REFACTOR(postgresql): switch authelia

- to pg storage, fix secr...

authelia/helm-values.yaml

@@ -51,11 +51,14 @@ configMap:
         authelia_url: https://auth.mayne0213.kro.kr
         default_redirection_url: https://mayne.kro.kr
 
-  # Storage - local SQLite (lightweight)
+  # Storage - PostgreSQL (CNPG cluster)
   storage:
-    local:
+    postgres:
       enabled: true
-      path: /data/db.sqlite3
+      address: tcp://postgresql-rw.postgresql.svc.cluster.local:5432
+      database: authelia
+      username: app
+      timeout: 5s
 
   # Access control rules
   access_control:
@@ -95,8 +98,4 @@ configMap:
 secret:
   existingSecret: authelia-secrets
 
-# Persistence for SQLite database
+# No persistence needed - using PostgreSQL
-persistence:
-  enabled: true
-  storageClass: longhorn
-  size: 1Gi

authelia/vault/authelia-secrets.yaml

@@ -12,6 +12,7 @@ spec:
     name: authelia-secrets
     creationPolicy: Owner
   data:
+    # Authelia secrets
     - secretKey: JWT_TOKEN
       remoteRef:
         key: cluster-infrastructure/authelia
@@ -24,3 +25,12 @@ spec:
       remoteRef:
         key: cluster-infrastructure/authelia
         property: STORAGE_ENCRYPTION_KEY
+    - secretKey: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_HMAC_KEY
+      remoteRef:
+        key: cluster-infrastructure/authelia
+        property: JWT_SECRET
+    # PostgreSQL password
+    - secretKey: STORAGE_POSTGRES_PASSWORD
+      remoteRef:
+        key: databases/postgresql
+        property: password