instructiones

apps/authelia/README.md

@@ -0,0 +1,3 @@
+### Apply new config
+
+$ kubectl -n live-infra create configmap authelia-config --from-file=configMaps/ -o yaml --dry-run |kubectl apply -f -

apps/authelia/configMaps/configuration.yml

@@ -7,14 +7,14 @@
 ## Certificates directory specifies where Authelia will load trusted certificates (public portion) from in addition to
 ## the system certificates store.
 ## They should be in base64 format, and have one of the following extensions: *.cer, *.crt, *.pem.
-# certificates_directory: /config/certificates
+certificates_directory: /etc/pki/pki
 
 ## The theme to display: light, dark, grey, auto.
 theme: dark
 
 ## The secret used to generate JWT tokens when validating user identity by email confirmation. JWT Secret can also be
 ## set using a secret: https://www.authelia.com/docs/configuration/secrets.html
-jwt_secret: a_very_important_secret2
+jwt_secret: hAnFzapSCusyF2W83JAg6PRqc6v7iQvN7sP3PQ70HAbPBshJzAMz 
 
 ## Default redirection URL
 ##
@@ -60,10 +60,10 @@ server:
   ## Authelia by default doesn't accept TLS communication on the server port. This section overrides this behaviour.
   tls:
     ## The path to the DER base64/PEM format private key.
-    key: ""
+    key: "/etc/pki/private.key"
 
     ## The path to the DER base64/PEM format public certificate.
-    certificate: ""
+    certificate: "/etc/pki/auth.lan.crt"
 
 ##
 ## Log Configuration

apps/authelia/deployment.yaml

@@ -34,6 +34,8 @@ spec:
               mountPath: /config-nfs
             - name: authelia-config
               mountPath: /config
+            - name: pki
+              mountPath: /etc/pki
           ports:
             - name: http
               containerPort: 9091
@@ -64,6 +66,10 @@ spec:
           items:
           - key: configuration.yml
             path: configuration.yml
+      - name: pki
+        hostPath:
+          path: /etc/pki
+          type: Directory
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim