route.external.rules[].backendRefs[].identifier (1)
app
string
route.external.rules[].backendRefs[].port (1)
9091
number
route.external.rules[].matches[].path.type (1)
PathPrefix
string
route.external.rules[].matches[].path.value (1)
/
string
route.internal.annotations."external-dns.alpha.kubernetes.io/controller" (1)
none
string
route.internal.hostnames[] (1)
- auth.${SECRET_DOMAIN}
string
route.internal.parentRefs[].name (1)
envoy-internal
string
route.internal.parentRefs[].namespace (1)
network
string
route.internal.parentRefs[].sectionName (1)
https
string
route.internal.rules[].backendRefs[].identifier (1)
app
string
route.internal.rules[].backendRefs[].port (1)
9091
number
route.internal.rules[].matches[].path.type (1)
PathPrefix
string
route.internal.rules[].matches[].path.value (1)
/
string
ingress.app.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (1)
add_header Cache-Control "no-store"; add_header Pragma "no-cache"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block";
string
ingress.app.annotations."nginx.ingress.kubernetes.io/cors-allow-origin" (1)
*
string
ingress.app.annotations."nginx.ingress.kubernetes.io/enable-cors" (1)
true
string
ingress.app.className (1)
external
string
ingress.app.hosts[].host (1)
auth.mcgrath.nz
string
ingress.app.hosts[].paths[].path (1)
/
string
ingress.app.hosts[].paths[].service.identifier (1)
app
string
ingress.app.hosts[].paths[].service.port (1)
http
string
ingress.app.tls[].hosts[] (1)
- auth.mcgrath.nz
string