37 lines
1005 B
YAML
37 lines
1005 B
YAML
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: authelia-secrets
|
|
namespace: authelia
|
|
spec:
|
|
refreshInterval: 1h
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: vault-backend
|
|
target:
|
|
name: authelia-secrets
|
|
creationPolicy: Owner
|
|
data:
|
|
# Authelia secrets
|
|
- secretKey: JWT_TOKEN
|
|
remoteRef:
|
|
key: cluster-infrastructure/authelia
|
|
property: JWT_SECRET
|
|
- secretKey: SESSION_ENCRYPTION_KEY
|
|
remoteRef:
|
|
key: cluster-infrastructure/authelia
|
|
property: SESSION_SECRET
|
|
- secretKey: STORAGE_ENCRYPTION_KEY
|
|
remoteRef:
|
|
key: cluster-infrastructure/authelia
|
|
property: STORAGE_ENCRYPTION_KEY
|
|
- secretKey: identity_validation.reset_password.jwt.hmac.key
|
|
remoteRef:
|
|
key: cluster-infrastructure/authelia
|
|
property: JWT_SECRET
|
|
# PostgreSQL password
|
|
- secretKey: STORAGE_POSTGRES_PASSWORD
|
|
remoteRef:
|
|
key: databases/postgresql
|
|
property: password
|