Compare commits
No commits in common. "c403919fcf817ef0f5bc6d8b45c3f79bde430ef8" and "cb9e1245d8d83851d8632a811f0a396e4d922e2c" have entirely different histories.
c403919fcf
...
cb9e1245d8
4 changed files with 7 additions and 19 deletions
|
@ -35,7 +35,7 @@
|
||||||
- name: Run authentik server container
|
- name: Run authentik server container
|
||||||
become: true
|
become: true
|
||||||
community.docker.docker_container:
|
community.docker.docker_container:
|
||||||
name: authentik-{{ item }}
|
name: authentik
|
||||||
image: "{{ image }}:{{ tag }}"
|
image: "{{ image }}:{{ tag }}"
|
||||||
command: ["server"]
|
command: ["server"]
|
||||||
networks:
|
networks:
|
||||||
|
@ -51,7 +51,6 @@
|
||||||
- /etc/letsencrypt/live/comfycamp.space/fullchain.pem:/certs/comfycamp.space/fullchain.pem:ro
|
- /etc/letsencrypt/live/comfycamp.space/fullchain.pem:/certs/comfycamp.space/fullchain.pem:ro
|
||||||
- /etc/letsencrypt/live/comfycamp.space/privkey.pem:/certs/comfycamp.space/privkey.pem:ro
|
- /etc/letsencrypt/live/comfycamp.space/privkey.pem:/certs/comfycamp.space/privkey.pem:ro
|
||||||
env_file: /etc/authentik/.env
|
env_file: /etc/authentik/.env
|
||||||
loop: ["1", "2"]
|
|
||||||
- name: Run authentik worker container
|
- name: Run authentik worker container
|
||||||
become: true
|
become: true
|
||||||
community.docker.docker_container:
|
community.docker.docker_container:
|
||||||
|
@ -70,16 +69,17 @@
|
||||||
- name: Run authentik LDAP outpost
|
- name: Run authentik LDAP outpost
|
||||||
become: true
|
become: true
|
||||||
community.docker.docker_container:
|
community.docker.docker_container:
|
||||||
name: authentik-ldap-{{ item }}
|
name: authentik-ldap
|
||||||
image: ghcr.io/goauthentik/ldap:{{ tag }}
|
image: ghcr.io/goauthentik/ldap:{{ tag }}
|
||||||
networks:
|
networks:
|
||||||
- name: authentik
|
- name: authentik
|
||||||
- name: haproxy
|
- name: haproxy
|
||||||
|
ports:
|
||||||
|
- 389:3389
|
||||||
volumes:
|
volumes:
|
||||||
- authentik-certs:/certs
|
- authentik-certs:/certs
|
||||||
- /etc/letsencrypt/live/comfycamp.space/fullchain.pem:/certs/comfycamp.space/fullchain.pem:ro
|
- /etc/letsencrypt/live/comfycamp.space/fullchain.pem:/certs/comfycamp.space/fullchain.pem:ro
|
||||||
- /etc/letsencrypt/live/comfycamp.space/privkey.pem:/certs/comfycamp.space/privkey.pem:ro
|
- /etc/letsencrypt/live/comfycamp.space/privkey.pem:/certs/comfycamp.space/privkey.pem:ro
|
||||||
env:
|
env:
|
||||||
AUTHENTIK_HOST: http://authentik-{{ item }}:9000
|
AUTHENTIK_HOST: http://authentik:9000
|
||||||
AUTHENTIK_TOKEN: "{{ ldap_outpost_token }}"
|
AUTHENTIK_TOKEN: "{{ ldap_outpost_token }}"
|
||||||
loop: ["1", "2"]
|
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
become: true
|
become: true
|
||||||
community.docker.docker_container:
|
community.docker.docker_container:
|
||||||
name: comfycamp
|
name: comfycamp
|
||||||
image: git.comfycamp.space/lumin/comfycamp:v1.2.0
|
image: git.comfycamp.space/lumin/comfycamp:v1.1.16
|
||||||
env_file: /etc/comfycamp/.env
|
env_file: /etc/comfycamp/.env
|
||||||
networks:
|
networks:
|
||||||
- name: postgresql
|
- name: postgresql
|
||||||
|
|
|
@ -78,11 +78,6 @@ frontend matrix-federation
|
||||||
|
|
||||||
default_backend matrix
|
default_backend matrix
|
||||||
|
|
||||||
frontend authentik_ldap
|
|
||||||
mode tcp
|
|
||||||
bind *:389
|
|
||||||
default_backend authentik_ldap
|
|
||||||
|
|
||||||
backend comfycamp
|
backend comfycamp
|
||||||
mode http
|
mode http
|
||||||
server green comfycamp:4000 check
|
server green comfycamp:4000 check
|
||||||
|
@ -139,10 +134,4 @@ backend peertube
|
||||||
backend authentik
|
backend authentik
|
||||||
mode http
|
mode http
|
||||||
option forwardfor
|
option forwardfor
|
||||||
server s1 authentik-1:9000 check
|
server s1 authentik:9000
|
||||||
server s2 authentik-2:9000 check
|
|
||||||
|
|
||||||
backend authentik_ldap
|
|
||||||
mode tcp
|
|
||||||
server s1 authentik-ldap-1:3389 check
|
|
||||||
server s2 authentik-ldap-2:3389 check
|
|
||||||
|
|
|
@ -61,7 +61,6 @@
|
||||||
net.ipv4.ip_unprivileged_port_start: 0
|
net.ipv4.ip_unprivileged_port_start: 0
|
||||||
ports:
|
ports:
|
||||||
- 80:80
|
- 80:80
|
||||||
- 389:389
|
|
||||||
- 443:443
|
- 443:443
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
- name: Reload haproxy
|
- name: Reload haproxy
|
||||||
|
|
Loading…
Reference in a new issue