website/docs: add docs for outpost configuration
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
79508e1965
commit
4e9be85353
|
@ -63,7 +63,7 @@ class DockerController(BaseController):
|
||||||
self.client.images.pull(image_name)
|
self.client.images.pull(image_name)
|
||||||
container_args = {
|
container_args = {
|
||||||
"image": image_name,
|
"image": image_name,
|
||||||
"name": f"authentik-proxy-{self.outpost.uuid.hex}",
|
"name": container_name,
|
||||||
"detach": True,
|
"detach": True,
|
||||||
"ports": {
|
"ports": {
|
||||||
f"{port.port}/{port.protocol.lower()}": port.inner_port or port.port
|
f"{port.port}/{port.protocol.lower()}": port.inner_port or port.port
|
||||||
|
|
|
@ -50,6 +50,8 @@ class ServiceConnectionInvalid(SentryIgnoredException):
|
||||||
class OutpostConfig:
|
class OutpostConfig:
|
||||||
"""Configuration an outpost uses to configure it self"""
|
"""Configuration an outpost uses to configure it self"""
|
||||||
|
|
||||||
|
# update website/docs/outposts/outposts.md
|
||||||
|
|
||||||
authentik_host: str
|
authentik_host: str
|
||||||
authentik_host_insecure: bool = False
|
authentik_host_insecure: bool = False
|
||||||
|
|
||||||
|
|
|
@ -138,6 +138,9 @@ export class OutpostForm extends ModelForm<Outpost, string> {
|
||||||
return YAML.stringify(fc);
|
return YAML.stringify(fc);
|
||||||
}))}"></ak-codemirror>
|
}))}"></ak-codemirror>
|
||||||
<p class="pf-c-form__helper-text">${t`Set custom attributes using YAML or JSON.`}</p>
|
<p class="pf-c-form__helper-text">${t`Set custom attributes using YAML or JSON.`}</p>
|
||||||
|
<p class="pf-c-form__helper-text">
|
||||||
|
See <a target="_blank" href="https://goauthentik.io/docs/outposts/outposts#configuration">documentation</a>.
|
||||||
|
</p>
|
||||||
</ak-form-element-horizontal>
|
</ak-form-element-horizontal>
|
||||||
</form>`;
|
</form>`;
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,3 +19,44 @@ To deploy an outpost manually, see:
|
||||||
|
|
||||||
- [Kubernetes](./manual-deploy-kubernetes.md)
|
- [Kubernetes](./manual-deploy-kubernetes.md)
|
||||||
- [docker-compose](./manual-deploy-docker-compose.md)
|
- [docker-compose](./manual-deploy-docker-compose.md)
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
Outposts fetch their configuration from authentik. Below are all the options you can set, and how they influence the outpost.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
# Log level that the outpost will set
|
||||||
|
log_level: debug
|
||||||
|
# Enable/disable error reporting for the outpost, based on the authentik settings
|
||||||
|
error_reporting_enabled: true
|
||||||
|
error_reporting_environment: beryjuorg-prod
|
||||||
|
########################################
|
||||||
|
# The settings below are only relevant when using a managed outpost
|
||||||
|
########################################
|
||||||
|
# URL that the outpost uses to connect back to authentik
|
||||||
|
authentik_host: https://authentik.tld/
|
||||||
|
# Disable SSL Validation for the authentik connection
|
||||||
|
authentik_host_insecure: false
|
||||||
|
# Template used for objects created (deployments, services, secrets, etc)
|
||||||
|
object_naming_template: ak-outpost-%(name)s
|
||||||
|
########################################
|
||||||
|
# Kubernetes outpost specific settings
|
||||||
|
########################################
|
||||||
|
# Replica count for the deployment of the outpost
|
||||||
|
kubernetes_replicas: 1
|
||||||
|
# Namespace to deploy in, defaults to the same namespace authentik is deployed in (if available)
|
||||||
|
kubernetes_namespace: authentik
|
||||||
|
# Any additional annotations to add to the ingress object, for example cert-manager
|
||||||
|
kubernetes_ingress_annotations: {}
|
||||||
|
# Name of the secret that is used for TLS connections
|
||||||
|
kubernetes_ingress_secret_name: authentik-outpost-tls
|
||||||
|
# Service kind created, can be set to LoadBalancer for LDAP outposts for example
|
||||||
|
kubernetes_service_type: ClusterIP
|
||||||
|
# Disable any components of the kubernetes integration, can be any of
|
||||||
|
# - 'secret'
|
||||||
|
# - 'deployment'
|
||||||
|
# - 'service'
|
||||||
|
# - 'ingress'
|
||||||
|
# - 'traefik middleware'
|
||||||
|
kubernetes_disabled_components: []
|
||||||
|
```
|
||||||
|
|
Reference in a new issue