From 8f50dc9b6b605a587b5dc9ad99f80d1db227c7b2 Mon Sep 17 00:00:00 2001
From: SeanOMik <seanomik@gmail.com>
Date: Fri, 7 Apr 2023 00:51:13 -0400
Subject: [PATCH] Set authentik secret key with secret

---
 cluster/apps/authentik/authentik-secrets.sops.yaml | 5 +++--
 cluster/apps/authentik/helm-release.yaml           | 4 ++++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/cluster/apps/authentik/authentik-secrets.sops.yaml b/cluster/apps/authentik/authentik-secrets.sops.yaml
index ed23de1..49b1814 100644
--- a/cluster/apps/authentik/authentik-secrets.sops.yaml
+++ b/cluster/apps/authentik/authentik-secrets.sops.yaml
@@ -7,14 +7,15 @@ stringData:
     pgsqlAdminPassword: ENC[AES256_GCM,data:QTiI/6L2BR+qBE5dl4Vb6Dj5mrr/kJEazJocjuQUgAw=,iv:vb6ohS0DMXFXGI5ZJmWNkn7EbyfjMQfjq6GxFIxHbJM=,tag:SR034jGOv3XLkrhF/z62tA==,type:str]
     pgsqlUserPassword: ENC[AES256_GCM,data:oFsvEIAUUmKJIyCqyW+F/HkL/hZAtbVHZN71dRIJGR8=,iv:ilioD/oa7FBUEew7L6FcLzx5qSFqU7aLDP7aCuRFNO0=,tag:qrk37fQxZPkLQPpJsRZJ6Q==,type:str]
     redisUserPassword: ENC[AES256_GCM,data:XasVsj+I0iuF/AXpws6sLThdqMCvPyMtTXxBHLAWlGM=,iv:Y0Soq5b19HkYWk4bdLMqazOgtLpgzD3saqUslXWvxv4=,tag:BL6arsBG0gkkdItQYRphEw==,type:str]
+    authentikSecretKey: ENC[AES256_GCM,data:soV0ekNUY5jTcOcbckIYjAUXhPu2bejRjUJGTOLhjOU=,iv:Cv4u6Mor5Y+v0hxQO482acMyyxT96fONEppPoo5zyrI=,tag:qs8ay5w0P0p4nByqvtinnw==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2023-04-07T04:48:38Z"
-    mac: ENC[AES256_GCM,data:o3L7kGBpBh0Zg4afMa/cQvrr6c41M4qSBwVYEt5Ex1+GsIl1Q5yD6EHOfCASvWglcGOwsbIiAWUhFm97rpbX1bXjr5u5XQs6dcxMjduMU3wn77QCQ0NM+ijcEhh/Bs188Pud0IMFtxDFNSV/hjrrGPOkobaBjd3svRC9Y39T9ds=,iv:kNyyQ5n30EmyFCo1CcaH9QzZ7uW0yLVReqwZTSeJSpk=,tag:rbgkwpqobOCAv/PPuegGDQ==,type:str]
+    lastmodified: "2023-04-07T04:50:43Z"
+    mac: ENC[AES256_GCM,data:tqEikxo2/ZnNbD/Er9hs6E9mtuzcqyZiobf8h+ydrSYwqntaXR3+V/WgDdLK3MreobNK/Z8wR5jT2e11tySTt3fQ/VsUeBpwidTE5hB7pU/Lj9rGIT83i2w94/Fnbmkb/A53aPfvmWVtio2FrlWJRxr6znEEA6Fp4HdUdkXny9U=,iv:O/TKrpy9YhUAUTIApSGfsOfbLA5O8/cBzzYKYpO7p7U=,tag:R2rBH0bhOJSe3UNZje1vvw==,type:str]
     pgp:
         - created_at: "2023-04-07T01:57:22Z"
           enc: |
diff --git a/cluster/apps/authentik/helm-release.yaml b/cluster/apps/authentik/helm-release.yaml
index 7ed9224..18f30c5 100644
--- a/cluster/apps/authentik/helm-release.yaml
+++ b/cluster/apps/authentik/helm-release.yaml
@@ -39,6 +39,10 @@ spec:
 #      AUTHENTIK_HOST_BROWSER: https://auth.***REMOVED***
     
     envValueFrom:
+      AUTHENTIK_SECRET_KEY:
+        secretKeyRef:
+          key: authentikSecretKey
+          name: authentik-secrets
       AUTHENTIK_POSTGRESQL__PASSWORD:
         secretKeyRef:
           key: pgsqlUserPassword