99 lines
3.1 KiB
YAML
99 lines
3.1 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# tasks file for authentik
|
|
|
|
- name: Create docker compose directory
|
|
file:
|
|
path: "{{ authentik_docker_compose_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create authentik data directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/data"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create authentik certs directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/certs"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create authentik templates directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/templates"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create postgres data directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/postgresql"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create blueprints directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/blueprints"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Render OIDC blueprints
|
|
ansible.builtin.template:
|
|
src: blueprints/blueprint-oidc-app.yaml.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/blueprints/10-oidc-{{ item.slug }}.yaml"
|
|
mode: "0644"
|
|
loop: "{{ authentik_oidc_apps }}"
|
|
register: oidc_templates
|
|
|
|
- name: Render Proxy blueprints
|
|
ansible.builtin.template:
|
|
src: blueprints/blueprint-proxy-app.yaml.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/blueprints/20-proxy-{{ item.slug }}.yaml"
|
|
mode: "0644"
|
|
loop: "{{ authentik_proxy_apps }}"
|
|
register: proxy_templates
|
|
|
|
- name: Render outpost blueprints
|
|
template:
|
|
src: blueprints/outpost-proxy.yaml.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/blueprints/30-outpost-{{ item.name }}.yaml"
|
|
mode: "0644"
|
|
loop: "{{ authentik_proxy_outposts }}"
|
|
register: outpost_bp
|
|
|
|
- name: Render Entra source blueprints
|
|
ansible.builtin.template:
|
|
src: blueprints/blueprint-source-entra.yaml.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/blueprints/20-source-entra-{{ item.slug }}.yaml"
|
|
mode: "0644"
|
|
loop: "{{ authentik_entra_sources }}"
|
|
register: entra_bp
|
|
|
|
- name: Render login stage sources blueprint
|
|
ansible.builtin.template:
|
|
src: blueprints/blueprint-login-sources.yaml.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/blueprints/21-login-sources.yaml"
|
|
mode: "0644"
|
|
register: login_bp
|
|
|
|
- name: Create docker-compose file for authentik
|
|
template:
|
|
src: docker-compose.yml.j2
|
|
dest: "{{ authentik_docker_compose_dir }}/docker-compose.yml"
|
|
mode: '0644'
|
|
|
|
- name: Start authentik containers
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ authentik_docker_compose_dir }}"
|
|
state: present
|
|
recreate: >-
|
|
{{
|
|
(
|
|
(oidc_templates is defined and (oidc_templates.results | selectattr('changed') | list | length > 0))
|
|
or (proxy_templates is defined and (proxy_templates.results | selectattr('changed') | list | length > 0))
|
|
or (outpost_bp is defined and (outpost_bp.results | selectattr('changed') | list | length > 0))
|
|
or (entra_bp is defined and (entra_bp.results | selectattr('changed') | list | length > 0))
|
|
or (login_bp is defined and login_bp.changed)
|
|
) | ternary('always','auto')
|
|
}}
|