Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Attach an application to default outpost #310

Closed
CygnusHyoga opened this issue Feb 25, 2023 · 1 comment
Closed

Attach an application to default outpost #310

CygnusHyoga opened this issue Feb 25, 2023 · 1 comment

Comments

@CygnusHyoga
Copy link

CygnusHyoga commented Feb 25, 2023

Hello! First I want to congratulate for the amazing authentik!! It's fabulous!

I need some help...I can create an application and domain proxy provider, and I want to attach the application to default outpost "authentik Embedded Outpost"...and I don't find with which terraform resource I can attach the application to the outpost.

Any Help? Thanks!

Terraform Code

terraform {
required_providers {
authentik = {
source = "goauthentik/authentik"
}
}
}

provider "authentik" {
url = "https://sso.apps.core.example.com"
token = "mysupersecrettoken"
}

data "authentik_flow" "default-authorization-flow" {
slug = "default-provider-authorization-implicit-consent"
}

resource "authentik_provider_proxy" "proxy_domain_forward_auth" {
name = "Domain Forward Auth Provider"
external_host = "https://sso.apps.core.example.com/"
mode = "forward_domain"
cookie_domain = "example.com"
access_token_validity = "hours=24"
authorization_flow = data.authentik_flow.default-authorization-flow.id
}

resource "authentik_application" "application_domain_forward_auth" {
name = "Domain Forward Auth Application"
slug = "domain-forward-auth-application"
protocol_provider = authentik_provider_proxy.proxy_domain_forward_auth.id
}

@CygnusHyoga CygnusHyoga changed the title Help attaching an application to default outpost Attach an application to default outpost Feb 25, 2023
@CygnusHyoga
Copy link
Author

CygnusHyoga commented Feb 28, 2023

Finally, I create a new outpost with terraform. Now it's working...I didn't kown that the Traefik middleware for the new outpost it's created automatically, wow it's really great!! :-)

Terraform Code

terraform {
required_providers {
authentik = {
source = "goauthentik/authentik"
}
}
}

provider "authentik" {
url = "https://sso.apps.core.example.com/"
token = "mysupersecrettoken"
}

data "authentik_flow" "default-authorization-flow" {
slug = "default-provider-authorization-implicit-consent"
}

resource "authentik_provider_proxy" "proxy_domain_forward_auth" {
name = "Domain Forward Auth Provider"
external_host = "https://sso.apps.core.example.com/"
mode = "forward_domain"
cookie_domain = "example.com"
access_token_validity = "hours=24"
authorization_flow = data.authentik_flow.default-authorization-flow.id
}

resource "authentik_application" "application_domain_forward_auth" {
name = "Domain Forward Auth Application"
slug = "domain-forward-auth-application"
protocol_provider = authentik_provider_proxy.proxy_domain_forward_auth.id
}
resource "authentik_service_connection_kubernetes" "local" {
name = "Local Kubernetes Cluster"
local = true
}

resource "authentik_outpost" "proxy_outpost" {
name = "Proxy Outpost"
protocol_providers = [
authentik_provider_proxy.proxy_domain_forward_auth.id
]
config = jsonencode({
authentik_host = format("https://sso.apps.core.example.com")
authentik_host_insecure = true
})
service_connection = authentik_service_connection_kubernetes.local.id
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant