Digitalboard/digitalboard.core
5
2
Fork 0
Code Pull requests Releases Packages Activity Actions

feat: add ability to provision outposts using blueprints

Browse source
This commit is contained in:
Bert-Jan Fikse 2026-01-14 14:31:22 +01:00
parent 438a41356a
commit 0106e8801f
Signed by: bert-jan
GPG key ID: C1E0AB516AC16D1A
3 changed files with 48 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
roles/authentik/defaults/main.yml
View file

@ -45,6 +45,18 @@ authentik_proxy_apps: []
# authorization_slug: default-provider-authorization-implicit-consent # authorization_slug: default-provider-authorization-implicit-consent
# invalidation_slug: default-provider-invalidation-flow # invalidation_slug: default-provider-invalidation-flow
authentik_proxy_outposts: []
# - name: "proxy-main"
# type: "proxy"
# service_connection: null
# providers:
# - whoami
# - nextcloud-proxy
# config:
# authentik_host: "https://authentik.local.test/"
# authentik_host_browser: "https://authentik.local.test/"
# log_level: "info"
authentik_oidc_apps: [] authentik_oidc_apps: []
# - slug: grafana # - slug: grafana
# name: Grafana # name: Grafana

9
roles/authentik/tasks/main.yml
View file

@ -54,6 +54,14 @@
loop: "{{ authentik_proxy_apps }}" loop: "{{ authentik_proxy_apps }}"
register: proxy_templates register: proxy_templates
- name: Render outpost blueprints
template:
src: blueprints/outpost-proxy.yaml.j2
dest: "{{ authentik_docker_volume_dir }}/blueprints/30-outpost-{{ item.name }}.yaml"
mode: "0644"
loop: "{{ authentik_proxy_outposts }}"
register: outpost_bp
- name: Create docker-compose file for authentik - name: Create docker-compose file for authentik
template: template:
src: docker-compose.yml.j2 src: docker-compose.yml.j2
@ -69,5 +77,6 @@
( (
(oidc_templates is defined and (oidc_templates.results | selectattr('changed') | list | length > 0)) (oidc_templates is defined and (oidc_templates.results | selectattr('changed') | list | length > 0))
or (proxy_templates is defined and (proxy_templates.results | selectattr('changed') | list | length > 0)) or (proxy_templates is defined and (proxy_templates.results | selectattr('changed') | list | length > 0))
or (outpost_bp is defined and (outpost_bp.results | selectattr('changed') | list | length > 0))
) | ternary('always','auto') ) | ternary('always','auto')
}} }}

27
roles/authentik/templates/blueprints/outpost-proxy.yaml.j2 Normal file
View file

@ -0,0 +1,27 @@
# yaml-language-server: $schema=https://goauthentik.io/blueprints/schema.json
version: 1
metadata:
name: "outpost-{{ item.name }}"
labels:
blueprints.goauthentik.io/instantiate: "true"
entries:
- model: authentik_outposts.outpost
identifiers:
name: "{{ item.name }}"
attrs:
name: "{{ item.name }}"
type: {{ item.type | default('proxy') }}
service_connection: {{ item.service_connection | default('null') }}
providers:
{% for p in item.providers %}
- !Find [authentik_providers_proxy.proxyprovider, [name, {{ p }}]]
{% endfor %}
{% if item.config is defined %}
config:
{% for k, v in item.config.items() %}
{{ k }}: {{ v | tojson }}
{% endfor %}
{% endif %}