Skip to content

Commit

Permalink
feat(kubernetes): install authelia
Browse files Browse the repository at this point in the history
  • Loading branch information
@martinohmann
martinohmann committed Dec 28, 2023
1 parent 8ed3982 commit 4f9548a
Show file tree
Hide file tree
Showing 7 changed files with 299 additions and 2 deletions.
151 changes: 151 additions & 0 deletions kubernetes/apps/default/authelia/app/helmrelease.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.18b.haus/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: &app authelia
spec:
interval: 30m
chart:
spec:
chart: app-template
version: 2.4.0
sourceRef:
kind: HelmRepository
name: bjw-s
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 3
uninstall:
keepHistory: false
dependsOn:
- name: lldap
namespace: default
- name: redis
namespace: database
values:
controllers:
main:
replicas: 2
strategy: RollingUpdate
annotations:
reloader.stakater.com/auto: "true"
initContainers:
init-db:
image:
repository: ghcr.io/onedr0p/postgres-init
tag: 16
envFrom: &envFrom
- secretRef:
name: authelia
containers:
main:
image:
repository: ghcr.io/authelia/authelia
tag: v4.38.0-beta3@sha256:9ad7df91dfec75d2f46d544e3128215b755ee78550b4ed0ed995b5a3fad35458
env:
AUTHELIA_SERVER_ADDRESS: tcp://0.0.0.0:80
AUTHELIA_SERVER_DISABLE_HEALTHCHECK: "true"
AUTHELIA_TELEMETRY_METRICS_ADDRESS: tcp://0.0.0.0:8080
AUTHELIA_TELEMETRY_METRICS_ENABLED: "true"
AUTHELIA_THEME: light
X_AUTHELIA_CONFIG: /config/configuration.yaml
X_AUTHELIA_CONFIG_FILTERS: expand-env
envFrom: *envFrom
probes:
liveness: &probes
enabled: true
custom: true
spec:
httpGet:
path: /api/health
port: &port 80
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
readiness: *probes
startup:
enabled: false
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities: { drop: ["ALL"] }
resources:
requests:
cpu: 10m
memory: 32Mi
limits:
memory: 128Mi
pod:
enableServiceLinks: false
securityContext:
runAsUser: 568
runAsGroup: 568
runAsNonRoot: true
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app.kubernetes.io/name: *app
service:
main:
ports:
http:
port: *port
metrics:
port: 8080
serviceMonitor:
main:
enabled: true
endpoints:
- port: metrics
scheme: http
path: /metrics
interval: 1m
scrapeTimeout: 10s
ingress:
main:
enabled: true
className: external
annotations:
