57 lines
1.5 KiB
YAML
57 lines
1.5 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: argocd
|
|
namespace: argocd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
project: default
|
|
source:
|
|
repoURL: https://argoproj.github.io/argo-helm
|
|
chart: argo-cd
|
|
targetRevision: 9.4.15
|
|
helm:
|
|
values: |
|
|
global:
|
|
domain: argocd.home.arpa
|
|
configs:
|
|
params:
|
|
server.insecure: "true"
|
|
cm:
|
|
oidc.config: |
|
|
name: Authentik
|
|
issuer: https://auth.nik4nao.com/application/o/argocd/
|
|
clientID: xg3XsKFdFhAt8103X9KUoH72MiPEyLDlpTDcx5hT
|
|
clientSecret: $argocd-oidc-secret:oidc.authentik.clientSecret
|
|
clientAuthMethod: client_secret_post
|
|
requestedScopes:
|
|
- openid
|
|
- profile
|
|
- email
|
|
- groups
|
|
rbac:
|
|
policy.default: role:readonly
|
|
policy.csv: |
|
|
g, authentik Admins, role:admin
|
|
scopes: '[groups]'
|
|
server:
|
|
ingress:
|
|
enabled: false
|
|
redis-ha:
|
|
enabled: false
|
|
controller:
|
|
replicas: 1
|
|
repoServer:
|
|
replicas: 1
|
|
applicationSet:
|
|
replicas: 1
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: argocd
|
|
syncPolicy:
|
|
automated:
|
|
prune: false
|
|
selfHeal: true
|
|
syncOptions:
|
|
- CreateNamespace=false |