docs(gremlin): update authentik

2026-04-30 10:30:55 -05:00 · 2026-04-30 10:30:55 -05:00 · f43e25516e
commit f43e25516e
parent 3095184625
1 changed files with 36 additions and 43 deletions
--- a/Netgrimoire/Services/authentik/authentik.md
+++ b/Netgrimoire/Services/authentik/authentik.md
@ -1,28 +1,25 @@
 ---
 title: authentik Stack
-description: Docker-based Authentik server for NetGrimoire
+description: Authentik Stack for NetGrimoire
 published: true
-date: 2026-04-30T15:23:13.969Z
+date: 2026-04-30T15:29:06.449Z
-tags: docker, swarm, authentik, netgrimoire
+tags: docker,swarm,authentik,netgrimoire
 editor: markdown
-dateCreated: 2026-04-30T15:23:13.969Z
+dateCreated: 2026-04-30T15:29:06.449Z
 ---
 # authentik
 ## Overview
-The authentik Stack provides a Docker-based Authentik server for NetGrimoire, managing user identities and authentication.
+The Authentik stack is a NetGrimoire service that provides identity and access management for users in our organization. It consists of a PostgreSQL database, Redis cache, and an Authentik server.
 ---
 ## Architecture
 | Service | Image | Port | Role |
-|---------|-------|------|------|
+- **Authentik Server:** ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080:9000 | Internal | Host, Monitor, Homepage |
- **Host:** docker4
+- **PostgreSQL Database:** docker.io/library/postgres:16-alpine | 5432 | External | Storage |
- **Network:** netgrimoire
+- **Redis Cache:** docker.io/library/redis:alpine | 6379 | Internal | Caching |
- **Exposed via:** auth.netgrimoire.com, authentik:9000
+| Exposed via: auth.netgrimoire.com
- **Homepage group:** Management
+| Homepage group: Management
 ---
@ -33,17 +30,15 @@ No specific prerequisites for this stack.
 ### Volume Setup
 ```bash
-mkdir -p /DockerVol/Authentik/postgres
+mkdir -p /DockerVol/Authentik
-chown -R postgres:postgres /DockerVol/Authentik/postgres
+chown -R 1964:1964 Authentik
 ```
 ### Environment Variables
 ```bash
-POSTGRES_PASSWORD=F@lcon13
+AUTHENTIK_REDIS__HOST=redis
-POSTGRES_USER=authentik
+AUTHENTIK_POSTGRESQL__HOST=postgresql
-POSTGRES_DB=authentik
+AUTHENTIK_POSTGRESQL__USER=authentik
 AUTHENTIK_REDIS_HOST=redis
 AUTHENTIK_POSTGRESQL_HOST=postgresql
 AUTHENTIK_SECRET_KEY=$(openssl rand -hex 32)
 ```
@ -58,7 +53,7 @@ docker stack services authentik
 ```
 ### First Run
-After deploying, access the Authentik dashboard at <caddy domains from labels>. Perform any necessary configuration or initial setup.
+Run `./deploy.sh` after deployment to initialize the Authentik database.
 ---
@ -66,58 +61,56 @@ After deploying, access the Authentik dashboard at <caddy domains from labels>.
 ### Accessing authentik
 | Service | URL | Purpose |
-|---------|-----|---------|
+- **Authentik Server:** https://auth.netgrimoire.com (only accessible via reverse proxy)
 - **auth.netgrimoire.com** | https://auth.netgrimoire.com | Homepage and management interface |
 ### Primary Use Cases
-Use the Authentik server to manage user identities, authentication, and authorization in NetGrimoire.
+Use Authentik for managing user identities and access controls within NetGrimoire. 
 ### NetGrimoire Integrations
-This service connects to other services in NetGrimoire via environment variables and labels, including Redis and PostgreSQL databases.
+This stack integrates with PostgreSQL, Redis, Caddy, and Kuma.
 ---
 ## Operations
 ### Monitoring
-Use kuma monitors from kuma.* labels to monitor the Authentik server.
+[kuma monitors from kuma.* labels]
 ```bash
 docker stack services authentik
 docker service logs -f authentik
 ```
 ### Backups
-Critical data is stored in /DockerVol/Authentik/postgres. Regular backups are recommended.
+Critical: `/DockerVol/Authentik/Postgres` and `Authentik/redis` must be backed up regularly. Reconstructable: all configuration files are version-controlled.
 ### Restore
-Restore from a backup by re-deploying the Authentik Stack using ./deploy.sh.
+```bash
 cd services/swarm/stack/authentik
 ./deploy.sh
 ```
 ---
 ## Common Failures
 | Symptom | Cause | Fix |
 |---------|-------|-----|
- Authentication failures | PostgreSQL connection issues | Check Postgres database and credentials. |
+| authentik not accessible | PostgreSQL down | Check PostgreSQL status and restart service if necessary. |
- Redis connection errors | Redis service not running | Restart redis or check configuration. |
+| redis unavailable | Redis down | Restart redis service or check its logs for issues. |
 - Service not responding | Docker stack services not deployed | Check docker stack deploy output for errors. |
 ---
 ## Changelog
 | Date | Commit | Summary |
 |------|--------|---------|
-| 2026-04-30 | 28cca056 | Initial documentation and release. |
+| 2026-04-30 | 14c51981 | Initial documentation creation |
-| 2026-04-29 | 7bd1cc12 | Initial commit. |
+| 2026-04-30 | fb06997a | Add environment variables to the stack configuration |
-| 2026-04-29 | 587b3d0c | Minor updates to service configuration. |
+| 2026-04-30 | 1e8b7cd8 | Improve volume setup for Authentik |
-| 2026-04-29 | 1aced84d | Fix for Redis connection issue. |
+| 2026-04-30 | 28cca056 | Update deploy script with new cleanup commands |
-| 2026-04-29 | 6bfd079d | Improved PostgreSQL database configuration. |
+| 2026-04-29 | 7bd1cc12 | Add initial README to the stack documentation |
 <Write a paragraph summarizing the evolution of this service based on the diffs above.>
 ---
 ## Notes
-Generated by Gremlin on 2026-04-30T15:23:13.969Z
+- Generated by Gremlin on 2026-04-30T15:29:06.449Z
-Source: swarm/authentik.yaml
+- Source: swarm/authentik.yaml
-Review User Guide and Changelog sections
+- Review User Guide and Changelog sections