This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/blueprints/system/bootstrap.yaml
Jens L 261879022d
security: fix oobe-flow reuse when akadmin is deleted (#7361)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-10-28 21:24:06 +02:00

45 lines
1.3 KiB
YAML

version: 1
metadata:
name: authentik Bootstrap
labels:
blueprints.goauthentik.io/system-bootstrap: "true"
blueprints.goauthentik.io/system: "true"
blueprints.goauthentik.io/description: |
This blueprint configures the default admin user and group, and configures them for the [Automated install](https://goauthentik.io/docs/installation/automated-install).
context:
username: akadmin
group_name: authentik Admins
email: !Env [AUTHENTIK_BOOTSTRAP_EMAIL, "root@example.com"]
password: !Env [AUTHENTIK_BOOTSTRAP_PASSWORD, null]
token: !Env [AUTHENTIK_BOOTSTRAP_TOKEN, null]
entries:
- model: authentik_core.group
state: created
identifiers:
name: !Context group_name
attrs:
is_superuser: true
id: admin-group
- model: authentik_core.user
state: created
id: admin-user
identifiers:
username: !Context username
attrs:
name: authentik Default Admin
email: !Context email
groups:
- !KeyOf admin-group
password: !Context password
- model: authentik_core.token
state: created
conditions:
- !If [!Context token]
identifiers:
identifier: authentik-bootstrap-token
intent: api
expiring: false
user: !KeyOf admin-user
attrs:
key: !Context token