Add Authentik to the Template (#378)

docs/AppList.md

@@ -3,9 +3,9 @@
 List of all apps included in this project with info related to it.
 
 - **Arm32:** 166 apps
-- **Arm64:** 177 apps
-- **Amd64:** 175 apps
-- **Total:** 177 apps
+- **Arm64:** 178 apps
+- **Amd64:** 176 apps
+- **Total:** 178 apps
 
 ---
 
@@ -19,6 +19,7 @@ List of all apps included in this project with info related to it.
 |[Archivebox](https://archivebox.io/)|Arm32<br>Arm64<br>Amd64|Container| [![](../build/images/blue_doc_icon.png)](https://github.com/ArchiveBox/ArchiveBox/wiki/Docker) |  |  |  |  |
 |[AriaNG](https://github.com/hurlenko/aria2-ariang-docker)|Arm32<br>Arm64<br>Amd64|Container| [![](../build/images/blue_doc_icon.png)](https://github.com/hurlenko/aria2-ariang-docker) |  |  |  |  |
 |[Authelia](https://www.authelia.com/)|Arm32<br>Arm64<br>Amd64|Container| [![](../build/images/blue_doc_icon.png)](https://www.authelia.com/docs/configuration/) |  |  |  |  |
+|[Authentik](https://goauthentik.io/)|Arm64<br>Amd64|Stack| [![](../build/images/blue_doc_icon.png)](https://goauthentik.io/docs/) |  | [![](../build/images/script_icon.png)](../tools/install_authentik.sh) |  |  |
 |[Bazarr](https://www.bazarr.media/)|Arm32<br>Arm64<br>Amd64|Container| [![](../build/images/blue_doc_icon.png)](https://wiki.bazarr.media/Getting-Started/Installation/Docker/docker/) |  |  |  |  |
 |[Beets](https://beets.io/)|Arm32<br>Arm64<br>Amd64|Container| [![](../build/images/blue_doc_icon.png)](https://docs.linuxserver.io/images/docker-beets) |  |  |  |  |
 |[Booksonic](https://booksonic.org/)|Arm32<br>Arm64<br>Amd64|Container| [![](../build/images/blue_doc_icon.png)](https://docs.linuxserver.io/images/docker-booksonic-air) |  |  |  |  |

stack/authentik.yml

@@ -0,0 +1,87 @@
+version: '3.4'
+
+services:
+  postgresql:
+    image: postgres:12-alpine
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 5s
+    volumes:
+      - /portainer/Files/AppData/Config/authentik/postgre:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+      - POSTGRES_USER=${POSTGRES_USER}
+      - POSTGRES_DB=${POSTGRES_DB}
+  redis:
+    image: redis:alpine
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 3s
+    volumes:
+      - /portainer/Files/AppData/Config/authentik/redis:/data
+  server:
+    image: ghcr.io/goauthentik/server:2022.8.2
+    restart: unless-stopped
+    command: server
+    environment:
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${POSTGRES_USER}
+      AUTHENTIK_POSTGRESQL__NAME: ${POSTGRES_DB}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${POSTGRES_PASSWORD}
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY}
+      AUTHENTIK_AUTHENTIK__GEOIP: /geoip/GeoLite2-City.mmdb
+      AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
+      # WORKERS: 2
+    volumes:
+      - /portainer/Files/AppData/Config/authentik/media:/media
+      - /portainer/Files/AppData/Config/authentik/custom-templates:/templates
+      - /portainer/Files/AppData/Config/authentik/geoip:/geoip
+    ports:
+      - "9191:9000"
+      - "7443:9443"
+  worker:
+    image: ghcr.io/goauthentik/server:2022.8.2
+    restart: unless-stopped
+    command: worker
+    environment:
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${POSTGRES_USER}
+      AUTHENTIK_POSTGRESQL__NAME: ${POSTGRES_DB}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${POSTGRES_PASSWORD}
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY}
+      AUTHENTIK_AUTHENTIK__GEOIP: /geoip/GeoLite2-City.mmdb
+      #AUTHENTIK_ERROR_REPORTING__ENABLED: "true" #Optional
+      #AUTHENTIK_EMAIL__HOST: localhost #Optional
+      #AUTHENTIK_EMAIL__PORT: 25 #Optional
+      #AUTHENTIK_EMAIL__USERNAME: #Optional
+      #AUTHENTIK_EMAIL__PASSWORD: #Optional
+      #AUTHENTIK_EMAIL__USE_TLS: false #Optional
+      #AUTHENTIK_EMAIL__USE_SSL: false #Optional
+      #AUTHENTIK_EMAIL__TIMEOUT: 10 #Optional
+      #AUTHENTIK_EMAIL__FROM: authentik@localhost #Optional
+    user: root
+    volumes:
+      - /portainer/Files/AppData/Config/authentik/media:/media
+      - /portainer/Files/AppData/Config/authentik/certs:/certs
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /portainer/Files/AppData/Config/authentik/custom-templates:/templates
+      - /portainer/Files/AppData/Config/authentik/geoip:/geoip
+  geoipupdate:
+    image: "maxmindinc/geoipupdate:latest"
+    volumes:
+      - /portainer/Files/AppData/Config/authentik/geoip:/usr/share/GeoIP
+    environment:
+      GEOIPUPDATE_EDITION_IDS: ${GEOIPUPDATE_EDITION_IDS}
+      GEOIPUPDATE_ACCOUNT_ID: ${GEOIPUPDATE_ACCOUNT_ID}
+      GEOIPUPDATE_LICENSE_KEY: ${GEOIPUPDATE_LICENSE_KEY}
+      GEOIPUPDATE_FREQUENCY: "8" #Optional

