From 2fae11dd3331719734588a2bb158cc40677b3a11 Mon Sep 17 00:00:00 2001 From: uumas Date: Wed, 5 Jul 2023 16:18:18 +0300 Subject: [PATCH] add authentik role --- roles/authentik/README.md | 1 + roles/authentik/defaults/main.yml | 5 +++ roles/authentik/meta/argument_specs.yml | 49 +++++++++++++++++++++++++ roles/authentik/tasks/main.yml | 26 +++++++++++++ roles/authentik/vars/main.yml | 9 +++++ 5 files changed, 90 insertions(+) create mode 100644 roles/authentik/README.md create mode 100644 roles/authentik/defaults/main.yml create mode 100644 roles/authentik/meta/argument_specs.yml create mode 100644 roles/authentik/tasks/main.yml create mode 100644 roles/authentik/vars/main.yml diff --git a/roles/authentik/README.md b/roles/authentik/README.md new file mode 100644 index 0000000..a0424ce --- /dev/null +++ b/roles/authentik/README.md @@ -0,0 +1 @@ +Sets up an authentik docker container. diff --git a/roles/authentik/defaults/main.yml b/roles/authentik/defaults/main.yml new file mode 100644 index 0000000..6ccf47f --- /dev/null +++ b/roles/authentik/defaults/main.yml @@ -0,0 +1,5 @@ +--- + +authentik_env: {} +docker_networks: + - name: authentik diff --git a/roles/authentik/meta/argument_specs.yml b/roles/authentik/meta/argument_specs.yml new file mode 100644 index 0000000..fd72f32 --- /dev/null +++ b/roles/authentik/meta/argument_specs.yml @@ -0,0 +1,49 @@ +--- + +argument_specs: + main: + short_description: Authentik container + description: "Sets up an authentik docker container." + options: + authentik_env: + description: "dict of custom environment variables for authentik container" + type: dict + required: false + default: {} + + # All options after this will be passed directly to the container role + docker_service_suffix: + description: "Passed to container role" + required: false + docker_host_user: + description: "Passed to container role" + required: false + + database_passwords: + description: "Passed to container role" + required: false + docker_additional_services: + description: "Passed to container role" + required: false + + docker_volume_type: + description: "Passed to container role" + required: false + reverse_proxy_type: + description: "Passed to container role" + required: false + ports: + description: "Passed to container role" + required: false + docker_vhost_domains: + description: "Passed to container role" + required: false + docker_entrypoint: + description: "Passed to container role" + required: false + dockerfile: + description: "Passed to container role" + required: false + docker_networks: + description: "Passed to container role" + required: false diff --git a/roles/authentik/tasks/main.yml b/roles/authentik/tasks/main.yml new file mode 100644 index 0000000..0c47bf6 --- /dev/null +++ b/roles/authentik/tasks/main.yml @@ -0,0 +1,26 @@ +--- + +- name: Authentik container + ansible.builtin.import_role: + name: container + vars: + docker_service: authentik + docker_image: beryju/authentik:latest + docker_command: + - server + docker_image_http_port: 9000 + docker_database: postgres + docker_additional_services: + - redis + docker_env: "{{ authentik_common_env | combine(authentik_env) }}" + +- name: Authentik worker container + ansible.builtin.import_role: + name: container + vars: + docker_service: authentik_worker + docker_image: beryju/authentik:latest + docker_command: + - worker + reverse_proxy_type: none + docker_env: "{{ authentik_common_env | combine(authentik_env) }}" diff --git a/roles/authentik/vars/main.yml b/roles/authentik/vars/main.yml new file mode 100644 index 0000000..9600001 --- /dev/null +++ b/roles/authentik/vars/main.yml @@ -0,0 +1,9 @@ +--- + +authentik_common_env: + AUTHENTIK_REDIS__HOST: authentik_redis + AUTHENTIK_POSTGRESQL__HOST: authentik_db + AUTHENTIK_POSTGRESQL__USER: authentik + AUTHENTIK_POSTGRESQL__NAME: authentik + AUTHENTIK_POSTGRESQL__PASSWORD: "{{ database_passwords.authentik }}" + AUTHENTIK_SECRET_KEY: "{{ authentik_secret_key }}"