CaZzzer/alpina
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
e6cdae8e6b0027f897f7a4788455bf2439312bee
alpina/roles/alpina/templates/services/authentik/blueprints/apps-proxy.yaml.j2

116 lines
3.3 KiB
Django/Jinja
Raw Blame History

version: 1
metadata:
labels:
blueprints.goauthentik.io/instantiate: "true"
name: Alpina - Proxied Apps
entries:
- identifiers:
name: arrstack
model: authentik_core.group
id: arrstack
attrs:
arrstack_username: "arr"
arrstack_password: "{{ arrstack_password }}"
# TODO: Probably refactor this into a jinja macro
{% set apps = {
"uptime-kuma": {
"host": "uptime",
"name": "Uptime Kuma",
"icon": "https://uptime."~ domain ~"/icon.svg",
"unauthenticated_paths": "^/icon.svg$",
"group": "Services",
"create_admin_group": true,
},
"qbit": {
"host": "qbit",
"name": "qBit",
"icon": "https://qbit."~ domain ~"/images/qbittorrent-tray.svg",
"unauthenticated_paths": "^/images/qbittorrent-tray.svg$",
"group": "Arrstack",
"create_admin_group": false,
},
"prowlarr": {
"host": "prowlarr",
"name": "Prowlarr",
"icon": "https://prowlarr."~ domain ~"/Content/Images/logo.svg",
"unauthenticated_paths": "^/Content/Images/logo.svg$",
"group": "Arrstack",
"create_admin_group": false,
},
"sonarr": {
"host": "sonarr",
"name": "Sonarr",
"icon": "https://sonarr."~ domain ~"/Content/Images/logo.svg",
"unauthenticated_paths": "^/Content/Images/logo.svg$",
"group": "Arrstack",
"create_admin_group": false,
},
"radarr": {
"host": "radarr",
"name": "Radarr",
"icon": "https://radarr."~ domain ~"/Content/Images/logo.svg",
"unauthenticated_paths": "^/Content/Images/logo.svg$",
"group": "Arrstack",
"create_admin_group": false,
},
} -%}
{% for app in apps.keys() -%}
- identifiers:
name: {{ apps[app]["name"] }}
model: authentik_providers_proxy.proxyprovider
id: {{ app }}
attrs:
authorization_flow: !Find [authentik_flows.flow, [ slug, default-provider-authorization-implicit-consent ] ]
mode: forward_single
external_host: "https://{{ apps[app]["host"] }}.{{ domain }}/"
skip_path_regex: "{{ apps[app]["unauthenticated_paths"] }}"
- identifiers:
slug: {{ app }}
model: authentik_core.application
attrs:
name: {{ apps[app]["name"] }}
group: {{ apps[app]["group"] }}
meta_description: "Hello, I'm {{ apps[app]["name"] }}!"
meta_publisher: Alpina
icon: "{{ apps[app]["icon"] }}"
open_in_new_tab: true
provider: !KeyOf {{ app }}
{% if apps[app]["create_admin_group"] -%}
- identifiers:
name: "{{ apps[app]["name"] }} Admins"
model: authentik_core.group
id: "{{ app }} Admins"
- identifiers:
group: !KeyOf "{{ app }} Admins"
target: !Find [authentik_core.application, [ slug, {{ app }}] ]
model: authentik_policies.policybinding
attrs:
order: 0
{% endif %}
{% if apps[app]["group"] == "Arrstack" -%}
- identifiers:
group: !KeyOf arrstack
target: !Find [authentik_core.application, [slug, {{ app }}]]
model: authentik_policies.policybinding
attrs:
order: 0
{% endif %}
{% endfor %}
- identifiers:
managed: goauthentik.io/outposts/embedded
name: authentik Embedded Outpost
model: authentik_outposts.outpost
attrs:
providers:
{% for app in apps.keys() -%}
- !KeyOf {{ app }}
{% endfor %}
Reference in New Issue View Git Blame Copy Permalink