From c20f8e5df0cc0c174ee70dbcbcf06f7d4909273f Mon Sep 17 00:00:00 2001 From: Ada Date: Mon, 25 Mar 2024 00:32:09 +0100 Subject: [PATCH] WIP --- ansible/roles/authentik/tasks/build.yml | 32 ++++++++++ .../roles/authentik/tasks/dependencies.yml | 60 +++++++++++++++++++ ansible/roles/authentik/tasks/main.yml | 30 ++++------ 3 files changed, 103 insertions(+), 19 deletions(-) create mode 100644 ansible/roles/authentik/tasks/build.yml create mode 100644 ansible/roles/authentik/tasks/dependencies.yml diff --git a/ansible/roles/authentik/tasks/build.yml b/ansible/roles/authentik/tasks/build.yml new file mode 100644 index 0000000..a2b3bba --- /dev/null +++ b/ansible/roles/authentik/tasks/build.yml @@ -0,0 +1,32 @@ +--- +- name: Get authentik source + ansible.builtin.git: + repo: 'https://github.com/goauthentik/authentik.git' + dest: /opt/authentik/src + version: version/2024.2.2 + force: true + +- name: Build front + ansible.builtin.shell: | + cd /opt/authentik/src/website + npm i + npm run build-docs-only + cd /opt/authentik/src/web + npm i + npm run build + +- name: Create virtualenv + ansible.builtin.command: "python3.12 -m venv /opt/authentik/src/venv" + +- name: Installl poetry and dependencies + ansible.builtin.shell: | + cd /opt/authentik/src/ + venv/bin/pip install poetry + venv/bin/poetry install --only=main --no-ansi --no-interaction --no-root + + +- name: Build go proxy + ansible.builtin.shell: | + cd /opt/authentik/src/ + sed -i "s/c.Setup(\".\/authentik\/lib\/default.yml\", \".\/local.env.yml\")/c.Setup(\"\/etc\/authentik\/config.yml\", \".\/authentik\/lib\/default.yml\", \".\/local.env.yml\")/" /opt/authentik/src/internal/config/config.go + go build -o /opt/authentik/src/authentik-server ./cmd/server/ \ No newline at end of file diff --git a/ansible/roles/authentik/tasks/dependencies.yml b/ansible/roles/authentik/tasks/dependencies.yml new file mode 100644 index 0000000..1477107 --- /dev/null +++ b/ansible/roles/authentik/tasks/dependencies.yml @@ -0,0 +1,60 @@ +--- +- name: Install roles dependencies + ansible.builtin.apt: + name: "{{ item }}" + with_items: + - git + - libpq-dev + - libxmlsec1-dev + +- name: Add deadsnake ppa for python3.12 + ansible.builtin.apt_repository: + repo: 'ppa:deadsnakes/ppa' + +- name: Install python3.12 + ansible.builtin.apt: + name: "{{ item }}" + with_items: + - python3.12 + - python3.12-distutils + - python3.12-venv + - python3.12-dev + +- name: Add longsleep ppa for go 1.22 + ansible.builtin.apt_repository: + repo: 'ppa:longsleep/golang-backports' + +- name: Install go 1.22 + ansible.builtin.apt: + name: "golang-go" + +- name: Download node GPG key + ansible.builtin.get_url: + url: 'https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key' + dest: "/usr/share/keyrings/node-archive-keyring.asc" + mode: "0644" + validate_certs: true + checksum: sha512:36c77b2bddaea0523ab90962a38ebd3ee90c3d5cf17e525f02898aa8e7b14fd1026f6d659b99d931fe907e9142a98ff08075ebfc56f0f1e2001c6ba4791d3daa + changed_when: false + no_log: false + +- name: Add nodesource repo for node + ansible.builtin.apt_repository: + repo: 'deb [arch=amd64 signed-by=/usr/share/keyrings/node-archive-keyring.asc] https://deb.nodesource.com/node_21.x nodistro main' + +- name: Install nodejs + ansible.builtin.apt: + name: nodejs + +- name: Add authentik user + ansible.builtin.user: + name: "authentik" + system: true + +- name: Create /opt/authentik + ansible.builtin.file: + path: /opt/authentik + state: directory + mode: '0755' + owner: authentik + diff --git a/ansible/roles/authentik/tasks/main.yml b/ansible/roles/authentik/tasks/main.yml index e798b06..d809de1 100644 --- a/ansible/roles/authentik/tasks/main.yml +++ b/ansible/roles/authentik/tasks/main.yml @@ -1,21 +1,13 @@ --- -- name: Install knot repository - ansible.builtin.apt: - deb: https://secure.nic.cz/files/knot-resolver/knot-resolver-release.deb - notify: - - Package cache update +- name: Install dependencies + ansible.builtin.import_tasks: dependencies.yml + become: true + tags: + - install_dependencies -- name: Install knot resolver - ansible.builtin.apt: - name: knot-resolver - notify: - - Enable knot resolver - - Restart knot resolver - -- name: Configure - ansible.builtin.template: - src: kresd.conf.j2 - dest: /etc/knot-resolver/kresd.conf - mode: "0644" - notify: - - Restart knot resolver +- name: Build authentik + ansible.builtin.import_tasks: build.yml + become: true + tags: + - build + become_user: authentik