64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
---
|
|
- name: Create authentik network
|
|
become: true
|
|
community.docker.docker_network:
|
|
name: authentik
|
|
- name: Create authnetik docker volumes
|
|
become: true
|
|
community.docker.docker_volume:
|
|
name: "{{ item }}"
|
|
loop: ["authentik-redis", "authentik-media", "authentik-templates", "authentik-certs"]
|
|
- name: Run redis container
|
|
become: true
|
|
community.docker.docker_container:
|
|
name: authentik-redis
|
|
image: redis:7.4-bookworm
|
|
command: ["redis-server", "--save", "60", "1", "--loglevel", "warning"]
|
|
networks:
|
|
- name: authentik
|
|
volumes:
|
|
- authentik-redis:/data
|
|
restart_policy: unless-stopped
|
|
- name: Create authentik config dir
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /etc/authentik
|
|
state: directory
|
|
mode: "1700"
|
|
owner: root
|
|
- name: Copy authentik config
|
|
become: true
|
|
ansible.builtin.template:
|
|
src: authentik.env.j2
|
|
dest: /etc/authentik/.env
|
|
- include_tasks: start_server.yml
|
|
loop: [1, 2]
|
|
loop_control:
|
|
loop_var: server_idx
|
|
- name: Run authentik worker container
|
|
become: true
|
|
community.docker.docker_container:
|
|
name: authentik-worker
|
|
image: "{{ image }}:{{ tag }}"
|
|
command: ["worker"]
|
|
networks:
|
|
- name: authentik
|
|
- name: postgresql
|
|
volumes:
|
|
- authentik-media:/media
|
|
- authentik-templates:/templates
|
|
- authentik-certs:/certs
|
|
env_file: /etc/authentik/.env
|
|
restart_policy: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD", "ak", "healthcheck"]
|
|
interval: 30s
|
|
timeout: 10s
|
|
retries: 3
|
|
start_period: 60s
|
|
# TODO: enable after ansible update
|
|
# state: healthy
|
|
- include_tasks: start_ldap_server.yml
|
|
loop: [1, 2]
|
|
loop_control:
|
|
loop_var: server_idx
|