47 lines
1.2 KiB
Markdown
47 lines
1.2 KiB
Markdown
|
# Authentik role
|
||
|
|
SSO server
|
||
|
|
|
||
|
|
## Notes
|
||
|
|
- Requires the podman and postgres roles to be enabled on the same host.
|
||
|
|
- The server will be mostly unconfigured.
|
||
|
|
|
||
|
|
## Options
|
||
|
|
### `authentik.domain`
|
||
|
|
The domain used by authentik.
|
||
|
|
|
||
|
|
## Secrets
|
||
|
|
### `authentik/db_pass`
|
||
|
|
The password for the authentik postgres database. This should be the same as
|
||
|
|
`postgres/authentik` on the same host.
|
||
|
|
|
||
|
|
### `authentik/secret_key`
|
||
|
|
The secret key used by authentik. This value can not be changed without data
|
||
|
|
loss and has to be kept secret at all times.
|
||
|
|
|
||
|
|
### `authentik/email_host`
|
||
|
|
The SMTP host for email. This is not necessarily secret, but here to keep all
|
||
|
|
email settings collocated.
|
||
|
|
|
||
|
|
Example: `mail.example.com`
|
||
|
|
|
||
|
|
### `authentik/email_port`
|
||
|
|
The SMTP port for email. This is not necessarily secret, but here to keep all
|
||
|
|
email settings collocated. **Make sure to quote this value!**
|
||
|
|
|
||
|
|
Example: `587`
|
||
|
|
|
||
|
|
### `authentik/email_from`
|
||
|
|
The from address used by authentik. This is not necessarily secret, but here to keep all
|
||
|
|
email settings collocated.
|
||
|
|
|
||
|
|
Example: `git@example.com`
|
||
|
|
|
||
|
|
### `authentik/email_username`
|
||
|
|
The user used by authentik to authenticate to the SMTP server.
|
||
|
|
|
||
|
|
Example: `git@example.com`
|
||
|
|
|
||
|
|
### `authentik/email_password`
|
||
|
|
The password used by authentik to authenticate to the SMTP server.
|
||
|
|
|