53 lines
No EOL
1.7 KiB
YAML
53 lines
No EOL
1.7 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# defaults file for authentik
|
|
|
|
# Base directory configuration (inherited from base role or defined here)
|
|
docker_compose_base_dir: /etc/docker/compose
|
|
docker_volume_base_dir: /srv/data
|
|
|
|
# Authentik-specific configuration
|
|
authentik_service_name: authentik
|
|
authentik_docker_compose_dir: "{{ docker_compose_base_dir }}/{{ authentik_service_name }}"
|
|
authentik_docker_volume_dir: "{{ docker_volume_base_dir }}/{{ authentik_service_name }}"
|
|
|
|
# Authentik service configuration
|
|
authentik_domain: "authentik.local.test"
|
|
authentik_image: "ghcr.io/goauthentik/server:2025.12.0"
|
|
authentik_port: 9000
|
|
authentik_secret_key: "changeme-generate-a-random-string"
|
|
|
|
# PostgreSQL configuration
|
|
authentik_postgres_image: "postgres:16-alpine"
|
|
authentik_postgres_db: authentik
|
|
authentik_postgres_user: authentik
|
|
authentik_postgres_password: "changeme"
|
|
|
|
# Traefik configuration
|
|
authentik_traefik_network: "proxy"
|
|
authentik_backend_network: "backend"
|
|
authentik_use_ssl: true
|
|
|
|
# Authentik environment settings
|
|
authentik_log_level: "info"
|
|
authentik_error_reporting_enabled: false
|
|
|
|
# Blueprints
|
|
# OIDC apps to provision
|
|
|
|
authentik_oidc_apps: []
|
|
# - slug: grafana
|
|
# name: Grafana
|
|
# client_id_env: GRAFANA_OIDC_CLIENT_ID
|
|
# client_secret_env: GRAFANA_OIDC_CLIENT_SECRET
|
|
# redirect_uris:
|
|
# - url: "https://grafana.example.com/login/generic_oauth"
|
|
# matching_mode: strict
|
|
# signing_key_name: "authentik Self-signed Certificate"
|
|
# flows:
|
|
# authorization_slug: default-provider-authorization-implicit-consent
|
|
# invalidation_slug: default-provider-invalidation-flow
|
|
# scopes: [openid, email, profile, offline_access]
|
|
authentik_blueprint_env: []
|
|
# GRAFANA_OIDC_CLIENT_ID: "grafana"
|
|
# GRAFANA_OIDC_CLIENT_SECRET: "{{ vault_grafana_oidc_secret }}" |