From a7ea9468e85dc32cfcd5c8eb608df4770415e2e0 Mon Sep 17 00:00:00 2001
From: Vegard Hagen <vegard@stonegarden.dev>
Date: Sun, 19 Jan 2025 13:37:10 +0100
Subject: [PATCH] feat(authelia): use ldaps with lldap

this is kind of a pointless change, but kinda cool to try
---
 k8s/infra/auth/authelia/kustomization.yaml            |  3 +++
 .../authelia/patches/deployment-host-aliases.yaml     | 11 +++++++++++
 k8s/infra/auth/authelia/values.yaml                   |  2 +-
 k8s/infra/auth/lldap/svc.yaml                         |  2 ++
 4 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 k8s/infra/auth/authelia/patches/deployment-host-aliases.yaml

diff --git a/k8s/infra/auth/authelia/kustomization.yaml b/k8s/infra/auth/authelia/kustomization.yaml
index 65e3833..2493749 100644
--- a/k8s/infra/auth/authelia/kustomization.yaml
+++ b/k8s/infra/auth/authelia/kustomization.yaml
@@ -21,3 +21,6 @@ helmCharts:
     namespace: authelia
     version: 0.9.14
     valuesFile: values.yaml
+
+patches:
+  - path: patches/deployment-host-aliases.yaml
diff --git a/k8s/infra/auth/authelia/patches/deployment-host-aliases.yaml b/k8s/infra/auth/authelia/patches/deployment-host-aliases.yaml
new file mode 100644
index 0000000..5b75140
--- /dev/null
+++ b/k8s/infra/auth/authelia/patches/deployment-host-aliases.yaml
@@ -0,0 +1,11 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: authelia
+spec:
+  template:
+    spec:
+      hostAliases:
+        - ip: 10.96.0.15
+          hostnames:
+            - lldap.stonegarden.dev
diff --git a/k8s/infra/auth/authelia/values.yaml b/k8s/infra/auth/authelia/values.yaml
index 65dc2e4..d57efb5 100644
--- a/k8s/infra/auth/authelia/values.yaml
+++ b/k8s/infra/auth/authelia/values.yaml
@@ -50,7 +50,7 @@ configMap:
     ldap:
       enabled: true
       implementation: lldap
-      address: ldap://lldap.lldap.svc.cluster.local
+      address: ldaps://lldap.stonegarden.dev
       base_dn: dc=stonegarden,dc=dev
       users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
       additional_users_dn: ou=people
diff --git a/k8s/infra/auth/lldap/svc.yaml b/k8s/infra/auth/lldap/svc.yaml
index 45f9376..d79ff4a 100644
--- a/k8s/infra/auth/lldap/svc.yaml
+++ b/k8s/infra/auth/lldap/svc.yaml
@@ -7,6 +7,8 @@ metadata:
     io.cilium/lb-ipam-ips: 192.168.1.242
 spec:
   type: LoadBalancer
+  # https://kubernetes.io/docs/concepts/services-networking/cluster-ip-allocation/
+  clusterIP: 10.96.0.15
   selector:
     app: lldap
   ports: