From 735f1255c1c4a944460d9ba9dd94f4c33a058be9 Mon Sep 17 00:00:00 2001
From: soraefir <soraefir+git@helcel>
Date: Sun, 31 May 2026 19:07:46 +0200
Subject: [PATCH] service account homepage

---
 .../containers/data/authentik/homepage.yaml   | 29 ++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/modules/server/containers/data/authentik/homepage.yaml b/modules/server/containers/data/authentik/homepage.yaml
index e6adec5..b182aa6 100644
--- a/modules/server/containers/data/authentik/homepage.yaml
+++ b/modules/server/containers/data/authentik/homepage.yaml
@@ -75,12 +75,39 @@ entries:
       open_in_new_tab: false
 
   # 3. Provision the static API token linked to the user account
+  - model: authentik_core.user
+    state: present
+    identifiers:
+      username: homepage-svc
+    attrs:
+      name: Homepage Dashboard Service Account
+      path: goauthentik.io/service-accounts
+      is_active: true
+      attributes:
+        goauthentik.io/user/service-account: true
+
+  - model: authentik_policies.policybinding
+    state: present
+    identifiers:
+      user: !Find [authentik_core.user, [username, "homepage-svc"]]
+      permission: authentik_core.view_user
+    attrs:
+      enabled: true
+
+  - model: authentik_policies.policybinding
+    state: present
+    identifiers:
+      user: !Find [authentik_core.user, [username, "homepage-svc"]]
+      permission: authentik_events.view_event
+    attrs:
+      enabled: true
+
   - model: authentik_core.token
     state: present
     identifiers:
       identifier: homepage-token
     attrs:
       key: !Env HOMEPAGE_VAR_AUTHENTIK_API
-      user: !Find [authentik_core.user, [username, "akadmin"]]
+      user: !Find [authentik_core.user, [username, "homepage-svc"]]
       intent: api
       expiring: false