apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: zitadel namespace: zitadel spec: postRenderers: - kustomize: patches: - target: group: apps version: v1 kind: Deployment name: zitadel-idp-contour patch: |- - op: replace path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-inject-template-zitadel-vault-config.yaml value: |- {{- with secret "secrets/data/zitadel/postgresql" -}} Database: postgres: User: Password: |- {{ index .Data.data "password" }} Admin: Password: |- {{ index .Data.data "adminPassword" }} FirstInstance: Org: Human: Password: |- {{ index .Data.data "humanPassword" }} {{- end -}} - target: group: batch version: v1 kind: Job name: zitadel-idp-contour-init patch: |- - op: replace path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-inject-template-zitadel-vault-config.yaml value: |- {{- with secret "secrets/data/zitadel/postgresql" -}} Database: postgres: User: Password: |- {{ index .Data.data "password" }} Admin: Password: |- {{ index .Data.data "adminPassword" }} FirstInstance: Org: Human: Password: |- {{ index .Data.data "humanPassword" }} {{- end -}} - target: group: batch version: v1 kind: Job name: zitadel-idp-contour-setup patch: |- - op: replace path: /spec/template/metadata/annotations/vault.hashicorp.com~1agent-inject-template-zitadel-vault-config.yaml value: |- {{- with secret "secrets/data/zitadel/postgresql" -}} Database: postgres: User: Password: |- {{ index .Data.data "password" }} Admin: Password: |- {{ index .Data.data "adminPassword" }} FirstInstance: Org: Human: Password: |- {{ index .Data.data "humanPassword" }} {{- end -}} values: zitadel: configmapConfig: ExternalDomain: zitadel.brusnika.onprem.sarex.io ExternalSecure: true debug: enabled: false postgresqlSecret: vault: enabled: true role: zitadel authPath: auth/kubernetes secretPath: secrets/data/zitadel/postgresql secretKey: password kvVersion: 2 fileName: zitadel-vault-config.yaml serviceAccount: create: true name: zitadel replicaCount: 1 pdb: enabled: false env: - name: ZITADEL_DEFAULTINSTANCE_FEATURES_LOGINV2_REQUIRED value: "false" - name: ZITADEL_SYSTEMDEFAULTS_PASSWORDHASHER_VERIFIERS value: "bcrypt,pbkdf2" - name: ZITADEL_MACHINE_IDENTIFICATION_HOSTNAME_ENABLED value: "true" - name: ZITADEL_DATABASE_POSTGRES_HOST value: "192.168.10.8" - name: ZITADEL_DATABASE_POSTGRES_PORT value: "5432" - name: ZITADEL_DATABASE_POSTGRES_USER_USERNAME value: "zitadel" - name: ZITADEL_DATABASE_POSTGRES_ADMIN_EXISTINGDATABASE value: "zitadel" - name: ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME value: "zitadel" - name: ZITADEL_DATABASE_POSTGRES_DATABASE value: "zitadel" - name: ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE value: "disable" - name: ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE value: "disable" - name: ZITADEL_DEFAULTINSTANCE_ORG_HUMAN_USERNAME value: "zitadel-admin" - name: ZITADEL_DEFAULTINSTANCE_ORG_NAME value: "Sarex"