fix: add http service to authentik

fix: oidc auth url
fix: pgvector image name (#62 )
2026-02-08 01:36:28 +01:00 · 2025-11-18 15:18:17 +01:00 · 2025-10-13 23:32:48 +02:00 · 2025-10-13 21:15:10 +00:00
3 changed files with 22 additions and 2 deletions
--- a/images/operator/src/resources/homelab/authentik-server/authentik-server.ts
+++ b/images/operator/src/resources/homelab/authentik-server/authentik-server.ts
@@ -18,6 +18,7 @@ import { RepoService } from '#bootstrap/repos/repos.ts';
 import { DestinationRule } from '#resources/istio/destination-rule/destination-rule.ts';
 import { NotReadyError } from '#utils/errors.ts';
 import { ExternalHttpService } from '../external-http-service.ts/external-http-service.ts';
+import { HttpService } from '../http-service/http-service.ts';

 const specSchema = z.object({
  environment: z.string(),
@@ -44,6 +45,7 @@ class AuthentikServer extends CustomResource<typeof specSchema> {
  #initSecret: Secret<InitSecretData>;
  #service: Service;
  #helmRelease: HelmRelease;
+  #httpService: HttpService;
  #externalHttpService: ExternalHttpService;
  #destinationRule: DestinationRule;

@@ -72,6 +74,8 @@ class AuthentikServer extends CustomResource<typeof specSchema> {
    this.#destinationRule.on('changed', this.queueReconcile);

    this.#externalHttpService = resourceService.get(ExternalHttpService, this.name, this.namespace);
+
+    this.#httpService = resourceService.get(HttpService, this.name, this.namespace);
  }

  public get service() {
@@ -253,6 +257,22 @@ class AuthentikServer extends CustomResource<typeof specSchema> {
      },
    });

+    await this.#httpService.ensure({
+      metadata: {
+        ownerReferences: [this.ref],
+      },
+      spec: {
+        environment: this.spec.environment,
+        subdomain: this.spec.subdomain || 'authentik',
+        destination: {
+          host: this.#service.hostname,
+          port: {
+            number: 80,
+          },
+        },
+      },
+    });
+
    await this.#externalHttpService.ensure({
      metadata: {
        ownerReferences: [this.ref],
--- a/images/operator/src/resources/homelab/oidc-client/oidc-client.ts
+++ b/images/operator/src/resources/homelab/oidc-client/oidc-client.ts
@@ -79,7 +79,7 @@ class OIDCClient extends CustomResource<typeof specSchema> {
      clientId: this.name,
      configuration: new URL(`/application/o/${this.appName}/.well-known/openid-configuration`, url).toString(),
      configurationIssuer: new URL(`/application/o/${this.appName}/`, url).toString(),
-      authorization: new URL(`/application/o/${this.appName}/authorize/`, url).toString(),
+      authorization: new URL(`/application/o/authorize/`, url).toString(),
      token: new URL(`/application/o/${this.appName}/token/`, url).toString(),
      userinfo: new URL(`/application/o/${this.appName}/userinfo/`, url).toString(),
      endSession: new URL(`/application/o/${this.appName}/end-session/`, url).toString(),
--- a/images/operator/src/resources/homelab/postgres-cluster/postgres-cluster.ts
+++ b/images/operator/src/resources/homelab/postgres-cluster/postgres-cluster.ts
@@ -108,7 +108,7 @@ class PostgresCluster extends CustomResource<typeof specSchema> {
            containers: [
              {
                name: this.name,
-                image: 'pgvector:pg17-trixie',
+                image: 'pgvector/pgvector:pg17-trixie',
                ports: [{ containerPort: 5432, name: 'postgres' }],
                env: [
                  { name: 'POSTGRES_PASSWORD', valueFrom: { secretKeyRef: { name: secretName, key: 'password' } } },
Author	SHA1	Message	Date
Morten Olsen	cad527e644	fix: add http service to authentik	2025-11-18 15:18:17 +01:00
Morten Olsen	ce2cebf77b	fix: oidc auth url	2025-10-13 23:32:48 +02:00
Morten Olsen	3ae89e81bd	fix: pgvector image name (#62 )	2025-10-13 21:15:10 +00:00