external-dns.alpha.kubernetes.io/target: external.18b.haus
hajimari.io/icon: simple-icons:authelia
nginx.ingress.kubernetes.io/configuration-snippet: |
add_header Cache-Control "no-store";
add_header Pragma "no-cache";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
hosts:
- host: &host "{{ .Release.Name }}.18b.haus"
paths:
- path: /
service:
name: main
port: http
- host: &customHost auth.18b.haus
paths:
- path: /
service:
name: main
port: http
tls:
- hosts:
- *host
- *customHost
persistence:
config:
enabled: true
type: configMap
name: authelia
globalMounts:
- path: /config/configuration.yaml
subPath: configuration.yaml
readOnly: true
15 changes: 15 additions & 0 deletions kubernetes/apps/default/authelia/app/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./secret.yaml
- ./helmrelease.yaml
configMapGenerator:
- name: authelia
files:
- configuration.yaml=./resources/configuration.yaml
generatorOptions:
disableNameSuffixHash: true
annotations:
kustomize.toolkit.fluxcd.io/substitute: disabled
68 changes: 68 additions & 0 deletions kubernetes/apps/default/authelia/app/resources/configuration.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
---
authentication_backend:
password_reset:
disable: true
refresh_interval: 1m
ldap:
address: ldap://lldap.default.svc.cluster.local:389
implementation: custom
timeout: 5s
start_tls: false
base_dn: dc=home,dc=arpa
additional_users_dn: ou=people
users_filter: (&({username_attribute}={input})(objectClass=person))
additional_groups_dn: ou=groups
groups_filter: (member={dn})
group_search_mode: filter
user: uid=admin,ou=people,dc=home,dc=arpa
password: password
attributes:
username: uid
display_name: displayName
mail: mail
member_of: memberOf
group_name: cn

session:
same_site: lax
inactivity: 5m
expiration: 1h
remember_me: 1M
cookies:
- name: 18b_session
domain: 18b.haus
authelia_url: https://auth.18b.haus
default_redirection_url: https://18b.haus
redis:
host: redis.database.svc.cluster.local
database_index: 10
high_availability:
sentinel_name: redis-master
nodes:
- host: redis-node-0.redis-headless.database.svc.cluster.local
port: 26379
- host: redis-node-1.redis-headless.database.svc.cluster.local
port: 26379
- host: redis-node-2.redis-headless.database.svc.cluster.local
port: 26379

notifier:
disable_startup_check: true
smtp: {}

totp:
disable: true
issuer: authelia.com

webauthn:
