46 lines
1.2 KiB
YAML
46 lines
1.2 KiB
YAML
version: 1
|
|
metadata:
|
|
name: Pre-configured LDAP Outpost
|
|
entries:
|
|
- model: authentik_providers_ldap.ldapprovider
|
|
identifiers:
|
|
name: ldap-provider
|
|
attrs:
|
|
base_dn: "@AUTHENTIK_LDAP_DC_DOMAIN@"
|
|
search_group: null
|
|
authorization_flow:
|
|
!Find [authentik_flows.flow, [slug, default-authentication-flow]]
|
|
invalidation_flow:
|
|
!Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
|
|
|
|
- model: authentik_core.token
|
|
identifiers:
|
|
identifier: ldap-outpost-static-token
|
|
attrs:
|
|
intent: api
|
|
key: !Env AUTHENTIK_TOKEN
|
|
user: 1
|
|
|
|
- model: authentik_outposts.outpost
|
|
identifiers:
|
|
name: LDAP Outpost
|
|
attrs:
|
|
type: ldap
|
|
providers:
|
|
- !Find [authentik_providers_ldap.ldapprovider, [name, ldap-provider]]
|
|
token:
|
|
!Find [authentik_core.token, [identifier, ldap-outpost-static-token]]
|
|
config:
|
|
log_level: info
|
|
|
|
- model: authentik_core.user
|
|
state: present
|
|
identifiers:
|
|
username: "ldap-service"
|
|
attrs:
|
|
name: "LDAP Bind Service Account"
|
|
is_active: true
|
|
password: !Env DEFAULT_LDAP_PASSWORD
|
|
attributes:
|
|
ak_recovery_immutable: true
|