diff --git a/Netgrimoire/Services/authentik/authentik.md b/Netgrimoire/Services/authentik/authentik.md index 10a884d..6872ba7 100644 --- a/Netgrimoire/Services/authentik/authentik.md +++ b/Netgrimoire/Services/authentik/authentik.md @@ -1,49 +1,50 @@ --- title: authentik Stack -description: Authentik server stack documentation for NetGrimoire +description: Docker-based Authentik server for NetGrimoire published: true -date: 2026-04-30T02:14:28.848Z -tags: docker,swarm,authentik,netgrimoire +date: 2026-04-30T15:23:13.969Z +tags: docker, swarm, authentik, netgrimoire editor: markdown -dateCreated: 2026-04-30T02:14:28.848Z +dateCreated: 2026-04-30T15:23:13.969Z + +--- # authentik ## Overview -The authentik stack is a Docker Swarm configuration for the Authentik server, which provides an Identity and Access Management (IAM) solution in NetGrimoire. The stack consists of three services: postgresql, redis, and authentik. +The authentik Stack provides a Docker-based Authentik server for NetGrimoire, managing user identities and authentication. + +--- ## Architecture - | Service | Image | Port | Role | -|---------|-------|-----|------| -- **Postgres**: docker.io/library/postgres:16-alpine | 5432 | Database | -- **Redis**: docker.io/library/redis:alpine | 6379 | Cache | -- **Authentik**: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080, 9443 | Server | - -Exposed via: auth.netgrimoire.com - -Homepage group: Management +|---------|-------|------|------| +- **Host:** docker4 +- **Network:** netgrimoire +- **Exposed via:** auth.netgrimoire.com, authentik:9000 +- **Homepage group:** Management --- ## Build & Configuration + ### Prerequisites -None specified. +No specific prerequisites for this stack. ### Volume Setup ```bash -mkdir -p /DockerVol/Authentik -chown -R user:group /DockerVol/Authentik +mkdir -p /DockerVol/Authentik/postgres +chown -R postgres:postgres /DockerVol/Authentik/postgres ``` ### Environment Variables ```bash -AUTHENTIK_REDIS__HOST: redis -AUTHENTIK_POSTGRESQL__HOST: postgresql -AUTHENTIK_POSTGRESQL__USER: authentik -AUTHENTIK_POSTGRESQL__NAME: authentik -AUTHENTIK_POSTGRESQL__PASSWORD: F@lcon13 -AUTHENTIK_SECRET_KEY: g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn +POSTGRES_PASSWORD=F@lcon13 +POSTGRES_USER=authentik +POSTGRES_DB=authentik +AUTHENTIK_REDIS_HOST=redis +AUTHENTIK_POSTGRESQL_HOST=postgresql +AUTHENTIK_SECRET_KEY=$(openssl rand -hex 32) ``` ### Deploy @@ -57,10 +58,7 @@ docker stack services authentik ``` ### First Run -Run the following command to initialize the Authentik database: -```bash -authentik init -``` +After deploying, access the Authentik dashboard at . Perform any necessary configuration or initial setup. --- @@ -69,41 +67,39 @@ authentik init ### Accessing authentik | Service | URL | Purpose | |---------|-----|---------| -- **Authentik**: https://auth.netgrimoire.com | IAM Management | +- **auth.netgrimoire.com** | https://auth.netgrimoire.com | Homepage and management interface | ### Primary Use Cases -To use Authentik, navigate to the authentik URL and follow the in-app instructions. +Use the Authentik server to manage user identities, authentication, and authorization in NetGrimoire. ### NetGrimoire Integrations -This service connects to the Postgres and Redis services for data storage and caching. +This service connects to other services in NetGrimoire via environment variables and labels, including Redis and PostgreSQL databases. --- ## Operations ### Monitoring +Use kuma monitors from kuma.* labels to monitor the Authentik server. ```bash docker stack services authentik docker service logs -f authentik ``` ### Backups -Critical: `/DockerVol/Authentik/Postgres` contains backup data. Reconstructable: `/DockerVol/Authentik/custom-templates`. +Critical data is stored in /DockerVol/Authentik/postgres. Regular backups are recommended. ### Restore -```bash -cd services/swarm/stack/authentik -./deploy.sh -``` +Restore from a backup by re-deploying the Authentik Stack using ./deploy.sh. --- ## Common Failures | Symptom | Cause | Fix | |---------|-------|-----| -- Service not available | Redis not running | Check redis logs and restart the service. | -- PostgreSQL errors | Postgres configuration issues | Review and adjust Postgres environment variables. | -- Authentication failures | Authentik configuration issues | Check authentik logs and adjust configuration as needed. +- Authentication failures | PostgreSQL connection issues | Check Postgres database and credentials. | +- Redis connection errors | Redis service not running | Restart redis or check configuration. | +- Service not responding | Docker stack services not deployed | Check docker stack deploy output for errors. | --- @@ -111,13 +107,17 @@ cd services/swarm/stack/authentik | Date | Commit | Summary | |------|--------|---------| -| 2026-04-29 | ... | Initial documentation | +| 2026-04-30 | 28cca056 | Initial documentation and release. | +| 2026-04-29 | 7bd1cc12 | Initial commit. | +| 2026-04-29 | 587b3d0c | Minor updates to service configuration. | +| 2026-04-29 | 1aced84d | Fix for Redis connection issue. | +| 2026-04-29 | 6bfd079d | Improved PostgreSQL database configuration. | - + --- ## Notes -- Generated by Gremlin on 2026-04-30T02:14:28.848Z -- Source: swarm/authentik.yaml -- Review User Guide and Changelog sections \ No newline at end of file +Generated by Gremlin on 2026-04-30T15:23:13.969Z +Source: swarm/authentik.yaml +Review User Guide and Changelog sections \ No newline at end of file