disable: true

duo_api:
disable: true

access_control:
default_policy: one_factor
networks:
- name: internal
networks: ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]
rules: []
26 changes: 26 additions & 0 deletions kubernetes/apps/default/authelia/app/secret.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
---
apiVersion: v1
kind: Secret
metadata:
name: authelia
stringData:
AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: "${SECRET_LLDAP_LDAP_USER_PASS}"
AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET: "${SECRET_AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET}"
AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY: "${SECRET_AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY}"
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET: "${SECRET_AUTHELIA_JWT_SECRET}"
AUTHELIA_NOTIFIER_SMTP_HOST: "${SECRET_AUTHELIA_NOTIFIER_SMTP_HOST}"
AUTHELIA_NOTIFIER_SMTP_PASSWORD: "${SECRET_AUTHELIA_NOTIFIER_SMTP_PASSWORD}"
AUTHELIA_NOTIFIER_SMTP_PORT: "${SECRET_AUTHELIA_NOTIFIER_SMTP_PORT}"
AUTHELIA_NOTIFIER_SMTP_SENDER: "${SECRET_AUTHELIA_NOTIFIER_SMTP_SENDER}"
AUTHELIA_NOTIFIER_SMTP_USERNAME: "${SECRET_AUTHELIA_NOTIFIER_SMTP_USERNAME}"
AUTHELIA_SESSION_SECRET: "${SECRET_AUTHELIA_SESSION_SECRET}"
AUTHELIA_STORAGE_ENCRYPTION_KEY: "${SECRET_AUTHELIA_STORAGE_ENCRYPTION_KEY}"
AUTHELIA_STORAGE_POSTGRES_DATABASE: &dbName authelia
AUTHELIA_STORAGE_POSTGRES_ADDRESS: &dbHost postgres16-rw.database.svc.cluster.local
AUTHELIA_STORAGE_POSTGRES_USERNAME: &dbUser "${SECRET_AUTHELIA_STORAGE_POSTGRES_USERNAME}"
AUTHELIA_STORAGE_POSTGRES_PASSWORD: &dbPass "${SECRET_AUTHELIA_STORAGE_POSTGRES_PASSWORD}"
INIT_POSTGRES_DBNAME: *dbName
INIT_POSTGRES_HOST: *dbHost
INIT_POSTGRES_USER: *dbUser
INIT_POSTGRES_PASS: *dbPass
INIT_POSTGRES_SUPER_PASS: "${SECRET_POSTGRES_SUPER_PASSWORD}"
23 changes: 23 additions & 0 deletions kubernetes/apps/default/authelia/ks.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.18b.haus/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app authelia
namespace: flux-system
spec:
targetNamespace: default
commonMetadata:
labels:
app.kubernetes.io/name: *app
dependsOn:
- name: cloudnative-pg-cluster
path: ./kubernetes/apps/default/authelia/app
prune: true
sourceRef:
kind: GitRepository
name: home-kubernetes
wait: false
interval: 30m
retryInterval: 1m
timeout: 5m
