Initial authentik config.

2023-08-16 06:53:52 +01:00
parent 34f99cefaf
commit a6c09e8b53
1 changed files with 97 additions and 0 deletions
--- a/services/authentik.hcl
+++ b/services/authentik.hcl
@@ -0,0 +1,97 @@
+job "authentik" {
+  datacenters = ["alo"]
+
+  group "auth" {
+    network {
+      port "http" {
+        to = 9000
+      }
+      port "https" {
+        to = 9443
+      }
+    }
+
+    task "server" {
+      driver = "docker"
+
+      config {
+        image = "ghcr.io/goauthentik/server:2023.6.1"
+        ports = [
+          "http",
+          "https"
+        ]
+        command = "server"
+      }
+
+      env {
+        AUTHENTIK_REDIS__HOST = "redis.service.consul"
+        AUTHENTIK_POSTGRESQL__HOST = "postgres.service.consul"
+        AUTHENTIK_POSTGRESQL__NAME = "${var.pg_db}"
+        AUTHENTIK_POSTGRESQL__USER = "${var.pg_user}"
+        AUTHENTIK_POSTGRESQL__PASSWORD = "${var.pg_password}"
+        AUTHENTIK_SECRET_KEY = "${var.secret_key}" 
+        AUTHENTIK_EMAIL__HOST = "192.168.1.1"
+        AUTHENTIK_EMAIL__FROM = "authentik@paler.net"
+      }
+
+      resources {
+        cpu = 2000
+        memory = 1024
+      }
+
+      service {
+        name = "authentik"
+        port = "http"
+        tags = [
+          "traefik.enable=true",
+          "traefik.http.routers.authentik.entryPoints=websecure",
+        ]
+      }
+    }
+
+    task "worker" {
+      driver = "docker"
+
+      config {
+        image = "ghcr.io/goauthentik/server:2023.6.1"
+        command = "worker"
+      }
+
+      env {
+        AUTHENTIK_REDIS__HOST = "redis.service.consul"
+        AUTHENTIK_POSTGRESQL__HOST = "postgres.service.consul"
+        AUTHENTIK_POSTGRESQL__NAME = "${var.pg_db}"
+        AUTHENTIK_POSTGRESQL__USER = "${var.pg_user}"
+        AUTHENTIK_POSTGRESQL__PASSWORD = "${var.pg_password}"
+        AUTHENTIK_SECRET_KEY = "${var.secret_key}" 
+        AUTHENTIK_EMAIL__HOST = "192.168.1.1"
+        AUTHENTIK_EMAIL__FROM = "authentik@paler.net"
+      }
+
+      resources {
+        cpu = 1000
+        memory = 1024
+      }
+    }
+  }
+}
+
+variable "pg_user" {
+  type = string
+  default = "authentik"
+}
+
+variable "pg_password" {
+  type = string
+  default = "aQueiquuo6aiyah5eoch"
+}
+
+variable "pg_db" {
+  type = string
+  default = "authentik"
+}
+
+variable "secret_key" {
+  type = string
+  default = "uUzCYhGV93Z8wKLAScuGFqBskxyzSfG4cz6bnXq6McM67Ho7p9"
+}