apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: authentik-ldap
  namespace: authentik
spec:
  interval: 5m
  chart:
    spec:
      chart: app-template
      version: 1.3.x
      sourceRef:
        kind: HelmRepository
        name: bjws-charts
        namespace: flux-system

  values:
    image:
      repository: ghcr.io/goauthentik/ldap
      tag: "2023.6.1"

    env:
      AUTHENTIK_HOST: "http://authentik.authentik:80"
      AUTHENTIK_INSECURE: "true"
      AUTHENTIK_HOST_BROWSER: "https://auth.${SECRET_DOMAIN}"

    envFrom:
      # Sets AUTHENTIK_TOKEN
      - secretRef:
          name: ldap-authentik-secret

    service:
      main:
        enabled: true
        ports:
          # Disable http port
          http:
            enabled: false

          ldap:
            enabled: true
            primary: true
            port: 3389
            targetPort: 389
            protocol: TCP

          ldaps:
            enabled: true
            primary: false
            port: 6636
            targetPort: 636
            protocol: TCP

    probes:
      liveness:
        enabled: false
      startup:
        enabled: false

    ingress:
      main:
        enabled: false

    resources:
      requests:
        cpu: 2m
        memory: 80Mi

      limits:
        memory: 500Mi