From c1bc4b508818a53e86a51be1b41207b9e123bb43 Mon Sep 17 00:00:00 2001 From: traveler Date: Wed, 29 Apr 2026 14:06:48 -0500 Subject: [PATCH] docs(gremlin): create authentik --- Netgrimoire/Services/authentik/authentik.md | 121 ++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 Netgrimoire/Services/authentik/authentik.md diff --git a/Netgrimoire/Services/authentik/authentik.md b/Netgrimoire/Services/authentik/authentik.md new file mode 100644 index 0000000..4ec66d3 --- /dev/null +++ b/Netgrimoire/Services/authentik/authentik.md @@ -0,0 +1,121 @@ +# authentik Stack +description: Self-service identity management for NetGrimoire users + +--- +title: authentik Stack +date: 2026-04-29T19:05:09.746Z +tags: docker,swarm,authentik,netgrimoire +editor: markdown +dateCreated: 2026-04-29T19:05:09.746Z + +--- + +# authentik + +## Overview +The authentik Stack provides a self-service identity management system for NetGrimoire users. It consists of several services including PostgreSQL, Redis, and the Authentik server. + +## Architecture + +| Service | Image | Port | Role | +|- |- |- |- | +| **authentik** | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080:9000, 9443:9443 | Server | +| **postgresql** | docker.io/library/postgres:16-alpine | - | Database | +| **redis** | docker.io/library/redis:alpine | - | Cache | + +- **Host:** docker4 +- **Network:** netgrimoire +- **Exposed via:** auth.netgrimoire.com, internal-only +- **Homepage group:** Management + +--- + +## Build & Configuration + +### Prerequisites +Docker Swarm manager and worker are required to deploy the stack. + +### Volume Setup +```bash +mkdir -p /DockerVol/Authentik/Postgres:/var/lib/postgresql/data +chown -R 1001:1964 /DockerVol/Authentik/ +``` + +### Environment Variables +```bash +# generate: openssl rand -hex 32 +AUTHENTIK_PASSWORD=$(openssl rand -hex 32) +AUTHENTIK_SECRET_KEY=$(openssl rand -hex 32) +``` + +### Deploy +```bash +cd services/swarm/stack/authentik +set -a && source .env && set +a +docker stack config --compose-file authentik-stack.yml > resolved.yml +docker stack deploy --compose-file resolved.yml authentik +rm resolved.yml +docker stack services authentik +``` + +### First Run +After the initial deployment, you need to run `./deploy.sh` to complete the setup. + +--- + +## User Guide + +### Accessing authentik +| Service | URL | Purpose | +|---------|-----|---------| +| **Authentik** | http://auth.netgrimoire.com | Login and manage your identity | +| **PostgreSQL** | - | Database for authentik | + +### Primary Use Cases +To use the authentik Stack, you need to register with the Authentik server. After successful registration, you can manage your identity, including setting up two-factor authentication. + +### NetGrimoire Integrations +The authentik Stack integrates with several other services in NetGrimoire, including the homepage and Caddy reverse proxy. + +--- + +## Operations + +### Monitoring +```bash +docker stack services authentik +docker service logs -f authentik | grep "error" +``` + +### Backups +Critical data is stored on the PostgreSQL database. It's essential to regularly back up this database to ensure data integrity. + +### Restore +To restore from a backup, you need to redeploy the Authentik server using `./deploy.sh`. + +--- + +## Common Failures +| Failure Mode | Symptoms | Cause | Fix | +|- |- |- |- | +| PostgreSQL Crash | Service is down | High load or data corruption | Restart PostgreSQL service | +| Redis Connection Lost | Service is down | Network issue or high load | Restart Redis service | +| Authentik Server Not Starting | No login interface | Configuration issue or database connection problem | Check .env and authentik-stack.yml files | + +--- + +## Changelog + +| Date | Commit | Summary | +|------|--------|---------| +| 2026-04-29 | d4fdcd33 | Initial documentation generation | +| 2026-01-20 | 061ab0c2 | Improved environment variable management | +| 2026-01-18 | 563baf2f | Fixed Authentik server startup issue | +| 2026-01-10 | 1a374911 | Updated service labels and documentation | + +--- + +## Notes +- Generated by Gremlin on 2026-04-29T19:05:09.746Z +- Source: swarm/authentik.yaml +- Review User Guide and Changelog sections \ No newline at end of file