homelab/roles/authentik/tasks/main.yml

86 lines
2.6 KiB
YAML
Raw Normal View History

2024-10-19 13:00:15 +05:00
---
- name: Create authentik networks
become: true
community.docker.docker_network:
name: "{{ item }}"
loop: ["authentik", "authentik-redis"]
- name: Create authnetik docker volumes
become: true
community.docker.docker_volume:
name: "{{ item }}"
2024-10-20 15:03:25 +05:00
loop: ["authentik-redis", "authentik-media", "authentik-templates", "authentik-certs"]
2024-10-19 13:00:15 +05:00
- name: Run redis container
become: true
community.docker.docker_container:
name: authentik-redis
image: redis:7.4-bookworm
command: ["redis-server", "--save", "60", "1", "--loglevel", "warning"]
networks:
- name: authentik-redis
volumes:
- authentik-redis:/data
restart_policy: unless-stopped
- name: Create authentik config dir
become: true
ansible.builtin.file:
path: /etc/authentik
state: directory
mode: "1700"
owner: root
- name: Copy authentik config
become: true
ansible.builtin.template:
src: authentik.env.j2
dest: /etc/authentik/.env
- name: Run authentik server container
become: true
community.docker.docker_container:
name: authentik
image: "{{ image }}:{{ tag }}"
command: ["server"]
networks:
- name: authentik
- name: authentik-redis
- name: postgresql
- name: haproxy
2024-10-20 15:03:25 +05:00
user: root
volumes:
- authentik-media:/media
- authentik-templates:/templates
- authentik-certs:/certs
- /etc/letsencrypt/live/comfycamp.space/fullchain.pem:/certs/comfycamp.space/fullchain.pem:ro
- /etc/letsencrypt/live/comfycamp.space/privkey.pem:/certs/comfycamp.space/privkey.pem:ro
2024-10-19 13:00:15 +05:00
env_file: /etc/authentik/.env
- name: Run authentik worker container
become: true
community.docker.docker_container:
name: authentik-worker
image: "{{ image }}:{{ tag }}"
command: ["worker"]
networks:
- name: authentik
- name: authentik-redis
- name: postgresql
2024-10-20 15:03:25 +05:00
volumes:
- authentik-media:/media
- authentik-templates:/templates
- authentik-certs:/certs
2024-10-19 13:00:15 +05:00
env_file: /etc/authentik/.env
2024-10-20 15:03:25 +05:00
- name: Run authentik LDAP outpost
become: true
community.docker.docker_container:
name: authentik-ldap
image: ghcr.io/goauthentik/ldap:{{ tag }}
networks:
- name: authentik
- name: haproxy
ports:
- 389:3389
volumes:
- authentik-certs:/certs
- /etc/letsencrypt/live/comfycamp.space/fullchain.pem:/certs/comfycamp.space/fullchain.pem:ro
- /etc/letsencrypt/live/comfycamp.space/privkey.pem:/certs/comfycamp.space/privkey.pem:ro
env:
AUTHENTIK_HOST: http://authentik:9000
AUTHENTIK_TOKEN: "{{ ldap_outpost_token }}"