Deploy Authentik on CCE
This tutorial will guide you through the process of setting up authentik on your CCE Kubernetes environment.
Prerequisites
Before starting the installation, ensure you have the following:
- A running Kubernetes cluster (CCE)
- Helm installed on your local machine
Generating Secure Passwords
Begin by generating secure passwords for the database and cache. Use one of these commands:
pwgen -s 50 1
or
openssl rand 60 | base64 -w 0
Creating the Values File
- Create a file named values.yaml in your working directory.
- Add the following content to the file:
values.yaml
authentik:
secret_key: "PleaseGenerateASecureKey"
error_reporting:
enabled: true
postgresql:
password: "ThisIsNotASecurePassword"
server:
ingress:
ingressClassName: nginx
enabled: true
hosts:
- authentik.test-domain.com
postgresql:
enabled: true
auth:
password: "ThisIsNotASecurePassword"
redis:
enabled: true
note
- Replace
PleaseGenerateASecureKey
andThisIsNotASecurePassword
with secure passwords you generated earlier. - Here we are using nginx as ingress controller if you use other ingress controller (like traefik or kong) specify it under path
server.ingress.ingressClassName
. Also replaceauthentik.test-domain.com
with the domain name you intend for Authentik.
Installing Authentik Using Helm
-
Add the authentik Helm repository:
helm repo add authentik https://charts.goauthentik.io
-
Update your Helm repositories:
helm repo update
-
Install authentik using Helm:
helm upgrade --install authentik authentik/authentik -f values.yaml
This command will install authentik or upgrade an existing installation using the values specified in your values.yaml file.
Accessing Authentik
Once the installation is complete, you can access authentik by following these steps:
- Open your web browser and navigate to
https://<ingress-host-name>/if/flow/initial-setup/
. - Set a password for the default
akadmin
user.
Setting admin password for first time:
Authentik dashboard: