recipe-maintainer: public snapshot (secrets + deployment plans removed, single commit)
Sanitized single-commit public mirror of recipe-maintainer. - Removed test-ssh/.testenv (live creds); added test-ssh/.testenv.example placeholders. - Removed plans/ and planned-updates/ (deployment-planning docs) so no client/ deployment domains appear in the public repo. - All other secret stores were already gitignored. - docs.coopcloud.tech retained as a submodule (public upstream).
This commit is contained in:
30
recipe-info/authentik/setup.md
Normal file
30
recipe-info/authentik/setup.md
Normal file
@ -0,0 +1,30 @@
|
||||
# Authentik — First-Time Setup
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- DNS: `authentik.<domain_suffix>` must resolve to the server
|
||||
|
||||
## Steps
|
||||
|
||||
1. **Create the app:**
|
||||
```bash
|
||||
abra app new authentik --server <SERVER> --domain authentik.<DOMAIN_SUFFIX> --no-input
|
||||
```
|
||||
|
||||
2. **Generate secrets:**
|
||||
```bash
|
||||
abra app secret generate authentik.<DOMAIN_SUFFIX> --all -m --no-input
|
||||
```
|
||||
Save output to `recipe-info/testsecrets/authentik.<DOMAIN_SUFFIX>`.
|
||||
|
||||
3. **Deploy:**
|
||||
```bash
|
||||
abra app deploy authentik.<DOMAIN_SUFFIX> --chaos --force --no-input
|
||||
```
|
||||
|
||||
4. **Verify:** curl `https://authentik.<DOMAIN_SUFFIX>` returns HTTP 200.
|
||||
|
||||
## Notes
|
||||
|
||||
- Admin credentials: username `akadmin`, password from `admin_pass` secret in testsecrets.
|
||||
- The bootstrap token (`AK_TOKEN`) is the `bootstrap_token` secret — needed by SSO setup scripts for other recipes.
|
||||
Reference in New Issue
Block a user