Add Authentik SSO service and refactor Valkey configuration to use native tools and consolidated systemd service

roles/authentik/templates/authentik-server.container.j2

@@ -0,0 +1,37 @@
+# Authentik Server Container Quadlet
+# Generated by rick-infra Ansible role
+
+[Unit]
+Description=Authentik Server Container
+Requires={{ authentik_pod_name }}-pod.service
+After={{ authentik_pod_name }}-pod.service
+
+[Container]
+ContainerName=authentik-server
+Image={{ authentik_image_server }}:{{ authentik_image_tag }}
+Pod={{ authentik_pod_name }}.pod
+
+# Environment configuration
+EnvironmentFile={{ authentik_home }}/.config/containers/authentik.env
+Environment=AUTHENTIK_LISTEN__HTTP=0.0.0.0:9000
+Environment=AUTHENTIK_LISTEN__HTTPS=0.0.0.0:9443
+
+# Server command
+Exec=server
+
+# Volumes for persistent data
+Volume={{ authentik_home }}/data:/data:Z
+Volume={{ authentik_home }}/media:/media:Z
+
+# Health check
+HealthCmd=ak healthcheck
+HealthInterval=30s
+HealthTimeout=10s
+HealthRetries=3
+
+[Service]
+Restart=always
+RestartSec=10
+
+[Install]
+WantedBy=default.target