Joakim
0507e3291d
- Change reverse_proxy from https:// to http:// backend - Use authentik_http_port instead of authentik_https_port - Remove unnecessary TLS transport configuration - Remove health check for non-existent endpoint This aligns the Ansible template with the working configuration where authentik only serves HTTP internally and Caddy handles SSL.
Rick's Infra
Arch Linux VPS
Ansible
Infrastructure as code for setting up new instance.
- Security
- SSH
- Firewall
- Fail2ban
- Kernel hardening
- Base packages
- Monitoring/Logging
- Backup
Services
Services are managed by serviced
Caddy
Reverse proxy.
Containers
Containers are managed by rootless Podman.
Documentation
Service Integration
- Service Integration Guide - How to add containerized services with PostgreSQL/Valkey access
Role Documentation
- Authentik Role - Authentication service with Unix socket implementation
- PostgreSQL Role - Database service with Unix socket support
- Valkey Role - Cache service with Unix socket support
- Caddy Role - Reverse proxy and SSL termination
Infrastructure Guides
- Deployment Guide - Complete deployment walkthrough
- Security Hardening - Security configuration and best practices