feat: add blueprints for authentik ldap outpost and render values directly instead of using env vars

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
2026-04-10 13:50:32 +02:00 · 2026-04-10 13:50:32 +02:00 · e819770415
commit e819770415
parent d25f1c5304
11 changed files with 312 additions and 53 deletions
--- a/roles/authentik/templates/wait-for-blueprints.py.j2
+++ b/roles/authentik/templates/wait-for-blueprints.py.j2
@ -0,0 +1,20 @@
+from authentik.blueprints.models import BlueprintInstance
+from authentik.blueprints.v1.importer import Importer
+
+failed = list(BlueprintInstance.objects.filter(enabled=True, path__startswith="custom/").exclude(status="successful").order_by("path"))
+if not failed:
+    print("ok")
+else:
+    for bp in failed:
+        content = bp.retrieve()
+        importer = Importer.from_string(content)
+        valid, _ = importer.validate()
+        if valid:
+            importer.apply()
+            bp.status = "successful"
+            bp.save()
+    still_failed = BlueprintInstance.objects.filter(enabled=True, path__startswith="custom/").exclude(status="successful")
+    if still_failed.exists():
+        names = ", ".join(bp.name for bp in still_failed)
+        raise Exception(f"Blueprints still failing: {names}")
+    print("changed")