36 lines
995 B
Markdown
36 lines
995 B
Markdown
# Authentik Local Bootstrap
|
|
|
|
This directory stores local Authentik bootstrap assets for NODE.DC.
|
|
|
|
## Current scope
|
|
|
|
The first infra pass runs Authentik from the official Docker Compose shape for the 2026.2 release line:
|
|
|
|
- PostgreSQL 16;
|
|
- authentik server;
|
|
- authentik worker;
|
|
- no Redis service in the current official compose template;
|
|
- Caddy reverse proxy in front of Authentik and current local apps.
|
|
|
|
## Bootstrap variables
|
|
|
|
For a first local install, put these variables in `infra/.env`:
|
|
|
|
```bash
|
|
AUTHENTIK_BOOTSTRAP_EMAIL=admin@nodedc.local
|
|
AUTHENTIK_BOOTSTRAP_PASSWORD=<local generated password>
|
|
AUTHENTIK_BOOTSTRAP_TOKEN=<local generated token>
|
|
```
|
|
|
|
These are read only on first startup. Do not commit `infra/.env`.
|
|
|
|
## Future blueprint work
|
|
|
|
Later phases should add reproducible configuration for:
|
|
|
|
- NODE.DC Launcher Application/Provider;
|
|
- NODE.DC Task Manager Application/Provider;
|
|
- groups and policies;
|
|
- admin service token scope;
|
|
- exports or blueprints for repeatable setup.
|