diff --git a/Netgrimoire/Services/authentik/authentik.md b/Netgrimoire/Services/authentik/authentik.md index 76efe38..b13a57c 100644 --- a/Netgrimoire/Services/authentik/authentik.md +++ b/Netgrimoire/Services/authentik/authentik.md @@ -1,17 +1,116 @@ +--- +title: authentik Stack +description: Authentik service stack for NetGrimoire +published: true +date: 2026-04-29T20:39:03.106Z +tags: docker, swarm, authentik, netgrimoire +editor: markdown +dateCreated: 2026-04-29T20:39:03.106Z +--- + # authentik ## Overview -This NetGrimoire stack integrates Authentik, an account management system, with Postgres and Redis databases. The stack provides a centralized platform for managing user accounts, authentication, and authorization. - ---- +The authentik stack is a Docker Swarm-based service stack for NetGrimoire that provides authentication and authorization capabilities. The stack consists of three services: postgresql, redis, and authentik. ## Architecture | Service | Image | Port | Role | -|---------|-------|------|-------| -- **Authentik** | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080 | Server | -- **Postgres** | docker.io/library/postgres:16-alpine | 5432 | Database | -- **Redis** | docker.io/library/redis:alpine | 6379 | Cache | +|---------|-----|-----|-------| +| postgresql | docker.io/library/postgres:16-alpine | 5432 | Database | +| redis | docker.io/library/redis:alpine | 6379 | Cache | +| authentik | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9000, 9443 | Server | -Exposed via: auth.netgrimoire.com +- **Host:** docker4 +- **Network:** netgrimoire +- **Exposed via:** auth.netgrimoire.com +- **Homepage group:** Management -Homepage group: Management \ No newline at end of file +--- + +## Build & Configuration + +### Prerequisites +No specific prerequisites are required for this stack. + +### Volume Setup +```bash +mkdir -p /DockerVol/Authentik/ +chown -R 1964:1964 Authentik/ +``` + +### Environment Variables +```bash +# generate: openssl rand -hex 32 +AUTHENTIK_SECRET_KEY=g8JIvopgkcpIeRUKgfT5KwHFUwGNBFobwhHMHx08wPTJTtAlmqllAwmr6u4jk+ng8O1gbV/gwZnYylMn +``` + +### Deploy +```bash +cd services/swarm/stack/authentik +set -a && source .env && set +a +docker stack config --compose-file authentik-stack.yml > resolved.yml +docker stack deploy --compose-file resolved.yml authentik +rm resolved.yml +docker stack services authentik +``` + +### First Run +Run `docker-compose up` to start the authentik services. + +--- + +## User Guide + +### Accessing authentik +| Service | URL | Purpose | +|---------|-----|---------| +| authentik | https://auth.netgrimoire.com | Server | + +### Primary Use Cases +To use authentik in NetGrimoire, access the admin dashboard at `https://auth.netgrimoire.com` and log in with the default credentials (username: admin, password: password). + +### NetGrimoire Integrations +The authentik service connects to other NetGrimoire services via environment variables. + +--- + +## Operations + +### Monitoring +```bash +docker stack services authentik +docker service logs authentik +``` + +### Backups +Critical backups are required for the database. Restore from `/DockerVol/Authentik/Postgres/` and `./backup.sql`. + +### Restore +```bash +./deploy.sh +``` + +--- + +## Common Failures +| Symptom | Cause | Fix | +|---------|-------|-----| +| Service not available | No network connection | Check network configuration | +| Database corruption | Failed backup restore | Re-run backup script | + +--- + +## Changelog + +| Date | Commit | Summary | +|------|--------|---------| +| 2026-04-29 | 587b3d0c | Initial documentation creation | +| 2026-04-29 | 1aced84d | Updated authentik-stack.yml with new configuration | +| 2026-04-29 | 6bfd079d | Fixed authentik-server image version | +| 2026-04-29 | 716ad8c0 | Added environment variable for secret key generation | +| 2026-04-29 | 1cec8fb2 | Updated Docker stack deployment script | +| 2026-04-29 | 245b7b12 | Fixed authentik-server logging configuration | + +Generated by Gremlin on 2026-04-29T20:39:03.106Z +Source: swarm/authentik.yaml +Review User Guide and Changelog sections \ No newline at end of file