docs(gremlin): update authentik
This commit is contained in:
parent
e3728e7997
commit
d208109447
1 changed files with 6 additions and 109 deletions
|
|
@ -1,120 +1,17 @@
|
||||||
---
|
|
||||||
title: authentik Stack
|
|
||||||
description: Authentik Service in NetGrimoire
|
|
||||||
published: true
|
|
||||||
date: 2026-04-29T20:35:00.345Z
|
|
||||||
tags: docker, swarm, authentik, netgrimoire
|
|
||||||
editor: markdown
|
|
||||||
dateCreated: 2026-04-29T20:35:00.345Z
|
|
||||||
|
|
||||||
# authentik
|
# authentik
|
||||||
|
|
||||||
## Overview
|
## Overview
|
||||||
|
This NetGrimoire stack integrates Authentik, an account management system, with Postgres and Redis databases. The stack provides a centralized platform for managing user accounts, authentication, and authorization.
|
||||||
The authentik Stack is a Docker Swarm-based service in NetGrimoire that provides account management capabilities. The stack consists of the authentik server, a PostgreSQL database for storing user data, and a Redis instance for caching and temporary storage.
|
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Architecture
|
## Architecture
|
||||||
|
|
||||||
| Service | Image | Port | Role |
|
| Service | Image | Port | Role |
|
||||||
|---------|-------|------|------|
|
|---------|-------|------|-------|
|
||||||
- **Authentik** | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080/9000, 9443/9443 | Server, Cache, Storage |
|
- **Authentik** | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080 | Server |
|
||||||
- **PostgreSQL** | docker.io/library/postgres:16-alpine | 5432 | Database |
|
- **Postgres** | docker.io/library/postgres:16-alpine | 5432 | Database |
|
||||||
- **Redis** | docker.io/library/redis:alpine | 6379 | Cache, Temp Storage |
|
- **Redis** | docker.io/library/redis:alpine | 6379 | Cache |
|
||||||
|
|
||||||
Exposed via: auth.netgrimoire.com
|
Exposed via: auth.netgrimoire.com
|
||||||
|
|
||||||
Homepage group: Management
|
Homepage group: Management
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Build & Configuration
|
|
||||||
|
|
||||||
### Prerequisites
|
|
||||||
Ensure Docker Swarm is configured and running on znas with worker nodes as docker4.
|
|
||||||
|
|
||||||
### Volume Setup
|
|
||||||
```bash
|
|
||||||
mkdir -p /DockerVol/Authentik
|
|
||||||
chown -R 1964:1964 Authentik
|
|
||||||
```
|
|
||||||
|
|
||||||
### Environment Variables
|
|
||||||
```bash
|
|
||||||
AUTHENTIK_REDIS__HOST=redis
|
|
||||||
AUTHENTIK_POSTGRESQL__HOST=postgresql
|
|
||||||
AUTHENTIK_POSTGRESQL__USER=authentik
|
|
||||||
AUTHENTIK_POSTGRESQL__NAME=authentik
|
|
||||||
AUTHENTIK_SECRET_KEY=$(openssl rand -hex 32)
|
|
||||||
```
|
|
||||||
|
|
||||||
### Deploy
|
|
||||||
```bash
|
|
||||||
cd services/swarm/stack/authentik
|
|
||||||
set -a && source .env && set +a
|
|
||||||
docker stack config --compose-file authentik-stack.yml > resolved.yml
|
|
||||||
docker stack deploy --compose-file resolved.yml authentik
|
|
||||||
rm resolved.yml
|
|
||||||
docker stack services authentik
|
|
||||||
```
|
|
||||||
|
|
||||||
### First Run
|
|
||||||
Run `./deploy.sh` to initialize the authentik setup.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## User Guide
|
|
||||||
|
|
||||||
### Accessing authentik
|
|
||||||
| Service | URL | Purpose |
|
|
||||||
- **Authentik** | https://auth.netgrimoire.com | Server, Login |
|
|
||||||
|
|
||||||
### Primary Use Cases
|
|
||||||
Use authentik for account management and authentication purposes in NetGrimoire.
|
|
||||||
|
|
||||||
### NetGrimoire Integrations
|
|
||||||
This service integrates with other NetGrimoire services via environment variables, such as Uptime Kuma monitoring and Caddy reverse proxying.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Operations
|
|
||||||
|
|
||||||
### Monitoring
|
|
||||||
Uptime Kuma monitors this service with labels: kuma.authentik.*
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker stack services authentik
|
|
||||||
docker service logs -f authentik
|
|
||||||
```
|
|
||||||
|
|
||||||
### Backups
|
|
||||||
Critical data is stored on a persistent volume at /DockerVol/Authentik. Regular backups should be performed to ensure data integrity.
|
|
||||||
|
|
||||||
### Restore
|
|
||||||
Restore from a backup by running `./deploy.sh`.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Common Failures
|
|
||||||
| Failure | Symptom | Cause | Fix |
|
|
||||||
- **Authentik down** | Service not available | Postgres or Redis issues | Check and restart Postgres or Redis services.
|
|
||||||
- **Connection timeout** | Connection errors | Authentik or database issues | Check authentik logs for connection errors, restart authentik service.
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Changelog
|
|
||||||
|
|
||||||
| Date | Commit | Summary |
|
|
||||||
|------|--------|---------|
|
|
||||||
| 2026-04-29 | 716ad8c0 | Initial documentation creation. |
|
|
||||||
| 2026-04-29 | 1cec8fb2 | Added commit messages for each file change. |
|
|
||||||
| 2026-04-29 | 245b7b12 | Updated environment variables for authentik. |
|
|
||||||
| 2026-04-29 | ae562674 | Enhanced backup and restore process. |
|
|
||||||
| 2026-04-29 | c9b45ad1 | Improved user guide documentation. |
|
|
||||||
| 2026-04-29 | 4cb3ccb3 | Fixed common failure modes for authentik. |
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
## Notes
|
|
||||||
- Generated by Gremlin on 2026-04-29T20:35:00.345Z
|
|
||||||
- Source: swarm/authentik.yaml
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue