ansible/roles/authentik_docker/tasks/main.yml

---

- name: "Install dependencies"
  ansible.builtin.apt:
    pkg:
      - docker.io

- name: "Create directory for Authentik with Docker"
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: root
    group: root
    mode: '0750'
  with_items:
    - "{{ docker_volumes_dir }}/authentik"

- name: "Create directories for Authentik Docker"
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: 1000
    group: 1000
    mode: '0750'
  with_items:
    - "{{ docker_volumes_dir }}/authentik/media"
    - "{{ docker_volumes_dir }}/authentik/custom-templates"
    - "{{ docker_volumes_dir }}/authentik/certs"

- name: "Create Redis directory for Authentik with Docker"
  ansible.builtin.file:
    path: "{{ docker_volumes_dir }}/authentik/redis"
    state: directory
    owner: 999
    group: root
    mode: '0750'

- name: "Create Database directory for Authentik with Docker"
  ansible.builtin.file:
    path: "{{ docker_volumes_dir }}/authentik/database"
    state: directory
    owner: root
    group: root
    mode: '0750'

- name: "Template .env files for Authentik with Docker"
  ansible.builtin.template:
    src: "authentik.env.j2"
    dest: "{{ docker_volumes_dir }}/authentik/authentik.env"
    force: true
    owner: authentik-docker
    group: docker
    mode: '0660'
  notify: restart-authentik-docker

#- name: "Template docker-compose.yml for authentik-docker"
#  ansible.builtin.template:
#    src: "{{ item }}.j2"
#    dest: "/{{ docker_compose_config_dir }}/authentik/{{ item }}"
#    force: true
#    owner: root
#    group: docker
#    mode: '0640'
#  with_items:
#    - docker-compose.yml
#  notify: restart-authentik-docker

- name: "Create Docker network authentik_net"
  docker_network:
    name: authentik_net

- name: "Template systemd units for Authentik with Docker"
  ansible.builtin.template:
    src: "{{ item }}.j2"
    dest: "/etc/systemd/system/{{ item }}"
    force: true
    owner: root
    group: root
    mode: '0664'
  with_items:
    - authentik-server-docker.service
    - authentik-worker-docker.service
    - authentik-redis-docker.service
    - authentik-db-docker.service
  register: units

#- name: "Add a user that will run the container"
#  ansible.builtin.user:
#    name: authentik-docker
#    comment: Authentik Docker User
#    home: "{{ docker_volumes_dir }}/authentik"
#    group: docker
#    system: true

#- name: "Template systemd unit file for Authentik with Docker"
#  ansible.builtin.template:
#    src: "authentik-docker.service.j2"
#    dest: "/etc/systemd/system/authentik-docker.service"
#    force: true
#    owner: root
#    group: root
#    mode: '0644'
#  register: unit
#  notify: systemctl-daemon-reload

- name: "Reload systemd units"
  ansible.builtin.systemd:
    daemon_reload: yes
  when: units.changed

- name: "Enable systemd units for Authentik with Docker"
  ansible.builtin.systemd:
    state: started
    enabled: true
    name: "{{ item }}"
  with_items:
    - authentik-db-docker.service
    - authentik-redis-docker.service
    - authentik-server-docker.service
    - authentik-worker-docker.service

#- name: "Enable systemctl service for authentik-docker"
#  ansible.builtin.service:
#    state: started
#    name: "authentik-docker.service"
Authentik-Rolle einmal ordentlich gemacht und gefixt 2023-09-13 18:03:24 +02:00			`---`

			`- name: "Install dependencies"`
			`ansible.builtin.apt:`
			`pkg:`
			`- docker.io`

			`- name: "Create directory for Authentik with Docker"`
			`ansible.builtin.file:`
			`path: "{{ item }}"`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: '0750'`
			`with_items:`
			`- "{{ docker_volumes_dir }}/authentik"`

