Add Authentik SSO service and refactor Valkey configuration to use native tools and consolidated systemd service
This commit is contained in:
36
roles/authentik/tasks/main.yml
Normal file
36
roles/authentik/tasks/main.yml
Normal file
@@ -0,0 +1,36 @@
|
||||
---
|
||||
# Authentik Authentication Service Role - Containerized Implementation
|
||||
# Manages Authentik using Podman with self-contained database
|
||||
|
||||
- name: Create authentik user and configure subuid/subgid
|
||||
include_tasks: user.yml
|
||||
|
||||
- name: Set up authentik database
|
||||
include_tasks: database.yml
|
||||
|
||||
- name: Configure container networking
|
||||
include_tasks: networking.yml
|
||||
|
||||
- name: Deploy authentik containers via quadlets
|
||||
include_tasks: containers.yml
|
||||
|
||||
- name: Deploy Caddy configuration for Authentik
|
||||
template:
|
||||
src: authentik.caddy.j2
|
||||
dest: "{{ caddy_sites_enabled_dir }}/authentik.caddy"
|
||||
mode: '0644'
|
||||
notify: reload caddy
|
||||
when: caddy_sites_enabled_dir is defined
|
||||
|
||||
- name: Display Authentik service status
|
||||
debug:
|
||||
msg: |
|
||||
✅ Authentik authentication service deployed successfully!
|
||||
|
||||
🌐 Web Interface: https://{{ authentik_full_domain }}
|
||||
🔐 Admin Interface: https://{{ authentik_full_domain }}/if/admin/
|
||||
📦 Local HTTP: http://127.0.0.1:{{ authentik_http_port }}
|
||||
🗄️ Database: {{ authentik_db_name }} (self-managed)
|
||||
🚀 Cache: Valkey database {{ authentik_redis_db }}
|
||||
|
||||
🏗️ Authentication service ready for SSO integration!
|
||||
Reference in New Issue
Block a user