WIP: Authentik role with Quadlet pod approach - debugging container service generation
- Created authentik.pod file for proper pod definition - Removed superfluous authentik-pod.container file - Updated container templates to reference pod correctly - Issue: Quadlet still reports 'pod authentik is not Quadlet based' - Container services not being generated (only pod service works)
This commit is contained in:
62
roles/authentik/tasks/database.yml
Normal file
62
roles/authentik/tasks/database.yml
Normal file
@@ -0,0 +1,62 @@
|
||||
---
|
||||
# Database setup for Authentik - Self-contained socket permissions
|
||||
|
||||
- name: Add authentik user to postgres group for socket access
|
||||
user:
|
||||
name: "{{ authentik_user }}"
|
||||
groups: postgres
|
||||
append: true
|
||||
|
||||
- name: Ensure authentik can access PostgreSQL socket directory
|
||||
file:
|
||||
path: "{{ postgresql_unix_socket_directories }}"
|
||||
mode: '0770'
|
||||
group: postgres
|
||||
become: true
|
||||
|
||||
- name: Test PostgreSQL socket connectivity
|
||||
postgresql_ping:
|
||||
login_unix_socket: "{{ postgresql_unix_socket_directories }}"
|
||||
login_user: "{{ authentik_user }}"
|
||||
become: true
|
||||
become_user: "{{ authentik_user }}"
|
||||
|
||||
- name: Create Authentik database user via socket
|
||||
postgresql_user:
|
||||
name: "{{ authentik_db_user }}"
|
||||
password: "{{ authentik_db_password }}"
|
||||
login_unix_socket: "{{ postgresql_unix_socket_directories }}"
|
||||
login_user: postgres
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Create Authentik database via socket
|
||||
postgresql_db:
|
||||
name: "{{ authentik_db_name }}"
|
||||
owner: "{{ authentik_db_user }}"
|
||||
login_unix_socket: "{{ postgresql_unix_socket_directories }}"
|
||||
login_user: postgres
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Grant Authentik database privileges
|
||||
postgresql_privs:
|
||||
db: "{{ authentik_db_name }}"
|
||||
privs: ALL
|
||||
type: database
|
||||
role: "{{ authentik_db_user }}"
|
||||
login_unix_socket: "{{ postgresql_unix_socket_directories }}"
|
||||
login_user: postgres
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
- name: Display database setup status
|
||||
debug:
|
||||
msg: |
|
||||
✅ Authentik database setup complete!
|
||||
|
||||
📊 Database: {{ authentik_db_name }}
|
||||
👤 User: {{ authentik_db_user }}
|
||||
🔌 Connection: Unix socket ({{ postgresql_unix_socket_directories }})
|
||||
|
||||
🏗️ Ready for Authentik container deployment
|
||||
Reference in New Issue
Block a user