			`- name: "Create directories for Authentik Docker"`
			`ansible.builtin.file:`
			`path: "{{ item }}"`
			`state: directory`
			`owner: 1000`
			`group: 1000`
			`mode: '0750'`
			`with_items:`
			`- "{{ docker_volumes_dir }}/authentik/media"`
			`- "{{ docker_volumes_dir }}/authentik/custom-templates"`
			`- "{{ docker_volumes_dir }}/authentik/certs"`

Give database access to its directory 2023-09-14 09:11:26 +02:00			`- name: "Create Redis directory for Authentik with Docker"`
Authentik-Rolle einmal ordentlich gemacht und gefixt 2023-09-13 18:03:24 +02:00			`ansible.builtin.file:`
Give database access to its directory 2023-09-14 09:11:26 +02:00			`path: "{{ docker_volumes_dir }}/authentik/redis"`
Authentik-Rolle einmal ordentlich gemacht und gefixt 2023-09-13 18:03:24 +02:00			`state: directory`
			`owner: 999`
			`group: root`
			`mode: '0750'`
Give database access to its directory 2023-09-14 09:11:26 +02:00
			`- name: "Create Database directory for Authentik with Docker"`
			`ansible.builtin.file:`
			`path: "{{ docker_volumes_dir }}/authentik/database"`
			`state: directory`
			`owner: root`
			`group: root`
			`mode: '0750'`
Authentik-Rolle einmal ordentlich gemacht und gefixt 2023-09-13 18:03:24 +02:00
			`- name: "Template .env files for Authentik with Docker"`
			`ansible.builtin.template:`
			`src: "authentik.env.j2"`
			`dest: "{{ docker_volumes_dir }}/authentik/authentik.env"`
			`force: true`
			`owner: authentik-docker`
			`group: docker`
			`mode: '0660'`
			`notify: restart-authentik-docker`

			`#- name: "Template docker-compose.yml for authentik-docker"`
			`# ansible.builtin.template:`
			`# src: "{{ item }}.j2"`
			`# dest: "/{{ docker_compose_config_dir }}/authentik/{{ item }}"`
			`# force: true`
			`# owner: root`
			`# group: docker`
			`# mode: '0640'`
			`# with_items:`
			`# - docker-compose.yml`
			`# notify: restart-authentik-docker`

			`- name: "Create Docker network authentik_net"`
			`docker_network:`
			`name: authentik_net`

			`- name: "Template systemd units for Authentik with Docker"`
			`ansible.builtin.template:`
			`src: "{{ item }}.j2"`
			`dest: "/etc/systemd/system/{{ item }}"`
			`force: true`
			`owner: root`
			`group: root`
			`mode: '0664'`
			`with_items:`
			`- authentik-server-docker.service`
			`- authentik-worker-docker.service`
			`- authentik-redis-docker.service`
			`- authentik-db-docker.service`
			`register: units`

			`#- name: "Add a user that will run the container"`
			`# ansible.builtin.user:`
			`# name: authentik-docker`
			`# comment: Authentik Docker User`
			`# home: "{{ docker_volumes_dir }}/authentik"`
			`# group: docker`
			`# system: true`

			`#- name: "Template systemd unit file for Authentik with Docker"`
			`# ansible.builtin.template:`
			`# src: "authentik-docker.service.j2"`
			`# dest: "/etc/systemd/system/authentik-docker.service"`
			`# force: true`
			`# owner: root`
			`# group: root`
			`# mode: '0644'`
			`# register: unit`
			`# notify: systemctl-daemon-reload`

			`- name: "Reload systemd units"`
			`ansible.builtin.systemd:`
			`daemon_reload: yes`
			`when: units.changed`

			`- name: "Enable systemd units for Authentik with Docker"`
			`ansible.builtin.systemd:`
			`state: started`
			`enabled: true`
			`name: "{{ item }}"`
			`with_items:`
			`- authentik-db-docker.service`
			`- authentik-redis-docker.service`
			`- authentik-server-docker.service`
			`- authentik-worker-docker.service`

			`#- name: "Enable systemctl service for authentik-docker"`
			`# ansible.builtin.service:`
			`# state: started`
			`# name: "authentik-docker.service"`