91 lines
No EOL
2.5 KiB
YAML
91 lines
No EOL
2.5 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# tasks file for authentik
|
|
|
|
- name: Create docker compose directory
|
|
file:
|
|
path: "{{ authentik_docker_compose_dir }}"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create authentik data directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/data"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create authentik certs directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/certs"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create authentik templates directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/templates"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create postgres data directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/postgresql"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create blueprints directory
|
|
file:
|
|
path: "{{ authentik_docker_volume_dir }}/blueprints"
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create docker-compose file for authentik
|
|
template:
|
|
src: docker-compose.yml.j2
|
|
dest: "{{ authentik_docker_compose_dir }}/docker-compose.yml"
|
|
mode: '0644'
|
|
|
|
- name: Start authentik containers
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ authentik_docker_compose_dir }}"
|
|
state: present
|
|
wait: true
|
|
wait_timeout: 300
|
|
|
|
- name: Render blueprints
|
|
import_tasks: blueprints.yml
|
|
|
|
- name: Render blueprint wait script
|
|
template:
|
|
src: wait-for-blueprints.py.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/data/wait-for-blueprints.py"
|
|
mode: '0644'
|
|
|
|
- name: Wait for custom blueprints to be applied
|
|
community.docker.docker_compose_v2_exec:
|
|
project_src: "{{ authentik_docker_compose_dir }}"
|
|
service: server
|
|
command: ak shell -c "exec(open('/data/wait-for-blueprints.py').read())"
|
|
register: blueprint_wait_result
|
|
changed_when: "'changed' in blueprint_wait_result.stdout"
|
|
retries: 30
|
|
delay: 10
|
|
until: blueprint_wait_result.rc == 0
|
|
|
|
- name: Render LDAP outpost token script
|
|
template:
|
|
src: set-outpost-token.py.j2
|
|
dest: "{{ authentik_docker_volume_dir }}/data/set-outpost-token.py"
|
|
mode: '0644'
|
|
when: authentik_ldap_outpost.name is defined
|
|
|
|
- name: Set known token for LDAP outpost
|
|
community.docker.docker_compose_v2_exec:
|
|
project_src: "{{ authentik_docker_compose_dir }}"
|
|
service: server
|
|
command: ak shell -c "exec(open('/data/set-outpost-token.py').read())"
|
|
register: ldap_token_result
|
|
changed_when: "'changed' in ldap_token_result.stdout"
|
|
retries: 30
|
|
delay: 10
|
|
until: ldap_token_result.rc == 0
|
|
when: authentik_ldap_outpost.name is defined |