1 change: 1 addition & 0 deletions kubernetes/apps/default/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./namespace.yaml
- ./authelia/ks.yaml
- ./external-apps/ks.yaml
- ./hajimari/ks.yaml
- ./home-assistant/ks.yaml
Expand Down
17 changes: 15 additions & 2 deletions kubernetes/flux/vars/cluster-secrets.sops.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,19 @@ metadata:
namespace: flux-system
stringData:
SECRET_ACME_EMAIL: ENC[AES256_GCM,data:USAq2VMuuK6aldyw31M0xPDsAGWRMXXZoRijLAu8t3Pe6pYnHF4=,iv:LfiGlBVn+NApPDtWEGsWXV3LrsuY7riMrFco0Nb6LmA=,tag:+dEFJ8vWcoC/oUakUGHFMg==,type:str]
SECRET_AUTHELIA_NOTIFIER_SMTP_HOST: ENC[AES256_GCM,data:QMuJuREyOEdERkF7ivc=,iv:lj4kbIinQmvCQjY1CRqTkVMcHxvT4YMK0JX6dLsoAFE=,tag:kcdgUpom8+ARcXlluqUF7w==,type:str]
SECRET_AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET: ENC[AES256_GCM,data:iQuBNToPnmATREYLP8eLpKMeZqNgmPcCcdHEHCOjER1gpVeVCp0q53t6Bfm2oIqhphVqgkc9rxdvw8SXjqLPvv1RdkeNwNfE0QBPWOBCWd24AkVEXUeVTaTJIuKkfUNqEZDNC4Tif/6xD2svYHqPgTKVBeAaQp8kUmK2vfanvX0=,iv:siMbhVgNWYFFqyT9EEK+5Dfky24zfDB1Ttv69nJvROU=,tag:zY3ktZcqgJgTF2GZLHE51A==,type:str]
SECRET_AUTHELIA_IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY: ENC[AES256_GCM,data:AT+guf1rhdoTJduhcALuXYsucxEOHwxVmLujTCoyZ8TiUXh99KYh03SEjPoGs6IC7ZCC0ONu9MpeCO8uB5ZPFZCte8My3yxpEB557HN8EjboIgJ338ngPReM9EVUIicTMY7+c6JSHgCh2FeqHfhj/xBcXXTWsAo5dOQMtC7riYK1Z3OUREnx1o+WwPum5Ra6uMru3rCBGHE/ptzu7UMtCTgyWC6g7HdlmOLg8Ij+BO76geysIMw1SzylO67OQ1QVzhHDP2zT+e0y4/eNaaCfL+ZSlOIue3HWUjO6OKL9EUEwolKZ58OtbrEiMcf7uUkn1YZkGuukNVI+MYBiPRKnJqlo1PqO8AJPa6n6/Cl9wo6eD7u1OewlEkkkjrkvyw05RwYXj+teLHgdLZINxbxLE8O2FP7H0G/u9VLOyjqVacqYTtktURoTGwujo0czV2d8Sesp+iNedlSdzGRW9CkcCYzPRy85VNrUsgQ5Zkpu89ZKhUH0W00yQWVbfbiOEDhulM3z7hn/7lUTZsGgsBewlEEfJuWCxB7m8Ik2O7JLP0mlDu/fQkzPyKZsaRi7sxhIXIXU82fYeuylklvEgodzUeuxnmWJ4fQJ5FxmoWzf+m45oHZaXGJxeZrdx824hwI7LVLK6wimrD77hWMaJ1uddEwVIGXv5ItK++5Tup+jLLKpBn7ihyf0gmpZht4ta1wYtamtsPCJ4vjeiNt4VekllEBckutPwWblP37TfZlvNgwbBjnTE2+JfRedsAq4Aycdc42+9oie5SUuSdLX7aBAXJ9vwX1GMZR05WNYt1uodImqV+JzCeuMN9APSdmCJ9KYnSoa6H4uuRstwBLLEWu0dXfkCtQ0aZm5+DKcCQ7eSWYs5rBrYcoWeaHFEccZg31uW1KYfMiGblzgaLGiqIOBaVRzPbIz56RBgI87DxTnpvh2MwXwPTXf08pcmIPjrKTFso32BjUOpsQ9Y5ED9nZUrel8Dvt/FvikmENL9RPPlfsMc0anYbI1LL3+2hDoKV22+ANqXkBFCuNSX5W3UDCAi0p8eNwo3K2/cf3yzLyuWLJ/mL5gzM6/TmBlVVFuNy9N2n2DIc8SDriGmfXVQnYh5TT4psh1PlnNvquwHUZdCmIi5rTNoII8Kkkpw8HLti8CeD5hbdN7gChhL1UbQfYSDLjlCrHSMgpEIGNZwoFMe2JGzgmFRLYqcuxfX8gPjnFcSOHvZ3VDsXMUSXP7mewz7Yigc3PYgBE9mY+rzm6R2PoGC7oIxnWPHH1RAmerRTzB2YambIDfXYWf/fMBthuxgB7lr1i0KLZRTlRHO3o0VG9ojxNc4RaKY/OKqROmvViohCpI49K8uiFIl5+XgXUV4+0I+on3hdV07BwUQKGTWtJbxN29I4nm5aNbSwSMCYRPy2Ru4RBO7A3glACD98UvPOn01JGSv9Sbt1GaoSIkYJx1FoXf8/w1VbhyqBfkfpgkbJ3nu5UFVaqIGhDY6wCzTTwlbxW/BX6MWXo9rvoY5aLtiwGW2AujZGxye/GJUWLI3Rxjxg5b+CjuPUbYL88aU2JtINf7BV3llh1l6XB8peryrPDPmJpJhq02Cd62W5lNfLShiBDh4b2cFwTLb6G5B3cPh9FeZNG6E/tcI1+E+RYUMY5WI0KTxYRQeXs2bV6DmxFvuMDgiPsU+an5LlL4rkmRhbnyHpeO9afzf2yupEQsgt3Q2f6Z/a2oPDplCa6nNKy76WUh6UFNfhaOvH2/+0Jrq9O0eJRIwp8MfHTKQnbWKW876MVQ7Ucc/pKzusqTW0N2+Z+8G23GIRaYPm3lQ1EsqlncrUvT8P/dgoMWQCS0oqlZXcdnAVuzygCiXDIff4mCvd8XTglTB6XfDaZUTPU0XWSR93Og+zg3+ob663kW7jiK7IJHLunuRGyx2ZdIeYD92R7gGrfzd3oMR3Iy85bMIUbQwytg8Sc4Q9fUbvlSe08OLfPIjTmlWgiuAnjNCYen+1EBXUyAA5bHuElojcKvdq7vmRvWlphbyD4Ms5gvheVK+q3iwkgNvG+hR4uWJvWq2ugFs85+VFtRL2gHFAxF0PYcpkrRvFRSVP2kV09wmtcQPPQgMdG2q9NH4JkdRsV5FEUx+4WGhJuxk/iZCett8K+KcENwmGqm7ro9E5mj5TbtTQ7RUDFjiHCZ8CchJAzy49W3x++ykS4hqoQu0tRC2yh7AU28YszP4aHwrhiEUxoHXGQ0iDHgzVc/EYSy0XWbKoHBuqhBfmMsze+TkDQrSJTy8wpMLpoO7/skTEPqZcYk4XRwPQtb/AgXUAGIVh5D3a0v8bytN6UeIwaKrEAME6TcrDMlWxxKSKOCOpHF4rYmhDX6SR/Y5rAiXTTb+9S9ZxQvbFlO7+zL6tzGy7kOodg23iPfefOWDXfjuWMR2sArjKs4wWDko/4MfPFF76XKYpsUJLsOniioW/FHgUZwp1E3OANsA2woGsNv2Nk2mx9+nlH8QUbGS0M6p8V9Hlkbmg48JClgrsIlIESZ6DhUL0aO6rSRNgLyNgD19vRja43jZRyzL9eFMCWx61igaifuRv1nKF+R2Pi9WJEsjuDBL9lKY0MammOdtUi6Mng3YnefpE+DQr0c99xbfWBxwXuTyauTEUdqedQ2GP7wXdEkXjNjIxgSPTkwHRQxOdO+RkqRE9kDPTVB6F+N94QRMB0pWL+gUs64tXWz7i/mueXgl3Une+nWwS+/i+hJaY6bDW5BLruPxqCPQArnv5Ef5V64UncG86sat5E+7EZjCaWN7KdP2jf9hvOH3XHlXGljS1wIkT4Uq/8HZ6kLzPgGu3zdn80shfF7IdEjcyerFQ6FLqGtTsuo6Sc2Pci3w9k22GnqC0RxKZ6cxALdAfvbWQEthPpqo1dUADWe+kgeYZLjQGdW6xDuVYfbJBSQkcsRhLU0O79oQ4Ci/2HfyWo9BeQAkVD2oIGO1tuJB8bHDVkOEgfp2Y5k65ZXr0WHR1IY2d2AqXQzBYXBJN7z7wENveecUdqxVotwBzyhW2IbEINlg8fEik31S8GLSrK3f9KWh99qPaUYwuDhgTW/2S38JEjGrasm41Z7o6nnZZvpBpR3f/31OXYMZbPpsvnR5R5YMK4MbC71v5NSfzmV1TUWYfqUfiMDUreOqEGtH3Tk+pQzVddpelWUmQ7UPlAcsX3cnHJp1VQVNztErIMZKHbJaUXz8QKGAxYB+0WhphZshvr09yTK7o8/vMPMf1RtT4+FeKShONNl/kxKFPxYcDWrl+Omhl1WxrULLGyY+AlD9wkGpBoU8fg/oM7EiyrC2doSUddnTJr798TUGFZs+6/jtjshvqfL2J0p41Tyd3FOg1bPJgsCh2lO4TAYGEaIswwiDCe1IRL3OUOEbxJo3pQ1unjTPdc3KDG3RAPhxszLHp86JNHQphyAuGqD2dd1i71eleNP6VcPj/J5B3M/XiY1t6E+4JGI0jx09dEMyoWsnlUt6d/DORPE5L4AkxmT01BeJDGYikluc8vW0Gq8xTrCzKKFmzs+vrPurFTlSkpng+LKrcgGVzTfttzOH5PvOikwobNvgXNbT72M7Toet5Q7uDy9WvV5Mnu9xXbSEKxiZwtbHPMHYIQmW3tKcPdrYJCmI2d7OecZmsSPwfM6bAznR+TzpdweP7hU5fsBy+Cs8GQi9SuRY4HfBEiww5vvyxH2w/UrbXQc3PshvB+s1OKognmdpa0PqVntaCH7PGE98wyokq8GrV4beMk+QXD9yvSJ8lZX3gL5VkZmbnRTlp5K9Nkxv3FHjqe1zbbWMIamv208I16g4jRUpHzx6uqBin+wpfIy8vXkU+UUzj7xuKKNM34Y5XIC08Dpts5enPATThCy9M2a8pL4uM4bzoTWwEnwzE90aWHGsnITtHujhCF20Cx3IPB//SueDc1bGi8OlnPPT5T0TcDcqRqpNPi+Z4SWlWSpnjr7XCJ3Th2dg/XSqhxtilVFsPeKC9Oy9ztqrsO5S5IxANAqjVxpnJ+r4LRwLflu3V1aACmAX7K03EqU0lhYA8deo43EVJ6v2ZbixnBVqLqNrNyurV5QoZH2rwzIcrFKVKvQpheDEGbXANtGkWU595wWtRCBrj9jpPXlhKfpenQxc2Kt3uXPv+09O2uW33f/HMwVrwDeHgMmLGcpvH5jPOzE18dlm3i2ErFV7zqJ/xT+Mb73IY48gcSIrus0i4JWPvQmAwsmUU6+mooIUo0ypQP8yZIfd49tod4Tpaqeok5p/6BlNH+H1lKG185W1ZX87EXmMIZom91KbxVDR/yyl5fX6A7TVLQtRRAYQJfF9QRmcVeIT/2TBMpePvszWxGM9A8h+9OonIL3nF+5D4AmZiMc+Ww=,iv:T86uKscj5Ds6C2XNnTAe32FOAkB9nOIS4BMe8GFHOFs=,tag:bo73YDIZh9Fd9DGI6piskw==,type:str]
SECRET_AUTHELIA_JWT_SECRET: ENC[AES256_GCM,data:lopHslqnpu+fY0jvejehY4dlSixWLi3rQ6hyaVCo3nvFBRR1/dheX7MoH7nfJBdTe+XOwh6bXON1iuzzF3hQapZ9hZ++0/O237Ovzk8rqaEyBXSxRa1QtG9boXdnMqGF3bXtQ9DN1I2dq5yMA6EZzp9jMY2ehJfzY0x+HWsGuls=,iv:SjImVK3Vsa/1tvuqfMjjhJcCZS+saxqLurDq4+uQtCI=,tag:mJw9zQItcGe2HGEUqcNpLg==,type:str]
#ENC[AES256_GCM,data:jPioiuqHrQBrH5/3ioQFCWBDk5eVxzQpfFLCv0FN+zTZGWuaqgLVHnd905XOBHAF,iv:MowW9Xcto6ZnjPrc0UCkNgldfC1JcgxpPs1hlsGtKMo=,tag:fnEeqHx1ivZetJU/LgfUuw==,type:comment]
SECRET_AUTHELIA_NOTIFIER_SMTP_PASSWORD: ENC[AES256_GCM,data:S8Zq9zE56yyTmdPzXkIF3Q==,iv:+t08nyeI0/TWjkYPW8fHkB++4HFQJ+SIGr1mSsFrzgk=,tag:8aPYL0wzbrj3nOnjnMVPSQ==,type:str]
SECRET_AUTHELIA_NOTIFIER_SMTP_PORT: ENC[AES256_GCM,data:6hfD,iv:p9FfKX3ubug/IsipLoGhn8sAXVApKDaG/kS/Sk8RBMA=,tag:vA4tQJmk2FX20eusLAnSpQ==,type:str]
SECRET_AUTHELIA_NOTIFIER_SMTP_SENDER: ENC[AES256_GCM,data:4R/uS5YgZKA185k+LOFXVCM=,iv:hq0PeVSZMXQwBciWd/MecC7Gw3Z/YSzFFVQKi4oZbF0=,tag:inGSYtS30w1pqULXNyv6Xg==,type:str]
SECRET_AUTHELIA_NOTIFIER_SMTP_USERNAME: ENC[AES256_GCM,data:2/ak6520zXDH3Ln7W6EehmUeoc69pA==,iv:+Jd4lkBO6YFtIBNRS3VWbv0yckpLGxwYit7MNKNx4qw=,tag:KzHfpXQ4dkTMNT9qlFuRUg==,type:str]
SECRET_AUTHELIA_SESSION_SECRET: ENC[AES256_GCM,data:pocfklT3+1EhdzR3gSgaup8TmmqfWycXxdA4Oj+l0P5vBWJAXrqrDDNhVRDUDq1afkFCelRhhii6q1P48sjHKtJiZz+1OmLkSDC4TMpEntAMYU7VdYEnY31mOPT3Os/6+tTBFk/mB+YSWtJ9YPAaHmtcVOO4lDILCuk8EX1ESzo=,iv:iCOQj6tDG5njWlWMHpJipZZcOZDMGeRaj9WuSaHA9Yg=,tag:axrSAxuoRnfMXGVWX8ZIjg==,type:str]