template/apps/authentik.json

@@ -0,0 +1,61 @@
+{
+	"categories": [
+		"Authentication",
+		"Cloud",
+		"Management",
+		"Security"
+	],
+	"description": "Authentik is an open-source Identity Provider focused on flexibility and versatility.  This will start the stack with basic options, to customize further ie. adding email settings then use the editor under the deployed stack and 'Update the stack'",
+	"env": [
+		{
+			"default": "authentik",
+			"label": "POSTGRES_USER",
+			"name": "POSTGRES_USER"
+		},
+		{
+			"default": "authentik",
+			"label": "POSTGRES_DB",
+			"name": "POSTGRES_DB"
+		},
+		{
+			"default": "YOUR_POSTGRE_PASSWORD",
+			"label": "POSTGRES_PASSWORD",
+			"name": "POSTGRES_PASSWORD"
+		},
+		{
+			"default": "YOUR_AUTHENTIK_SECRET_KEY",
+			"label": "AUTHENTIK_SECRET_KEY",
+			"name": "AUTHENTIK_SECRET_KEY"
+		},
+		{
+			"default": "GeoLite2-City",
+			"label": "GEOIPUPDATE_EDITION_IDS",
+			"name": "GEOIPUPDATE_EDITION_IDS"
+		},
+		{
+			"default": "Your GEOIP ID",
+			"label": "GEOIPUPDATE_ACCOUNT_ID",
+			"name": "GEOIPUPDATE_ACCOUNT_ID"
+		},
+		{
+			"default": "Your GEOIP License Key",
+			"label": "GEOIPUPDATE_LICENSE_KEY",
+			"name": "GEOIPUPDATE_LICENSE_KEY"
+		}
+	],
+	"logo": "https://d33wubrfki0l68.cloudfront.net/3986a9ebfee622cb3fed7c0b7d3661e431dcff5c/8fd41/img/icon_top_brand.svg",
+	"name": "authentik",
+	"note": "For this to work properly you will need a GeoIP account.  Go to https://www.maxmind.com/en/geolite2/signup, once done generate a license key and copy in your user number.  For info on emailing in the system see, https://goauthentik.io/docs/installation/docker-compose#email-configuration-optional-but-recommended",
+	"officialDoc": "https://goauthentik.io/docs/",
+	"platform": "linux",
+	"preInstallScript": "install_authentik.sh",
+	"repository": {
+		"stackfile_arm64": "stack/authentik.yml",
+		"stackfile_amd64": "stack/authentik.yml",
+		"url": "https://github.com/pi-hosted/pi-hosted/"
+	},
+	"restart_policy": "unless-stopped",
+	"title": "Authentik",
+	"type": 3,
+	"webpage": "https://goauthentik.io/"
+}

