services/roles/authentik/vars/main.yml

---
authentik_svc:
  domain: auth.serguzim.me
  name: authentik
  port: 9000
  image_tag: 2024.2
  db:
    host: "{{ postgres.host }}"
    database: authentik
    user: "{{ vault_authentik.db.user }}"
    pass: "{{ vault_authentik.db.pass }}"

authentik_env:
  AUTHENTIK_SECRET_KEY: "{{ vault_authentik.secret_key }}"

  AUTHENTIK_EMAIL__HOST: "{{ mailer.host }}"
  AUTHENTIK_EMAIL__PORT: "{{ mailer.port }}"
  AUTHENTIK_EMAIL__USERNAME: "{{ vault_authentik.mail.user }}"
  AUTHENTIK_EMAIL__PASSWORD: "{{ vault_authentik.mail.pass }}"
  AUTHENTIK_EMAIL__USE_TLS: true
  AUTHENTIK_EMAIL__USE_SSL: false
  AUTHENTIK_EMAIL__TIMEOUT: 10
  AUTHENTIK_EMAIL__FROM: auth@serguzim.me

  AUTHENTIK_AVATARS: none

  AUTHENTIK_REDIS__HOST: redis

  AUTHENTIK_POSTGRESQL__HOST: "{{ svc.db.host }}"
  AUTHENTIK_POSTGRESQL__NAME: "{{ svc.db.database }}"
  AUTHENTIK_POSTGRESQL__USER: "{{ svc.db.user }}"
  AUTHENTIK_POSTGRESQL__PASSWORD: "{{ svc.db.pass }}"

authentik_compose:
  watchtower: false
  image: ghcr.io/goauthentik/server:{{ svc.image_tag }}
  file:
    services:
      app:
        command: server
        depends_on:
          - redis
      worker:
        image: ghcr.io/goauthentik/server:{{ svc.image_tag }}
        restart: always
        command: worker
        user: root
        volumes:
          - /var/run/docker.sock:/var/run/docker.sock
        env_file:
          - service.env
        depends_on:
          - redis
        networks:
          default:
      redis:
        image: redis:alpine
        restart: always
        networks:
          default:
Fix issues reported by ansible-lint 2023-12-13 01:43:15 +00:00			`---`
Refactor everything 2023-12-14 01:20:13 +00:00			`authentik_svc:`
Fix issues reported by ansible-lint 2023-12-13 01:43:15 +00:00			`domain: auth.serguzim.me`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`name: authentik`
			`port: 9000`
Update some roles 2024-04-29 12:35:15 +00:00			`image_tag: 2024.2`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`db:`
			`host: "{{ postgres.host }}"`
			`database: authentik`
			`user: "{{ vault_authentik.db.user }}"`
			`pass: "{{ vault_authentik.db.pass }}"`

Refactor everything 2023-12-14 01:20:13 +00:00			`authentik_env:`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`AUTHENTIK_SECRET_KEY: "{{ vault_authentik.secret_key }}"`

			`AUTHENTIK_EMAIL__HOST: "{{ mailer.host }}"`
			`AUTHENTIK_EMAIL__PORT: "{{ mailer.port }}"`
			`AUTHENTIK_EMAIL__USERNAME: "{{ vault_authentik.mail.user }}"`
			`AUTHENTIK_EMAIL__PASSWORD: "{{ vault_authentik.mail.pass }}"`
			`AUTHENTIK_EMAIL__USE_TLS: true`
			`AUTHENTIK_EMAIL__USE_SSL: false`
			`AUTHENTIK_EMAIL__TIMEOUT: 10`
			`AUTHENTIK_EMAIL__FROM: auth@serguzim.me`

			`AUTHENTIK_AVATARS: none`

			`AUTHENTIK_REDIS__HOST: redis`

			`AUTHENTIK_POSTGRESQL__HOST: "{{ svc.db.host }}"`
			`AUTHENTIK_POSTGRESQL__NAME: "{{ svc.db.database }}"`
			`AUTHENTIK_POSTGRESQL__USER: "{{ svc.db.user }}"`
			`AUTHENTIK_POSTGRESQL__PASSWORD: "{{ svc.db.pass }}"`

Refactor everything 2023-12-14 01:20:13 +00:00			`authentik_compose:`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`watchtower: false`
Fix issues reported by ansible-lint 2023-12-13 01:43:15 +00:00			`image: ghcr.io/goauthentik/server:{{ svc.image_tag }}`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`file:`
			`services:`
			`app:`
Fix missing command in authentik 2023-12-12 00:45:24 +00:00			`command: server`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`depends_on:`
			`- redis`
			`worker:`
Fix issues reported by ansible-lint 2023-12-13 01:43:15 +00:00			`image: ghcr.io/goauthentik/server:{{ svc.image_tag }}`
Add authentik to ansible 2023-12-12 00:41:08 +00:00			`restart: always`
			`command: worker`
			`user: root`
			`volumes:`
			`- /var/run/docker.sock:/var/run/docker.sock`
			`env_file:`
			`- service.env`
			`depends_on:`
			`- redis`
			`networks:`
			`default:`
			`redis:`
			`image: redis:alpine`
			`restart: always`
			`networks:`
			`default:`