-
-
Notifications
You must be signed in to change notification settings - Fork 927
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
website/docs: install: add aws #12082
base: main
Are you sure you want to change the base?
Conversation
✅ Deploy Preview for authentik-docs canceled.
|
✅ Deploy Preview for authentik-storybook canceled.
|
76179b5
to
a89d118
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
✅ All tests successful. No failed tests found. Additional details and impacted files@@ Coverage Diff @@
## main #12082 +/- ##
=======================================
Coverage 92.60% 92.60%
=======================================
Files 761 761
Lines 38050 38050
=======================================
Hits 35238 35238
Misses 2812 2812
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
a89d118
to
ae11634
Compare
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
authentik PR Installation instructions Instructions for docker-composeAdd the following block to your AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-8f2f917286178315e6ceb994be919b0a24b1d3b2
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s For arm64, use these values: AUTHENTIK_IMAGE=ghcr.io/goauthentik/dev-server
AUTHENTIK_TAG=gh-8f2f917286178315e6ceb994be919b0a24b1d3b2-arm64
AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s Afterwards, run the upgrade commands from the latest release notes. Instructions for KubernetesAdd the following block to your authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-8f2f917286178315e6ceb994be919b0a24b1d3b2 For arm64, use these values: authentik:
outposts:
container_image_base: ghcr.io/goauthentik/dev-%(type)s:gh-%(build_hash)s
global:
image:
repository: ghcr.io/goauthentik/dev-server
tag: gh-8f2f917286178315e6ceb994be919b0a24b1d3b2-arm64 Afterwards, run the upgrade commands from the latest release notes. |
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
@BeryJu we need to create the secrets for the deploy from https://us-east-1.console.aws.amazon.com/iam/home?region=eu-west-1#/users/details/github-cloudformation-deploy?section=security_credentials |
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
Signed-off-by: Marc 'risson' Schmitt <[email protected]>
|
||
Under the **Certificate ARN** input, enter the previously created certificate ARN. You can also configure other settings if needed. You can follow the prompts to create the stack. | ||
|
||
This stack will create the following resources: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For a list, we don't need the period at the end of each one.
|
||
This stack will create the following resources: | ||
|
||
- AWS SSM secrets for the PostgreSQL user and the authentik secret key. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- AWS SSM secrets for the PostgreSQL user and the authentik secret key. | |
- AWS SSM secrets for the PostgreSQL user and the authentik secret key |
This stack will create the following resources: | ||
|
||
- AWS SSM secrets for the PostgreSQL user and the authentik secret key. | ||
- A VPC for all other resources. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- A VPC for all other resources. | |
- A VPC for all other resources |
|
||
- AWS SSM secrets for the PostgreSQL user and the authentik secret key. | ||
- A VPC for all other resources. | ||
- A RDS PostgreSQL Multi-AZ cluster. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- A RDS PostgreSQL Multi-AZ cluster. | |
- A RDS PostgreSQL Multi-AZ cluster |
- AWS SSM secrets for the PostgreSQL user and the authentik secret key. | ||
- A VPC for all other resources. | ||
- A RDS PostgreSQL Multi-AZ cluster. | ||
- An ElastiCache Redis Multi-AZ cluster. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- An ElastiCache Redis Multi-AZ cluster. | |
- An ElastiCache Redis Multi-AZ cluster |
- A RDS PostgreSQL Multi-AZ cluster. | ||
- An ElastiCache Redis Multi-AZ cluster. | ||
- An ECS cluster with two tasks: | ||
- One for the authentik server. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- One for the authentik server. | |
- One for the authentik server |
- An ElastiCache Redis Multi-AZ cluster. | ||
- An ECS cluster with two tasks: | ||
- One for the authentik server. | ||
- One for the authentik worker. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- One for the authentik worker. | |
- One for the authentik worker |
- An ECS cluster with two tasks: | ||
- One for the authentik server. | ||
- One for the authentik worker. | ||
- An ALB pointing to the authentik server ECS task with the configured certificate. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- An ALB pointing to the authentik server ECS task with the configured certificate. | |
- An ALB (Application Load Balancer) pointing to the authentik server ECS task with the configured certificate |
- One for the authentik server. | ||
- One for the authentik worker. | ||
- An ALB pointing to the authentik server ECS task with the configured certificate. | ||
- An EFS filesystem mounted on both ECS tasks for media file storage. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- An EFS filesystem mounted on both ECS tasks for media file storage. | |
- An EFS filesystem mounted on both ECS tasks for media file storage |
- An ALB pointing to the authentik server ECS task with the configured certificate. | ||
- An EFS filesystem mounted on both ECS tasks for media file storage. | ||
|
||
The stack will output the endpoint of the ALB that you can point your DNS records to. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The stack will output the endpoint of the ALB that you can point your DNS records to. | |
The stack will output the endpoint of the ALB that to which you can point your DNS records. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for doc'ing this!
Details
REPLACE ME
Checklist
ak test authentik/
)make lint-fix
)If an API change has been made
make gen-build
)If changes to the frontend have been made
make web
)If applicable
make website
)