Initial scaffold
- Terraform module for groups, SAML/OAuth2/LDAP providers, applications, and LDAP outposts - Data-driven YAML config with Terragrunt config loader - Environment: identity.unkin.net with Consul backend - Provider: goauthentik/authentik 2026.5.0 - Woodpecker CI pipelines (pre-commit, plan, apply) - Makefile with Vault AppRole and K8s auth support
This commit is contained in:
@@ -0,0 +1,32 @@
|
||||
generate "backend" {
|
||||
path = "backend.tf"
|
||||
if_exists = "overwrite"
|
||||
contents = <<EOF
|
||||
provider "authentik" {
|
||||
url = "https://${path_relative_to_include()}"
|
||||
token = var.authentik_token
|
||||
}
|
||||
|
||||
variable "authentik_token" {
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
terraform {
|
||||
backend "consul" {
|
||||
address = "https://consul.service.consul"
|
||||
path = "infra/terraform/authentik/${path_relative_to_include()}/state"
|
||||
scheme = "https"
|
||||
lock = true
|
||||
ca_file = "/etc/pki/tls/certs/ca-bundle.crt"
|
||||
}
|
||||
required_version = ">= 1.10"
|
||||
required_providers {
|
||||
authentik = {
|
||||
source = "goauthentik/authentik"
|
||||
version = "2026.5.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
Reference in New Issue
Block a user