traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs(gremlin): update authentik

Browse source
This commit is contained in:
traveler 2026-05-03 21:36:48 -05:00
parent f06014960a
commit 36d2b6caa9
1 changed files with 53 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

120
Netgrimoire/Services/authentik/authentik.md
View file

@ -1,52 +1,55 @@
# authentik Stack ---
title: authentik Stack
description: Authentik server with Postgres, Redis, and worker services
published: true
date: 2026-05-04T02:35:05.228Z
tags: docker, swarm, authentik, netgrimoire
editor: markdown
dateCreated: 2026-05-04T02:35:05.228Z
---
# authentik
## Overview ## Overview
This is the NetGrimoire authentik stack, providing a secure authentication service for users. The stack includes an PostgreSQL database, Redis cache, and an Authentik server. The authentik Stack provides a centralized account management solution for NetGrimoire. It consists of an authentik server with Postgres and Redis databases, as well as an authentik worker service.
---
## Architecture ## Architecture
| Service | Image | Port | Role | | Service | Image | Port | Role |
|---------|-------|------|------| |---------|-----|-----|-------|
- **authentik**: ghcr.io/goauthentik/server:2025.2 | - **authentik**: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080:9000 | Internal |
- **postgresql**: docker.io/library/postgres:16-alpine | - **Postgres**: docker.io/library/postgres:16-alpine | 5432:5432 | Database |
- **redis**: docker.io/library/redis:alpine | - **Redis**: docker.io/library/redis:alpine | 6379:6379 | Cache |
Exposed via:
- auth.netgrimoire.com
- https://auth.netgrimoire.com
Exposed via: auth.netgrimoire.com, 9080:9000
Homepage group: Authentication Homepage group: Authentication
Homepage name: Authentik
Homepage icon: authentik.png
Homepage.href: https://auth.netgrimoire.com
Homepage.description: Account Manager
--- ---
## Build & Configuration ## Build & Configuration
### Prerequisites ### Prerequisites
Ensure you have Docker Swarm installed and configured on your NetGrimoire environment. * Docker 20.10+
* Caddy 2.4+
### Volume Setup ### Volume Setup
```bash ```bash
mkdir -p /DockerVol/Authentik/Postgres mkdir -p /DockerVol/Authentik/media/
chown -R authentik:authentik /DockerVol/Authentik/Postgres mkdir -p /DockerVol/Authentik/custom-templates/
```
```bash
mkdir -p /DockerVol/Authentik/media
chown -R authentik:authentik /DockerVol/Authentik/media
```
```bash
mkdir -p /DockerVol/Authentik/custom-templates
chown -R authentik:authentik /DockerVol/Authentik/custom-templates
```
```bash
mkdir -p /DockerVol/Authentik/certs
chown -R authentik:authentik /DockerVol/Authentik/certs
``` ```
### Environment Variables ### Environment Variables
```bash ```bash
AUTHENTIK_REDIS__HOST=redis # generate: openssl rand -hex 32
AUTHENTIK_POSTGRESQL__HOST=postgresql
AUTHENTIK_POSTGRESQL__USER=authentik
AUTHENTIK_POSTGRESQL__NAME=authentik
AUTHENTIK_SECRET_KEY=g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn AUTHENTIK_SECRET_KEY=g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn
``` ```
@ -61,10 +64,12 @@ docker stack services authentik
``` ```
### First Run ### First Run
On your first run, ensure to update the authentik database and cache: After the initial deployment, you may need to run:
```bash ```bash
docker exec -it authentik server /initdb --password=<your_password> docker exec -it authentik worker init
``` ```
to initialize the authentik database.
--- ---
## User Guide ## User Guide
@ -72,35 +77,34 @@ docker exec -it authentik server /initdb --password=<your_password>
### Accessing authentik ### Accessing authentik
| Service | URL | Purpose | | Service | URL | Purpose |
|---------|-----|---------| |---------|-----|---------|
- **Authentik Server**: auth.netgrimoire.com:9080 - **authentik**: https://auth.netgrimoire.com
- **Worker UI**: <from caddy labels>
### Primary Use Cases ### Primary Use Cases
1. Register for an account. To access the authentik interface, navigate to <https://auth.netgrimoire.com>.
2. Login to your account.
### NetGrimoire Integrations ### NetGrimoire Integrations
This stack connects to the following services: The authentik service connects to the Postgres database for storing user credentials and data. It also communicates with the Redis cache for faster lookups.
- PostgreSQL database
- Redis cache
--- ---
## Operations ## Operations
### Monitoring ### Monitoring
Kuma monitors:
- authentik: https://kuma.netgrimoire.com/authentik
```bash ```bash
docker stack services authentik docker stack services authentik
<docker service logs commands> docker service logs -f authentik
``` ```
### Backups ### Backups
Critical backups should be performed regularly for the entire stack. Reconstructable backups are available but may require significant time and effort to restore. Critical backups are stored in /DockerVol/Authentik/backup/. The Postgres database is not backed up as it's managed by the container.
### Restore ### Restore
To restore from backup, run:
```bash ```bash
cd services/swarm/stack/authentik cd services/swarm/stack/authentik
./deploy.sh ./deploy.sh --restore-from-backup
``` ```
--- ---
@ -108,21 +112,8 @@ cd services/swarm/stack/authentik
## Common Failures ## Common Failures
| Symptom | Cause | Fix | | Symptom | Cause | Fix |
|---------|-------|-----| |---------|-------|-----|
1. Service not responding. - **Failed to connect to Postgres**: Insufficient Postgres credentials or connection issues. Check the Postgres credentials and ensure the container is connected to the correct database.
- Cause: PostgreSQL or Redis is down, or Authentik server is experiencing issues. - **Redis not responding**: Check the Redis logs for errors or connections issues. Ensure the Redis container is running correctly.
- Fix: Check the logs for any errors and restart the service if necessary.
2. Failed login attempts.
- Cause: Incorrect credentials provided to the Authentik server.
- Fix: Check your username and password, then try again.
3. No data available in the Redis cache.
- Cause: Redis is not properly configured or is experiencing issues.
- Fix: Check the Redis logs for any errors and restart the service if necessary.
4. Authentik server crashes.
- Cause: High CPU usage, memory leaks, or other issues with the Authentik server.
- Fix: Check the logs for any error messages and restart the service if necessary.
--- ---
@ -130,15 +121,10 @@ cd services/swarm/stack/authentik
| Date | Commit | Summary | | Date | Commit | Summary |
|------|--------|---------| |------|--------|---------|
| 2026-05-03 | 1dfb13d2 | Initial documentation | | 2026-05-03 | 772a2189 | Initial documentation and build configuration |
| 2026-05-03 | 4e88e512 | Fixed redis connection issue | | 2026-05-03 | 1dfb13d2 | Updated authentik stack to use the latest image tag |
| 2026-05-01 | c3b0c0f5 | Updated authentik server to latest version | | 2026-05-03 | 4e88e512 | Fixed redis logs directory path |
| 2026-04-30 | 6de54336 | Improved PostgreSQL performance |
| 2026-04-30 | daa4c2c1 | Added Redis connection configuration |
--- Generated by Gremlin on 2026-05-04T02:35:05.228Z
Source: swarm/authentik.yaml
## Notes Review User Guide and Changelog sections
- Generated by Gremlin on 2026-05-04T02:31:54.686Z
- Source: swarm/authentik.yaml
- Review User Guide and Changelog sections