10b0c84d97
* remove old bootstrap Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * add meta model to set user password Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ensure KeyOf works with objects in the state of created that already exist Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * migrate Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add support for shorter form !If tag Signed-off-by: Jens Langhammer <jens@goauthentik.io> * allow !Context to resolve other yaml tags Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't require serializer to be valid for deleting an object Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix check if a model is being created Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove duplicate way to set password Signed-off-by: Jens Langhammer <jens@goauthentik.io> * migrate token Signed-off-by: Jens Langhammer <jens@goauthentik.io> * only change what is required with migrations Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add description Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix admin status Signed-off-by: Jens Langhammer <jens@goauthentik.io> * expand tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * don't require bootstrap in events to fix ci? Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io>
50 lines
1.4 KiB
YAML
50 lines
1.4 KiB
YAML
version: 1
|
|
metadata:
|
|
name: authentik Bootstrap
|
|
labels:
|
|
blueprints.goauthentik.io/system-bootstrap: "true"
|
|
blueprints.goauthentik.io/system: "true"
|
|
blueprints.goauthentik.io/description: |
|
|
This blueprint configures the default admin user and group, and configures them for the [Automated install](https://goauthentik.io/docs/installation/automated-install).
|
|
context:
|
|
username: akadmin
|
|
group_name: authentik Admins
|
|
email: !Env [AUTHENTIK_BOOTSTRAP_EMAIL, "root@example.com"]
|
|
password: !Env [AUTHENTIK_BOOTSTRAP_PASSWORD, null]
|
|
token: !Env [AUTHENTIK_BOOTSTRAP_TOKEN, null]
|
|
entries:
|
|
- model: authentik_core.group
|
|
state: created
|
|
identifiers:
|
|
name: !Context group_name
|
|
attrs:
|
|
is_superuser: true
|
|
id: admin-group
|
|
- model: authentik_core.user
|
|
state: created
|
|
id: admin-user
|
|
identifiers:
|
|
username: !Context username
|
|
attrs:
|
|
name: authentik Default Admin
|
|
email: !Context email
|
|
groups:
|
|
- !KeyOf admin-group
|
|
password: !Context password
|
|
- model: authentik_core.token
|
|
state: created
|
|
conditions:
|
|
- !If [!Context token]
|
|
identifiers:
|
|
identifier: authentik-bootstrap-token
|
|
intent: api
|
|
expiring: false
|
|
key: !Context token
|
|
user: !KeyOf admin-user
|
|
- model: authentik_blueprints.blueprintinstance
|
|
identifiers:
|
|
metadata:
|
|
labels:
|
|
blueprints.goauthentik.io/system-bootstrap: "true"
|
|
state: absent
|