# /apps/prod/authelia/values.yaml
configMap:
  authentication_backend:
    file:
      enabled: true
      path: /users/users_database.yaml
      password:
        algorithm: argon2
    ldap:
      enabled: false
  access_control:
    rules:
      - domain: '*.${DOMAIN}'
        policy: one_factor
  server:
    endpoints:
      automatic_authz_implementations: ['ForwardAuth']
  session:
    redis:
      enabled: false
    cookies:
      - domain: '${DOMAIN}'
        authelia_url: 'https://${AUTHELIA_DOMAIN}'
        name: 'authelia_session'
  storage:
    local:
      enabled: true
      path: /config/db.sqlite3
    postgres:
      enabled: false
  notifier:
    smtp:
      enabled: false
    filesystem:
      enabled: true

pod:
  extraVolumeMounts:
  - name: authelia-users-vol
    mountPath: /users
  extraVolumes:
  - name: authelia-users-vol
    secret:
      secretName: authelia-users-secret

ingress:
  enabled: true
  traefikCRD:
    enabled: true
    matchOverride: Host(`${AUTHELIA_DOMAIN}`)
    entryPoints:
      - "websecure"

persistence:
  enabled: true
  storageClass: retain-local-path
  size: 1Gi
  accessModes:
    - ReadWriteOnce