From 53656e3a5d6a110051022f8474a3baf35f2f7f0d Mon Sep 17 00:00:00 2001 From: traveler Date: Wed, 29 Apr 2026 21:17:12 -0500 Subject: [PATCH] docs(gremlin): update authentik --- Netgrimoire/Services/authentik/authentik.md | 83 +++++++++++---------- 1 file changed, 45 insertions(+), 38 deletions(-) diff --git a/Netgrimoire/Services/authentik/authentik.md b/Netgrimoire/Services/authentik/authentik.md index b13a57c..10a884d 100644 --- a/Netgrimoire/Services/authentik/authentik.md +++ b/Netgrimoire/Services/authentik/authentik.md @@ -1,47 +1,49 @@ --- title: authentik Stack -description: Authentik service stack for NetGrimoire +description: Authentik server stack documentation for NetGrimoire published: true -date: 2026-04-29T20:39:03.106Z -tags: docker, swarm, authentik, netgrimoire +date: 2026-04-30T02:14:28.848Z +tags: docker,swarm,authentik,netgrimoire editor: markdown -dateCreated: 2026-04-29T20:39:03.106Z ---- +dateCreated: 2026-04-30T02:14:28.848Z # authentik ## Overview -The authentik stack is a Docker Swarm-based service stack for NetGrimoire that provides authentication and authorization capabilities. The stack consists of three services: postgresql, redis, and authentik. +The authentik stack is a Docker Swarm configuration for the Authentik server, which provides an Identity and Access Management (IAM) solution in NetGrimoire. The stack consists of three services: postgresql, redis, and authentik. ## Architecture -| Service | Image | Port | Role | -|---------|-----|-----|-------| -| postgresql | docker.io/library/postgres:16-alpine | 5432 | Database | -| redis | docker.io/library/redis:alpine | 6379 | Cache | -| authentik | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9000, 9443 | Server | -- **Host:** docker4 -- **Network:** netgrimoire -- **Exposed via:** auth.netgrimoire.com -- **Homepage group:** Management +| Service | Image | Port | Role | +|---------|-------|-----|------| +- **Postgres**: docker.io/library/postgres:16-alpine | 5432 | Database | +- **Redis**: docker.io/library/redis:alpine | 6379 | Cache | +- **Authentik**: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080, 9443 | Server | + +Exposed via: auth.netgrimoire.com + +Homepage group: Management --- ## Build & Configuration - ### Prerequisites -No specific prerequisites are required for this stack. +None specified. ### Volume Setup ```bash -mkdir -p /DockerVol/Authentik/ -chown -R 1964:1964 Authentik/ +mkdir -p /DockerVol/Authentik +chown -R user:group /DockerVol/Authentik ``` ### Environment Variables ```bash -# generate: openssl rand -hex 32 -AUTHENTIK_SECRET_KEY=g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn +AUTHENTIK_REDIS__HOST: redis +AUTHENTIK_POSTGRESQL__HOST: postgresql +AUTHENTIK_POSTGRESQL__USER: authentik +AUTHENTIK_POSTGRESQL__NAME: authentik +AUTHENTIK_POSTGRESQL__PASSWORD: F@lcon13 +AUTHENTIK_SECRET_KEY: g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn ``` ### Deploy @@ -55,7 +57,10 @@ docker stack services authentik ``` ### First Run -Run `docker-compose up` to start the authentik services. +Run the following command to initialize the Authentik database: +```bash +authentik init +``` --- @@ -64,13 +69,13 @@ Run `docker-compose up` to start the authentik services. ### Accessing authentik | Service | URL | Purpose | |---------|-----|---------| -| authentik | https://auth.netgrimoire.com | Server | +- **Authentik**: https://auth.netgrimoire.com | IAM Management | ### Primary Use Cases -To use authentik in NetGrimoire, access the admin dashboard at `https://auth.netgrimoire.com` and log in with the default credentials (username: admin, password: password). +To use Authentik, navigate to the authentik URL and follow the in-app instructions. ### NetGrimoire Integrations -The authentik service connects to other NetGrimoire services via environment variables. +This service connects to the Postgres and Redis services for data storage and caching. --- @@ -79,14 +84,15 @@ The authentik service connects to other NetGrimoire services via environment var ### Monitoring ```bash docker stack services authentik -docker service logs authentik +docker service logs -f authentik ``` ### Backups -Critical backups are required for the database. Restore from `/DockerVol/Authentik/Postgres/` and `./backup.sql`. +Critical: `/DockerVol/Authentik/Postgres` contains backup data. Reconstructable: `/DockerVol/Authentik/custom-templates`. ### Restore ```bash +cd services/swarm/stack/authentik ./deploy.sh ``` @@ -95,8 +101,9 @@ Critical backups are required for the database. Restore from `/DockerVol/Authent ## Common Failures | Symptom | Cause | Fix | |---------|-------|-----| -| Service not available | No network connection | Check network configuration | -| Database corruption | Failed backup restore | Re-run backup script | +- Service not available | Redis not running | Check redis logs and restart the service. | +- PostgreSQL errors | Postgres configuration issues | Review and adjust Postgres environment variables. | +- Authentication failures | Authentik configuration issues | Check authentik logs and adjust configuration as needed. --- @@ -104,13 +111,13 @@ Critical backups are required for the database. Restore from `/DockerVol/Authent | Date | Commit | Summary | |------|--------|---------| -| 2026-04-29 | 587b3d0c | Initial documentation creation | -| 2026-04-29 | 1aced84d | Updated authentik-stack.yml with new configuration | -| 2026-04-29 | 6bfd079d | Fixed authentik-server image version | -| 2026-04-29 | 716ad8c0 | Added environment variable for secret key generation | -| 2026-04-29 | 1cec8fb2 | Updated Docker stack deployment script | -| 2026-04-29 | 245b7b12 | Fixed authentik-server logging configuration | +| 2026-04-29 | ... | Initial documentation | -Generated by Gremlin on 2026-04-29T20:39:03.106Z -Source: swarm/authentik.yaml -Review User Guide and Changelog sections \ No newline at end of file + + +--- + +## Notes +- Generated by Gremlin on 2026-04-30T02:14:28.848Z +- Source: swarm/authentik.yaml +- Review User Guide and Changelog sections \ No newline at end of file