SECRET_AUTHELIA_STORAGE_ENCRYPTION_KEY: ENC[AES256_GCM,data:E3YILL7wY3QrSNA8ZKw38q72/3AFBwBmhbGoc7gM37W0Td/sMRJyNJkqZzV5mihwpZIvwXtH7jLzNeYG6cts+mlDJzqlG+0u1NrxnhmBSNRpf9yKFjj4ZTpRlVIIdnzUuegdZJGUcv9ZZM1bTLvEQnfamMR9WmYX33aIQ4RrKiI=,iv:8D3GawNAj6qSLXNLyzsUkTEfH4BJjy3nSaNLYKdI+TA=,tag:HEz0mKhk6KOdK1fRzRIsPw==,type:str]
SECRET_AUTHELIA_STORAGE_POSTGRES_PASSWORD: ENC[AES256_GCM,data:8+Xy4LYgKqjqGB+kG0VjFHSFRBoXotSb,iv:G5K+esPzYZTH5jmMH19r1WKeDamMkmyvjIiHat5+Ik0=,tag:2zua1RBcWITwKXsd84jsXg==,type:str]
SECRET_AUTHELIA_STORAGE_POSTGRES_USERNAME: ENC[AES256_GCM,data:uodbMfqUFdI=,iv:J1PmpYovJgfL9xEQG64LcHnOcFgsetC0o5O6Rgc2a6k=,tag:Aw0E1nqzRB4OI/HBF7iBsg==,type:str]
SECRET_CLOUDFLARE_TUNNEL_ID: ENC[AES256_GCM,data:/CnIAnfEwUN1Ap8dqes0WUrMFfQP1X9WKiNy+yeRnjYghj1I,iv:6n5bg8KsvNuSWaMfskOPUJ9GaWWc6NXeHfyrKVPN1LI=,tag:fTbP+4Zcq59F/DaP3QlyPw==,type:str]
SECRET_CLOUDNATIVE_PG_MINIO_ACCESS_KEY_ID: ENC[AES256_GCM,data:FqZo9SLHZXLX2pzNWco=,iv:kOf9BwCF1ohT03mgRITuDIzj1cUIde/bvXL632YxttM=,tag:pwjLJ/vafObaDrnyZ4/j/A==,type:str]
SECRET_CLOUDNATIVE_PG_MINIO_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:iO5NoNCg5OOqeU3lmm7evcvf+ZelDgg7ynUCNVzSE1GSoGwuxi5H2sz5nMdCQ7MpXwTvMCzMr5Y=,iv:FzPTfrgl3ETtvkl9nflOzcJXNOtrnvkMXf/pcWlJRW8=,tag:kTQveggHnpLgZlOzEAUT0Q==,type:str]
Expand Down Expand Up @@ -38,8 +51,8 @@ sops:
ckhSSHhTelhwQmRyZGhMcSthR2p1YjgK5NR2/Pzwgp7YVVx4o8QmZ82+PXVmKx+M
sz/72X8laFp1M8Tp8gc1csFh2VhnjS7gLdqrJJ6ozYoWh/mSdxp8VQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-12-28T11:14:26Z"
mac: ENC[AES256_GCM,data:bGXsnD+u7V2p4aDT5VWDfAy7Q2AFp5ZjydPtKHYPuslTMg00MyCMxQbsiZ+lxMbc8Gme3dn1aPucrTFPUsLQ/sU3CwyDxBinjLtKSMqQQCyzaKKeHxyLS91cqLE3ZYyXzR7ZbXihjd1TN/DETKew7s5aTHc6Fy5TloXXfKqYAag=,iv:XgKu6UBoOszREIzWjhKSeXUG+aDkeHufpv+Op/J0xs0=,tag:WkhIBXYjyDNVOVQSlQd5lA==,type:str]
lastmodified: "2023-12-28T12:12:14Z"
mac: ENC[AES256_GCM,data:r6zCaqTY61nwm5Dmuow+5i845jAF2q955fox7XNowVR46CVnu/760PVLxu3x7mH3FPPrZYBgMuieeCkEkTdSftAPH38Ip/QwYfN8FoWH9v3Z6PDgdJkuWOelmUekKnrVhVac1cOUuj9qdOsQGdKkglwZvteXYd1DH2UQD2Ii+JI=,iv:iQEBtoeafOxEoo9C9DGNaGaxmH4j/vMduBbXRLqLwUA=,tag:0hUzUiEcCiCFrtc8ongQ3Q==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.8.1

0 comments on commit 4f9548a

Please sign in to comment.