diff --git a/roles/authentik/README.md b/roles/authentik/README.md new file mode 100644 index 0000000..a0424ce --- /dev/null +++ b/roles/authentik/README.md @@ -0,0 +1 @@ +Sets up an authentik docker container. diff --git a/roles/authentik/defaults/main.yml b/roles/authentik/defaults/main.yml new file mode 100644 index 0000000..6ccf47f --- /dev/null +++ b/roles/authentik/defaults/main.yml @@ -0,0 +1,5 @@ +--- + +authentik_env: {} +docker_networks: + - name: authentik diff --git a/roles/authentik/meta/argument_specs.yml b/roles/authentik/meta/argument_specs.yml new file mode 100644 index 0000000..fd72f32 --- /dev/null +++ b/roles/authentik/meta/argument_specs.yml @@ -0,0 +1,49 @@ +--- + +argument_specs: + main: + short_description: Authentik container + description: "Sets up an authentik docker container." + options: + authentik_env: + description: "dict of custom environment variables for authentik container" + type: dict + required: false + default: {} + + # All options after this will be passed directly to the container role + docker_service_suffix: + description: "Passed to container role" + required: false + docker_host_user: + description: "Passed to container role" + required: false + + database_passwords: + description: "Passed to container role" + required: false + docker_additional_services: + description: "Passed to container role" + required: false + + docker_volume_type: + description: "Passed to container role" + required: false + reverse_proxy_type: + description: "Passed to container role" + required: false + ports: + description: "Passed to container role" + required: false + docker_vhost_domains: + description: "Passed to container role" + required: false + docker_entrypoint: + description: "Passed to container role" + required: false + dockerfile: + description: "Passed to container role" + required: false + docker_networks: + description: "Passed to container role" + required: false diff --git a/roles/authentik/tasks/main.yml b/roles/authentik/tasks/main.yml new file mode 100644 index 0000000..0c47bf6 --- /dev/null +++ b/roles/authentik/tasks/main.yml @@ -0,0 +1,26 @@ +--- + +- name: Authentik container + ansible.builtin.import_role: + name: container + vars: + docker_service: authentik + docker_image: beryju/authentik:latest + docker_command: + - server + docker_image_http_port: 9000 + docker_database: postgres + docker_additional_services: + - redis + docker_env: "{{ authentik_common_env | combine(authentik_env) }}" + +- name: Authentik worker container + ansible.builtin.import_role: + name: container + vars: + docker_service: authentik_worker + docker_image: beryju/authentik:latest + docker_command: + - worker + reverse_proxy_type: none + docker_env: "{{ authentik_common_env | combine(authentik_env) }}" diff --git a/roles/authentik/vars/main.yml b/roles/authentik/vars/main.yml new file mode 100644 index 0000000..9600001 --- /dev/null +++ b/roles/authentik/vars/main.yml @@ -0,0 +1,9 @@ +--- + +authentik_common_env: + AUTHENTIK_REDIS__HOST: authentik_redis + AUTHENTIK_POSTGRESQL__HOST: authentik_db + AUTHENTIK_POSTGRESQL__USER: authentik + AUTHENTIK_POSTGRESQL__NAME: authentik + AUTHENTIK_POSTGRESQL__PASSWORD: "{{ database_passwords.authentik }}" + AUTHENTIK_SECRET_KEY: "{{ authentik_secret_key }}"