WIP: Authentik role with Quadlet pod approach - debugging container service generation

- Created authentik.pod file for proper pod definition
- Removed superfluous authentik-pod.container file
- Updated container templates to reference pod correctly
- Issue: Quadlet still reports 'pod authentik is not Quadlet based'
- Container services not being generated (only pod service works)

roles/authentik/templates/authentik.caddy.j2

@@ -0,0 +1,41 @@
+# Authentik Authentication Service
+{{ authentik_domain }} {
+    reverse_proxy https://{{ authentik_bind_address }}:{{ authentik_https_port }} {
+        transport http {
+            tls_insecure_skip_verify
+        }
+        
+        header_up Host {upstream_hostport}
+        header_up X-Real-IP {remote_host}
+        header_up X-Forwarded-Proto https
+        header_up X-Forwarded-For {remote_host}
+        header_up X-Forwarded-Host {host}
+        
+        # Health check
+        health_uri /if/health/live/
+        health_timeout 10s
+        health_interval 30s
+        health_status 200
+    }
+
+    # Security headers
+    header {
+        X-Frame-Options SAMEORIGIN
+        X-Content-Type-Options nosniff
+        X-XSS-Protection "1; mode=block"
+        Referrer-Policy strict-origin-when-cross-origin
+        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+    }
+
+    # Authentik-specific paths
+    handle_path /outpost.goauthentik.io/* {
+        reverse_proxy https://{{ authentik_bind_address }}:{{ authentik_https_port }}
+    }
+    
+    # Logging
+    log {
+        output file {{ caddy_log_dir }}/authentik.log
+        level INFO
+        format json
+    }
+}