template/portainer-v2-amd64.json

@@ -396,6 +396,63 @@
 				}
 			]
 		},
+		{
+			"categories": [
+				"Authentication",
+				"Cloud",
+				"Management",
+				"Security"
+			],
+			"description": "Authentik is an open-source Identity Provider focused on flexibility and versatility.  This will start the stack with basic options, to customize further ie. adding email settings then use the editor under the deployed stack and 'Update the stack'",
+			"env": [
+				{
+					"default": "authentik",
+					"label": "POSTGRES_USER",
+					"name": "POSTGRES_USER"
+				},
+				{
+					"default": "authentik",
+					"label": "POSTGRES_DB",
+					"name": "POSTGRES_DB"
+				},
+				{
+					"default": "YOUR_POSTGRE_PASSWORD",
+					"label": "POSTGRES_PASSWORD",
+					"name": "POSTGRES_PASSWORD"
+				},
+				{
+					"default": "YOUR_AUTHENTIK_SECRET_KEY",
+					"label": "AUTHENTIK_SECRET_KEY",
+					"name": "AUTHENTIK_SECRET_KEY"
+				},
+				{
+					"default": "GeoLite2-City",
+					"label": "GEOIPUPDATE_EDITION_IDS",
+					"name": "GEOIPUPDATE_EDITION_IDS"
+				},
+				{
+					"default": "Your GEOIP ID",
+					"label": "GEOIPUPDATE_ACCOUNT_ID",
+					"name": "GEOIPUPDATE_ACCOUNT_ID"
+				},
+				{
+					"default": "Your GEOIP License Key",
+					"label": "GEOIPUPDATE_LICENSE_KEY",
+					"name": "GEOIPUPDATE_LICENSE_KEY"
+				}
+			],
+			"logo": "https://d33wubrfki0l68.cloudfront.net/3986a9ebfee622cb3fed7c0b7d3661e431dcff5c/8fd41/img/icon_top_brand.svg",
+			"name": "authentik",
+			"note": "<h3>Template created by Pi-Hosted Series</h3><b>Check our Github page: <a href=\"https://github.com/pi-hosted/pi-hosted\" target=\"_blank\">https://github.com/pi-hosted/pi-hosted</a></b><br><br><b>Official Webpage: </b><a href=\"https://goauthentik.io/\" target=\"_blank\">https://goauthentik.io/</a><br><b>Official Docker Documentation: </b><a href=\"https://goauthentik.io/docs/\" target=\"_blank\">https://goauthentik.io/docs/</a><br><br><b><a href=\"https://github.com/pi-hosted/pi-hosted/blob/master/tools/install_authentik.sh\" target=\"_blank\">Pre-installation script</a> must be RAN before you install: </b>wget -qO- https://raw.githubusercontent.com/pi-hosted/pi-hosted/master/tools/install_authentik.sh | <br><br>For this to work properly you will need a GeoIP account.  Go to https://www.maxmind.com/en/geolite2/signup, once done generate a license key and copy in your user number.  For info on emailing in the system see, https://goauthentik.io/docs/installation/docker-compose#email-configuration-optional-but-recommended",
+			"platform": "linux",
+			"repository": {
+				"stackfile": "stack/authentik.yml",
+				"url": "https://github.com/pi-hosted/pi-hosted/"
+			},
+			"restart_policy": "unless-stopped",
+			"title": "Authentik",
+			"type": 3
+		},
 		{
 			"categories": [
 				"Video",

template/portainer-v2-arm64.json

@@ -396,6 +396,63 @@
 				}
 			]
 		},
+		{
+			"categories": [
+				"Authentication",
+				"Cloud",
+				"Management",
+				"Security"
+			],
+			"description": "Authentik is an open-source Identity Provider focused on flexibility and versatility.  This will start the stack with basic options, to customize further ie. adding email settings then use the editor under the deployed stack and 'Update the stack'",
+			"env": [
+				{
+					"default": "authentik",
+					"label": "POSTGRES_USER",
+					"name": "POSTGRES_USER"
+				},
+				{
+					"default": "authentik",
+					"label": "POSTGRES_DB",
+					"name": "POSTGRES_DB"
+				},
+				{
+					"default": "YOUR_POSTGRE_PASSWORD",
+					"label": "POSTGRES_PASSWORD",
+					"name": "POSTGRES_PASSWORD"
+				},
+				{
+					"default": "YOUR_AUTHENTIK_SECRET_KEY",
+					"label": "AUTHENTIK_SECRET_KEY",
+					"name": "AUTHENTIK_SECRET_KEY"
+				},
+				{
+					"default": "GeoLite2-City",
+					"label": "GEOIPUPDATE_EDITION_IDS",
+					"name": "GEOIPUPDATE_EDITION_IDS"
+				},
+				{
+					"default": "Your GEOIP ID",
+					"label": "GEOIPUPDATE_ACCOUNT_ID",
+					"name": "GEOIPUPDATE_ACCOUNT_ID"
+				},
+				{
+					"default": "Your GEOIP License Key",
+					"label": "GEOIPUPDATE_LICENSE_KEY",
+					"name": "GEOIPUPDATE_LICENSE_KEY"
+				}
+			],
+			"logo": "https://d33wubrfki0l68.cloudfront.net/3986a9ebfee622cb3fed7c0b7d3661e431dcff5c/8fd41/img/icon_top_brand.svg",
+			"name": "authentik",
+			"note": "<h3>Template created by Pi-Hosted Series</h3><b>Check our Github page: <a href=\"https://github.com/pi-hosted/pi-hosted\" target=\"_blank\">https://github.com/pi-hosted/pi-hosted</a></b><br><br><b>Official Webpage: </b><a href=\"https://goauthentik.io/\" target=\"_blank\">https://goauthentik.io/</a><br><b>Official Docker Documentation: </b><a href=\"https://goauthentik.io/docs/\" target=\"_blank\">https://goauthentik.io/docs/</a><br><br><b><a href=\"https://github.com/pi-hosted/pi-hosted/blob/master/tools/install_authentik.sh\" target=\"_blank\">Pre-installation script</a> must be RAN before you install: </b>wget -qO- https://raw.githubusercontent.com/pi-hosted/pi-hosted/master/tools/install_authentik.sh | <br><br>For this to work properly you will need a GeoIP account.  Go to https://www.maxmind.com/en/geolite2/signup, once done generate a license key and copy in your user number.  For info on emailing in the system see, https://goauthentik.io/docs/installation/docker-compose#email-configuration-optional-but-recommended",
+			"platform": "linux",
+			"repository": {
+				"stackfile": "stack/authentik.yml",
+				"url": "https://github.com/pi-hosted/pi-hosted/"
+			},
+			"restart_policy": "unless-stopped",
+			"title": "Authentik",
+			"type": 3
+		},
 		{
 			"categories": [
 				"Video",

tools/install_authentik.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+function error {
+  echo -e "\\e[91m$1\\e[39m"
+  exit 1
+}
+
+echo "Creating directories..."
+sudo mkdir -p /portainer/Files/AppData/Config/authentik/certs || error "Failed to create certs directory!"
+sudo mkdir -p /portainer/Files/AppData/Config/authentik/custom-templates || error "Failed to create custom-templates directory!"
+sudo mkdir -p /portainer/Files/AppData/Config/authentik/media || error "Failed to create media directory!"
+sudo mkdir -p /portainer/Files/AppData/Config/authentik/geoip || error "Failed to create geoip directory!"
+sudo mkdir -p /portainer/Files/AppData/Config/authentik/redis || error "Failed to create redis directory!"
+sudo mkdir -p /portainer/Files/AppData/Config/authentik/postgre || error "Failed to create postgre directory!"
+
+echo "Setting permissions..."
+sudo chown -R 1000:1000 /portainer/Files/AppData/Config/authentik/certs || error "Failed to set permissions for Authentik certs!"
+sudo chown -R 1000:1000 /portainer/Files/AppData/Config/authentik/custom-templates || error "Failed to set permissions for Authentik custom-templates!"
+sudo chown -R 1000:1000 /portainer/Files/AppData/Config/authentik/media || error "Failed to set permissions for Authentik media!"
+sudo chown -R 1000:1000 /portainer/Files/AppData/Config/authentik/geoip || error "Failed to set permissions for Authentik geoip!"
+sudo chown -R 999:999 /portainer/Files/AppData/Config/authentik/redis || error "Failed to set permissions for Authentik redis!"
+sudo chown -R 70:70 /portainer/Files/AppData/Config/authentik/postgre || error "Failed to set permissions for Authentik postgre!"
+echo "Done You are ready to goto next step in the install document"