chore: add authentik outpost deployment

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
2026-04-10 11:20:31 +02:00 · 2026-04-10 11:20:31 +02:00 · 7e008c11b3
commit 7e008c11b3
parent dbcccc090b
2 changed files with 52 additions and 0 deletions
--- a/roles/authentik_outpost_ldap/defaults/main.yml
+++ b/roles/authentik_outpost_ldap/defaults/main.yml
@ -1,3 +1,26 @@
 #SPDX-License-Identifier: MIT-0
 ---
 # defaults file for authentik_outpost_ldap
+
+# Base directory configuration (inherited from base role or defined here)
+docker_compose_base_dir: /etc/docker/compose
+docker_volume_base_dir: /srv/data
+
+# Service configuration
+authentik_outpost_ldap_service_name: authentik-outpost-ldap
+authentik_outpost_ldap_docker_compose_dir: "{{ docker_compose_base_dir }}/{{ authentik_outpost_ldap_service_name }}"
+
+# Container image (must match authentik server version)
+authentik_outpost_ldap_image: "ghcr.io/goauthentik/ldap:2026.2.2"
+
+# Connection to authentik server
+authentik_outpost_ldap_host: "https://authentik.local.test"
+authentik_outpost_ldap_token: "changeme"
+authentik_outpost_ldap_insecure: "true"
+
+# Dedicated network for LDAP clients (nextcloud, opencloud, etc.)
+authentik_outpost_ldap_network: "ldap"
+
+# Extra hosts for DNS resolution within the container
+authentik_outpost_ldap_extra_hosts: []
+# - "authentik.local.test:192.168.56.11"
--- a/roles/authentik_outpost_ldap/tasks/main.yml
+++ b/roles/authentik_outpost_ldap/tasks/main.yml
@ -1,3 +1,32 @@
 #SPDX-License-Identifier: MIT-0
 ---
 # tasks file for authentik_outpost_ldap
+
+- name: Create LDAP network
+  community.docker.docker_network:
+    name: "{{ authentik_outpost_ldap_network }}"
+    state: present
+
+- name: Create docker compose directory
+  file:
+    path: "{{ authentik_outpost_ldap_docker_compose_dir }}"
+    state: directory
+    mode: '0755'
+
+- name: Create docker-compose file for authentik LDAP outpost
+  template:
+    src: docker-compose.yml.j2
+    dest: "{{ authentik_outpost_ldap_docker_compose_dir }}/docker-compose.yml"
+    mode: '0644'
+
+- name: Start authentik LDAP outpost container
+  community.docker.docker_compose_v2:
+    project_src: "{{ authentik_outpost_ldap_docker_compose_dir }}"
+    state: present
+    recreate: always
+    wait: true
+    wait_timeout: 120
+  retries: 3
+  delay: 15
+  register: result
+  until: result is not failed