ansible/roles/authentik_docker/tasks/main.yml

126 lines
3.2 KiB
YAML
Raw Normal View History

---
- name: "Install dependencies"
ansible.builtin.apt:
pkg:
- docker.io
- name: "Create directory for Authentik with Docker"
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: root
group: root
mode: '0750'
with_items:
- "{{ docker_volumes_dir }}/authentik"
- name: "Create directories for Authentik Docker"
ansible.builtin.file:
path: "{{ item }}"
state: directory
owner: 1000
group: 1000
mode: '0750'
with_items:
- "{{ docker_volumes_dir }}/authentik/media"
- "{{ docker_volumes_dir }}/authentik/custom-templates"
- "{{ docker_volumes_dir }}/authentik/certs"
2023-09-14 09:11:26 +02:00
- name: "Create Redis directory for Authentik with Docker"
ansible.builtin.file:
2023-09-14 09:11:26 +02:00
path: "{{ docker_volumes_dir }}/authentik/redis"
state: directory
owner: 999
group: root
mode: '0750'
2023-09-14 09:11:26 +02:00
- name: "Create Database directory for Authentik with Docker"
ansible.builtin.file:
path: "{{ docker_volumes_dir }}/authentik/database"
state: directory
owner: root
group: root
mode: '0750'
- name: "Template .env files for Authentik with Docker"
ansible.builtin.template:
src: "authentik.env.j2"
dest: "{{ docker_volumes_dir }}/authentik/authentik.env"
force: true
owner: authentik-docker
group: docker
mode: '0660'
notify: restart-authentik-docker
#- name: "Template docker-compose.yml for authentik-docker"
# ansible.builtin.template:
# src: "{{ item }}.j2"
# dest: "/{{ docker_compose_config_dir }}/authentik/{{ item }}"
# force: true
# owner: root
# group: docker
# mode: '0640'
# with_items:
# - docker-compose.yml
# notify: restart-authentik-docker
- name: "Create Docker network authentik_net"
docker_network:
name: authentik_net
- name: "Template systemd units for Authentik with Docker"
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "/etc/systemd/system/{{ item }}"
force: true
owner: root
group: root
mode: '0664'
with_items:
- authentik-server-docker.service
- authentik-worker-docker.service
- authentik-redis-docker.service
- authentik-db-docker.service
register: units
#- name: "Add a user that will run the container"
# ansible.builtin.user:
# name: authentik-docker
# comment: Authentik Docker User
# home: "{{ docker_volumes_dir }}/authentik"
# group: docker
# system: true
#- name: "Template systemd unit file for Authentik with Docker"
# ansible.builtin.template:
# src: "authentik-docker.service.j2"
# dest: "/etc/systemd/system/authentik-docker.service"
# force: true
# owner: root
# group: root
# mode: '0644'
# register: unit
# notify: systemctl-daemon-reload
- name: "Reload systemd units"
ansible.builtin.systemd:
daemon_reload: yes
when: units.changed
- name: "Enable systemd units for Authentik with Docker"
ansible.builtin.systemd:
state: started
enabled: true
name: "{{ item }}"
with_items:
- authentik-db-docker.service
- authentik-redis-docker.service
- authentik-server-docker.service
- authentik-worker-docker.service
#- name: "Enable systemctl service for authentik-docker"
# ansible.builtin.service:
# state: started
# name: "authentik-docker.service"