uumas/ansible-docker
1
0
Fork 1
Code Issues 8 Pull Requests Projects Releases Wiki Activity

Compare commits

base: uumas:2cef67445682bb5edcbc7b211e12f4c46c5b598c
Branches Tags
uumas:master uumas:unifi
..
compare: uumas:88abb5b2434f4231b5121e59eb6fcd724ade9596
Branches Tags
uumas:master uumas:unifi

3 Commits
2cef674456 ... 88abb5b243

Author SHA1 Message Date
uumas
88abb5b243 Add authentik ldap outpost role 2024-09-28 16:23:06 +03:00
uumas
ec58a89dff service: Make postgres version configurable 2024-09-28 15:54:05 +03:00
uumas
5692cadea5 authentik: Make tag configurable 2024-09-28 03:31:45 +03:00
10 changed files with 83 additions and 4 deletions
Expand all files Collapse all files

2
roles/authentik/defaults/main.yml
View File

@@ -1,5 +1,5 @@
--- ---
authentik_tag: latest
authentik_env: {} authentik_env: {}
docker_networks: docker_networks:
- name: authentik - name: authentik

5
roles/authentik/meta/argument_specs.yml
View File

@@ -5,6 +5,11 @@ argument_specs:
short_description: Authentik container short_description: Authentik container
description: "Sets up an authentik docker container." description: "Sets up an authentik docker container."
options: options:
authentik_tag:
description: 'Authentik version to use. Can be minor (2024.8) or patch (2024.8.1) or "latest".'
type: str
required: false
default: latest
authentik_env: authentik_env:
description: "dict of custom environment variables for authentik container" description: "dict of custom environment variables for authentik container"
type: dict type: dict

4
roles/authentik/tasks/main.yml
View File

@@ -9,7 +9,7 @@
name: service name: service
vars: vars:
docker_service: authentik docker_service: authentik
docker_image: beryju/authentik:latest docker_image: "beryju/authentik:{{ authentik_tag }}"
docker_command: docker_command:
- server - server
docker_image_http_port: 9000 docker_image_http_port: 9000
@@ -31,7 +31,7 @@
vars: vars:
docker_namespace: authentik docker_namespace: authentik
docker_service: worker docker_service: worker
docker_image: beryju/authentik:latest docker_image: "beryju/authentik:{{ authentik_tag }}"
docker_command: docker_command:
- worker - worker
reverse_proxy_type: none reverse_proxy_type: none

1
roles/authentik_ldap/README.md Normal file
View File

@@ -0,0 +1 @@
Sets up an authentik ldap outpost container.

2
roles/authentik_ldap/defaults/main.yaml Normal file
View File

@@ -0,0 +1,2 @@
---
authentik_ldap_tag: latest

53
roles/authentik_ldap/meta/argument_specs.yaml Normal file
View File

@@ -0,0 +1,53 @@
---
argument_specs:
main:
short_description: Authentik container
description: "Sets up an authentik docker container."
options:
authentik_ldap_tag:
description: 'Authentik ldap outpost version to use. Can be minor (2024.8) or patch (2024.8.1) or "latest". Should probably be the same as authentik.'
type: str
required: false
default: latest
authentik_ldap_authentik_address:
description: "Address starting with https where authentik is reachable"
type: str
required: true
authentik_ldap_outpost_token:
description: Outpost token generated by authentik
type: str
required: true
# All options after this will be passed directly to the container role
docker_service_suffix:
description: "Passed to container role"
required: false
docker_host_user:
description: "Passed to container role"
required: false
database_passwords:
description: "Passed to container role"
required: false
docker_additional_services:
description: "Passed to container role"
required: false
docker_volume_type:
description: "Passed to container role"
required: false
reverse_proxy_type:
description: "Passed to container role"
required: false
ports:
description: "Passed to container role"
required: false
docker_vhost_domains:
description: "Passed to container role"
required: false
docker_entrypoint:
description: "Passed to container role"
required: false
dockerfile:
description: "Passed to container role"
required: false

12
roles/authentik_ldap/tasks/main.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
- name: Authentik ldap container
ansible.builtin.include_role:
name: service
vars:
docker_service: authentik-ldap
docker_image: beryju/authentik-ldap:{{ authentik_ldap_tag }}
reverse_proxy_type: none
docker_env:
AUTHENTIK_HOST: "{{ authentik_ldap_authentik_address }}"
AUTHENTIK_INSECURE: 'false'
AUTHENTIK_TOKEN: "{{ authentik_ldap_outpost_token }}"

1
roles/service/defaults/main.yml
View File

@@ -11,6 +11,7 @@ docker_proxy_target_protocol: http
docker_additional_env: {} docker_additional_env: {}
docker_additional_services: [] docker_additional_services: []
docker_database: none docker_database: none
docker_postgres_tag: 14-alpine
docker_mounts: [] docker_mounts: []
docker_network_mode: "" docker_network_mode: ""
docker_networks: [] docker_networks: []

5
roles/service/meta/argument_specs.yml
View File

@@ -54,6 +54,11 @@ argument_specs:
set a password for the mariadb root user set a password for the mariadb root user
type: dict type: dict
required: false required: false
docker_postgres_tag:
description: 'Postgresql version to use. Can be debian (n) or alpine-based (n-alpine), where n can be major version like 14 or minor like 14.13.'
type: str
required: false
default: 14-alpine
docker_mariadb_config: docker_mariadb_config:
description: | description: |
A dict specifying config for mariadb. For example A dict specifying config for mariadb. For example

2
roles/service/tasks/database.yml
View File

@@ -2,7 +2,7 @@
- name: Set postgres container vars - name: Set postgres container vars
ansible.builtin.set_fact: ansible.builtin.set_fact:
db_container_image: 'postgres:14-alpine' db_container_image: 'postgres:{{ docker_postgres_tag }}'
db_container_env: db_container_env:
POSTGRES_USER: "{{ docker_service_underscore_name }}" POSTGRES_USER: "{{ docker_service_underscore_name }}"
POSTGRES_PASSWORD: "{{ database_passwords[docker_service_name] }}" POSTGRES_PASSWORD: "{{ database_passwords[docker_service_name] }}"