resource "authentik_outpost" "embedded_outpost" { name = "authentik Embedded Outpost" protocol_providers = [ authentik_provider_proxy.spotizerr.id, authentik_provider_proxy.esphome.id, #authentik_provider_proxy.tubearchivist.id, ] service_connection = authentik_service_connection_kubernetes.local.id # config = jsonencode({ # authentik_host = "https://auth.lab.cowley.tech" # authentik_host_browser = "" # authentik_host_insecure = false # docker_map_ports = true # kubernetes_disabled_components = [] # kubernetes_image_pull_secrets = [] # kubernetes_ingress_class_name = "nginx" # kubernetes_ingress_annotations = { # "cert-manager.io/cluster-issuer" = "letsencrypt" # } # kubernetes_ingress_secret_name = "authentik-outpost-tls" # kubernetes_json_patches = null # kubernetes_namespace = "authentik" # kubernetes_replicas = 1 # kubernetes_service_type = "ClusterIP" # log_level = "info" # object_naming_template = "ak-outpost-%(name)s" # refresh_interval = "minutes=5" # }) } resource "authentik_outpost" "internal" { name = "Internal Outpost" protocol_providers = [ authentik_provider_proxy.longhorn.id, ] service_connection = authentik_service_connection_kubernetes.local.id config = jsonencode({ authentik_host = "https://auth.lab.cowley.tech" docker_map_ports = true kubernetes_ingress_class_name = "traefik" kubernetes_ingress_annotations = { "cert-manager.io/cluster-issuer" = "letsencrypt" } kubernetes_ingress_secret_name = "authentk_internal_outpost_tls" kubernetes_json_patches = null kubernetes_namespace = "authentik" kubernetes_replicas = 1 kubernetes_service_type = "ClusterIP" log_level = "info" object_naming_template = "ak-outpost-%(name)s" refresh_interval = "minutes=5" }) } resource "authentik_service_connection_kubernetes" "local" { name = "Local Kubernetes Cluster" local = true } #resource "authentik_service_connection_kubernetes" "k3s" { # name = "Homelab K3s Cluster" # local = true #}