WIP: Authentik role with Quadlet pod approach - debugging container service generation

- Created authentik.pod file for proper pod definition
- Removed superfluous authentik-pod.container file
- Updated container templates to reference pod correctly
- Issue: Quadlet still reports 'pod authentik is not Quadlet based'
- Container services not being generated (only pod service works)

roles/authentik/defaults/main.yml

@@ -0,0 +1,110 @@
+---
+# =================================================================
+# Authentik Authentication Role - Default Variables
+# =================================================================
+# Self-contained Authentik deployment with Podman and Unix sockets
+
+# =================================================================
+# Service Configuration
+# =================================================================
+
+# Service user and directories
+authentik_user: authentik
+authentik_group: authentik
+authentik_home: /opt/authentik
+authentik_data_dir: "{{ authentik_home }}/data"
+authentik_media_dir: "{{ authentik_home }}/media"
+
+# Container configuration
+authentik_version: "latest"
+authentik_image: "ghcr.io/goauthentik/authentik"
+
+# Service management
+authentik_service_enabled: true
+authentik_service_state: "started"
+
+# =================================================================
+# Database Configuration (Self-managed)
+# =================================================================
+
+authentik_db_name: "authentik"
+authentik_db_user: "authentik"
+authentik_db_password: "{{ vault_authentik_db_password }}"
+
+# =================================================================
+# Cache Configuration (Self-managed) 
+# =================================================================
+
+authentik_valkey_db: 1  # Use database 1 for Authentik
+
+# =================================================================
+# Network Configuration
+# =================================================================
+
+authentik_domain: "auth.jnss.me"
+authentik_http_port: 9000
+authentik_https_port: 9443
+authentik_bind_address: "127.0.0.1"
+
+# =================================================================
+# Authentik Core Configuration
+# =================================================================
+
+authentik_secret_key: "{{ vault_authentik_secret_key }}"
+authentik_log_level: "info"
+authentik_error_reporting: false
+
+# =================================================================
+# Email Configuration (Optional)
+# =================================================================
+
+authentik_email_enabled: false
+authentik_email_host: ""
+authentik_email_port: 587
+authentik_email_username: ""
+authentik_email_password: "{{ vault_authentik_email_password | default('') }}"
+authentik_email_tls: true
+authentik_email_from: "authentik@{{ authentik_domain }}"
+
+# =================================================================
+# Security Configuration
+# =================================================================
+
+# Default admin user (created during deployment)
+authentik_default_admin_email: "admin@{{ authentik_domain }}"
+authentik_default_admin_password: "{{ vault_authentik_admin_password }}"
+
+# =================================================================
+# Podman Pod Configuration
+# =================================================================
+
+# Pod service name is simply "authentik" (generated from authentik.pod)
+authentik_container_server_name: "authentik-server"
+authentik_container_worker_name: "authentik-worker"
+
+# Quadlet service directories (USER SCOPE)
+authentik_quadlet_dir: "{{ authentik_user_quadlet_dir }}"
+authentik_user_quadlet_dir: "{{ authentik_home }}/.config/containers/systemd"
+
+# User session variables (set dynamically during deployment)
+authentik_uid: ""
+
+# =================================================================
+# Caddy Integration
+# =================================================================
+
+# Caddy configuration (assumes caddy role provides these variables)
+caddy_sites_enabled_dir: "/etc/caddy/sites-enabled"
+caddy_log_dir: "/var/log/caddy"
+caddy_user: "caddy"
+
+# =================================================================
+# Infrastructure Dependencies (Read-only)
+# =================================================================
+
+# PostgreSQL socket configuration (managed by postgresql role)
+postgresql_unix_socket_directories: "/var/run/postgresql"
+
+# Valkey socket configuration (managed by valkey role)  
+valkey_unix_socket_path: "/var/run/valkey/valkey.sock"
+valkey_password: "{{ vault_valkey_password }}"