apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: chart
spec:
  chart: authentik
  repo: https://charts.goauthentik.io
  targetNamespace: auth
  createNamespace: true
  valuesContent: |-
    authentik:
      secret_key: "file:///auth-secrets/SECRET-KEY"
      postgresql:
        host: postgres-svc.core.svc.cluster.local
        port: 5432
        user: authentik  # Using default directly
        password: file:///auth-secrets/DB-PASSWORD
        database: authentik
      redis:
        host: redis-svc.core.svc.cluster.local
        db: 15
      email:
        from: homelab@leechpepin.com
        host: blizzard.mxrouting.net
        port: 465
        use_ssl: true
        username: homelab@leechpepin.com
        password: file:///smtp-secrets/SMTP_PASSWORD

    postgresql:
      enabled: false
    redis:
      enabled: false

    server:
      service:
        type: NodePort
      volumes:
        - name: auth-secrets
          secret:
            secretName: authentik-secrets
        - name: smtp-secrets
          secret:
            secretName: smtp-secrets
      volumeMounts:
        - name: auth-secrets
          mountPath: /auth-secrets
          readOnly: true
        - name: smtp-secrets
          mountPath: /smtp-secrets
          readOnly: true
    worker:
      volumes:
        - name: auth-secrets
          secret:
            secretName: authentik-secrets
        - name: smtp-secrets
          secret:
            secretName: smtp-secrets
      volumeMounts:
        - name: auth-secrets
          mountPath: /auth-secrets
          readOnly: true
        - name: smtp-secrets
          mountPath: /smtp-secrets
          readOnly: true