nix/hosts/marvin/services/authentik.nix

{config, ...}: {
  virtualisation.oci-containers.containers = let
    authentikVersion = "2022.8.2";
  in {
    authentik-db = {
      image = "postgres:12-alpine";
      volumes = [
        "/var/lib/authentik/db:/var/lib/postgresql/data"
      ];
      environmentFiles = [config.age.secrets.authentik-env.path];
      environment = {
        POSTGRES_PASSWORD = "\${PG_PASS}";
        POSTGRES_USER = "authentik";
        POSTGRES_DB = "authentik";
      };
      extraOptions = ["--network=authentik"];
    };
    authentik-redis = {
      image = "redis:alpine";
      extraOptions = ["--network=authentik"];
    };
    authentik-server = {
      image = "ghcr.io/goauthentik/server:${authentikVersion}";
      cmd = ["server"];
      environmentFiles = [config.age.secrets.authentik-env.path];
      environment = {
        AUTHENTIK_REDIS__HOST = "authentik-redis";
        AUTHENTIK_POSTGRESQL__HOST = "authentik-db";
        AUTHENTIK_POSTGRESQL__USER = "authentik";
        AUTHENTIK_POSTGRESQL__NAME = "authentik";
        AUTHENTIK_POSTGRESQL__PASSWORD = "\${PG_PASS}";
        AUTHENTIK_ERROR_REPORTING__ENABLED = "false";
      };
      ports = [
        "6908:9000"
        "6943:9443"
      ];
      volumes = [
        "/var/lib/authentik/media:/media"
        "/var/lib/authentik/templates:/templates"
      ];
      extraOptions = ["--network=authentik"];
    };
    authentik-worker = {
      image = "ghcr.io/goauthentik/server:${authentikVersion}";
      cmd = ["worker"];
      environmentFiles = [config.age.secrets.authentik-env.path];
      environment = {
        AUTHENTIK_REDIS__HOST = "authentik-redis";
        AUTHENTIK_POSTGRESQL__HOST = "authentik-db";
        AUTHENTIK_POSTGRESQL__USER = "authentik";
        AUTHENTIK_POSTGRESQL__NAME = "authentik";
        AUTHENTIK_POSTGRESQL__PASSWORD = "\${PG_PASS}";
        AUTHENTIK_ERROR_REPORTING__ENABLED = "false";
      };
      volumes = [
        "/var/lib/authentik/media:/media"
        "/var/lib/authentik/templates:/templates"
        "/var/lib/authentik/certs:/certs"
      ];
      extraOptions = ["--network=authentik"];
    };
  };
}
marvin: Update secrets 2022-09-12 19:40:24 +00:00			`{config, ...}: {`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`virtualisation.oci-containers.containers = let`
marvin/services: Authentik upgrade - 2022.7.3 -> 2022.8.2 2022-09-07 21:15:44 +00:00			`authentikVersion = "2022.8.2";`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`in {`
			`authentik-db = {`
			`image = "postgres:12-alpine";`
			`volumes = [`
			`"/var/lib/authentik/db:/var/lib/postgresql/data"`
			`];`
marvin: Update secrets 2022-09-12 19:40:24 +00:00			`environmentFiles = [config.age.secrets.authentik-env.path];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`environment = {`
			`POSTGRES_PASSWORD = "\${PG_PASS}";`
			`POSTGRES_USER = "authentik";`
			`POSTGRES_DB = "authentik";`
			`};`
meta: Format tree 2022-10-05 22:17:21 +00:00			`extraOptions = ["--network=authentik"];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`};`
			`authentik-redis = {`
			`image = "redis:alpine";`
meta: Format tree 2022-10-05 22:17:21 +00:00			`extraOptions = ["--network=authentik"];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`};`
			`authentik-server = {`
			`image = "ghcr.io/goauthentik/server:${authentikVersion}";`
			`cmd = ["server"];`
marvin: Update secrets 2022-09-12 19:40:24 +00:00			`environmentFiles = [config.age.secrets.authentik-env.path];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`environment = {`
			`AUTHENTIK_REDIS__HOST = "authentik-redis";`
			`AUTHENTIK_POSTGRESQL__HOST = "authentik-db";`
			`AUTHENTIK_POSTGRESQL__USER = "authentik";`
			`AUTHENTIK_POSTGRESQL__NAME = "authentik";`
			`AUTHENTIK_POSTGRESQL__PASSWORD = "\${PG_PASS}";`
			`AUTHENTIK_ERROR_REPORTING__ENABLED = "false";`
			`};`
			`ports = [`
marvin && prefect: Enable vikunja and update port numbers 2022-08-01 14:39:09 +00:00			`"6908:9000"`
			`"6943:9443"`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`];`
			`volumes = [`
			`"/var/lib/authentik/media:/media"`
			`"/var/lib/authentik/templates:/templates"`
			`];`
meta: Format tree 2022-10-05 22:17:21 +00:00			`extraOptions = ["--network=authentik"];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`};`
			`authentik-worker = {`
			`image = "ghcr.io/goauthentik/server:${authentikVersion}";`
			`cmd = ["worker"];`
marvin: Update secrets 2022-09-12 19:40:24 +00:00			`environmentFiles = [config.age.secrets.authentik-env.path];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`environment = {`
			`AUTHENTIK_REDIS__HOST = "authentik-redis";`
			`AUTHENTIK_POSTGRESQL__HOST = "authentik-db";`
			`AUTHENTIK_POSTGRESQL__USER = "authentik";`
			`AUTHENTIK_POSTGRESQL__NAME = "authentik";`
			`AUTHENTIK_POSTGRESQL__PASSWORD = "\${PG_PASS}";`
			`AUTHENTIK_ERROR_REPORTING__ENABLED = "false";`
			`};`
			`volumes = [`
			`"/var/lib/authentik/media:/media"`
			`"/var/lib/authentik/templates:/templates"`
			`"/var/lib/authentik/certs:/certs"`
			`];`
meta: Format tree 2022-10-05 22:17:21 +00:00			`extraOptions = ["--network=authentik"];`
hosts/marvin: Add Authentik service 2022-07-27 19:47:02 +00:00			`};`
			`};`
			`}`