Fix token

modules/server/containers/apps/authentik.nix

@@ -86,9 +86,6 @@ in {
         AUTHENTIK_HOST = "https://${containerCfg.subdomain}.${serverCfg.hostDomain}"; 
         AUTHENTIK_INSECURE = "false"; 
       };
-      overrides = {
-        ports = [ "636:6636" ]; 
-      };
     };
   };
 

modules/server/containers/data/authentik/ldap.yaml

@@ -13,13 +13,26 @@ entries:
       invalidation_flow:
         !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
 
+  - model: authentik_core.user
+    state: present
+    identifiers:
+      username: "ldap-service"
+    attrs:
+      name: "LDAP Bind Service Account"
+      type: "service_account"
+      path: "goauthentik.io"
+      is_active: true
+      password: !Env DEFAULT_LDAP_PASSWORD
+      attributes:
+        ak_recovery_immutable: true
+
   - model: authentik_core.token
     identifiers:
       identifier: ldap-outpost-static-token
     attrs:
       intent: api
       key: !Env AUTHENTIK_TOKEN
-      user: 1
+      user: !Find [authentik_core.user, [username, "ldap-service"]]
 
   - model: authentik_outposts.outpost
     identifiers:
@@ -36,19 +49,6 @@ entries:
         refresh_interval: minutes=5
         authentik_host_insecure: false
 
-  - model: authentik_core.user
-    state: present
-    identifiers:
-      username: "ldap-service"
-    attrs:
-      name: "LDAP Bind Service Account"
-      type: "service_account"
-      path: "goauthentik.io"
-      is_active: true
-      password: !Env DEFAULT_LDAP_PASSWORD
-      attributes:
-        ak_recovery_immutable: true
-
   - model: authentik_rbac.role
     state: present
     identifiers: