remove authentik

2022-09-21 15:35:13 +02:00 · 2022-09-21 15:35:13 +02:00 · 557f735a79
parent 26c0bdeda6
commit 557f735a79
11 changed files with 15 additions and 104 deletions
--- a/flux/cluster/apps/authentik/external-secret.yaml
+++ b/flux/cluster/apps/authentik/external-secret.yaml
@ -1,17 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: authentik
-  namespace: authentik
-spec:
-  refreshInterval: "5m"
-  secretStoreRef:
-    name: vault
-    kind: ClusterSecretStore
-  target:
-    name: authentik
-  data:
-    - secretKey: secret_key
-      remoteRef:
-        key: authentik/authentik
-        property: secret_key
--- a/flux/cluster/apps/authentik/helm-release.yaml
+++ b/flux/cluster/apps/authentik/helm-release.yaml
@ -1,47 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: authentik
-  namespace: authentik
-spec:
-  interval: 1m0s
-  chart:
-    spec:
-      # renovate: registryUrl=https://charts.goauthentik.io
-      chart: authentik
-      version: 2022.7.3
-      sourceRef:
-        kind: HelmRepository
-        name: authentik-charts
-        namespace: flux-system
-      interval: 5m
-  valuesFrom:
-    - kind: Secret
-      name: authentik
-      valuesKey: secret_key
-      targetPath: authentik.secret_key
-      optional: false
-  values:
-    image:
-      repository: ghcr.io/goauthentik/server
-      tag: 2022.7.3
-    authentik:
-      error_reporting:
-        enabled: true
-      postgresql:
-        host: "database.olympus"
-        name: "authentik"
-        user: "authentik"
-    redis:
-      enabled: true
-      architecture: standalone
-      auth:
-        enabled: false
-    ingress:
-      enabled: true
-      ingressClassName: "traefik"
-      hosts:
-        - host: id.0x76.dev
-          paths:
-            - path: "/"
-              pathType: Prefix
--- a/flux/cluster/apps/authentik/kustomization.yaml
+++ b/flux/cluster/apps/authentik/kustomization.yaml
@ -1,5 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - external-secret.yaml
-  - helm-release.yaml
--- a/flux/cluster/apps/kustomization.yaml
+++ b/flux/cluster/apps/kustomization.yaml
@ -3,7 +3,6 @@ kind: Kustomization
 resources:
  - networking
  - presidential-paradise
-  - authentik
  - gitops
  - monitoring
  - olympus
--- a/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml
+++ b/flux/cluster/base/flux-system/charts/helm/authentik-charts.yaml
@ -1,10 +0,0 @@
---
-apiVersion: source.toolkit.fluxcd.io/v1beta1
-kind: HelmRepository
-metadata:
-  name: authentik-charts
-  namespace: flux-system
-spec:
-  interval: 15m
-  url: https://charts.goauthentik.io/
-  timeout: 3m
--- a/flux/cluster/base/flux-system/charts/helm/kustomization.yaml
+++ b/flux/cluster/base/flux-system/charts/helm/kustomization.yaml
@ -4,6 +4,5 @@ resources:
  - metallb-charts.yaml
  - traefik-charts.yaml
  - external-secrets-charts.yaml
-  - authentik-charts.yaml
  - fairwinds-charts.yaml
  - drone-charts.yaml
--- a/flux/cluster/core/namespaces/authentik.yaml
+++ b/flux/cluster/core/namespaces/authentik.yaml
@ -1,7 +0,0 @@
---
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: authentik
-  labels:
-    goldilocks.fairwinds.com/enabled: "true"
--- a/flux/cluster/core/namespaces/kustomization.yaml
+++ b/flux/cluster/core/namespaces/kustomization.yaml
@ -4,7 +4,6 @@ resources:
  - presidential-paradise.yaml
  - networking.yaml
  - external-secrets.yaml
-  - authentik.yaml
  - gitops.yaml
  - monitoring.yaml
  - olympus.yaml
--- a/nixos/hosts/olympus/database/configuration.nix
+++ b/nixos/hosts/olympus/database/configuration.nix
@ -4,7 +4,7 @@

 { config, pkgs, ... }:
 let
-  databases = [ "authentik" "umami" "drone" ];
+  databases = [ "umami" "drone" ];
 in
 {
  imports = [ ];
--- a/nixos/hosts/olympus/hedgedoc/configuration.nix
+++ b/nixos/hosts/olympus/hedgedoc/configuration.nix
@ -76,20 +76,6 @@ in
        secretKey = "$MINIO_SECRET_KEY";
      };
      email = true;
-      # Disable until fixed
-      # oauth2 = let url = "https://id.0x76.dev"; in
-      #   {
-      #     providerName = "authentik";
-      #     clientID = "$AUTHENTIK_CLIENTID";
-      #     clientSecret = "$AUTHENTIK_CLIENTSECRET";
-      #     scope = "openid email profile";
-      #     userProfileURL = "${url}/application/o/userinfo/";
-      #     tokenURL = "${url}/application/o/token/";
-      #     authorizationURL = "${url}/application/o/authorize/";
-      #     userProfileUsernameAttr = "preferred_username";
-      #     userProfileDisplayNameAttr = "name";
-      #     userProfileEmailAttr = "email";
-      #   };
    };
  };
 }
--- a/nixos/hosts/thalassa/null/home/default.nix
+++ b/nixos/hosts/thalassa/null/home/default.nix
@ -121,5 +121,19 @@
    };
  };

+  xdg.userDirs = let home = config.home.homeDirectory; in
+    {
+      enable = true;
+      createDirectories = true;
+      desktop = "${home}/.desktop";
+      documents = "${home}/cloud/Documents";
+      download = "${home}/dl";
+      music = "${home}/cloud/Music";
+      pictures = "${home}/cloud/Pictures";
+      publicShare = "${home}/.publicShare";
+      templates = "${home}/.templates";
+      videos = "${home}/cloud/Videos";
+    };
+
  services.syncthing.enable = true;
 }