Initial scaffold
- Terraform module for groups, SAML/OAuth2/LDAP providers, applications, and LDAP outposts - Data-driven YAML config with Terragrunt config loader - Environment: identity.unkin.net with Consul backend - Provider: goauthentik/authentik 2026.5.0 - Woodpecker CI pipelines (pre-commit, plan, apply) - Makefile with Vault AppRole and K8s auth support
This commit is contained in:
@@ -1,3 +1,35 @@
|
||||
# terraform-authentik
|
||||
|
||||
Terraform configuration for managing Authentik identity provider
|
||||
Terraform configuration for managing the Authentik identity provider at identity.unkin.net.
|
||||
|
||||
## Managed Resources
|
||||
|
||||
- **Groups** — roles and group hierarchy (users are invited manually)
|
||||
- **SAML providers** — SAML application integrations
|
||||
- **OAuth2/OIDC providers** — OAuth2 and OpenID Connect integrations
|
||||
- **LDAP providers** — LDAP provider and outpost configuration
|
||||
- **Applications** — application definitions linked to providers
|
||||
|
||||
## Configuration
|
||||
|
||||
Resources are defined as YAML files under `config/`:
|
||||
|
||||
```
|
||||
config/
|
||||
├── groups/ # Group definitions
|
||||
├── providers_saml/ # SAML provider definitions
|
||||
├── providers_oauth2/ # OAuth2/OIDC provider definitions
|
||||
└── providers_ldap/ # LDAP provider definitions
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
```sh
|
||||
make plan # init + plan
|
||||
make apply # init + plan + apply
|
||||
make format # format all .tf and .hcl files
|
||||
```
|
||||
|
||||
### Authentication
|
||||
|
||||
Set `VAULT_ROLEID` for local AppRole auth, or `VAULT_AUTH_METHOD=kubernetes` for CI.
|
||||
|
||||
Reference in New Issue
Block a user