Authentik Terraform Module
Terraform module for managing Authentik applications with OAuth2/OpenID and Proxy providers, including automatic Outpost assignment.
Usage
module "authentik" {
source = "./authentik"
authentik_url = "https://auth.example.com"
authentik_token = var.authentik_token
oauth_applications = {
"gitlab" = {
name = "GitLab OAuth"
slug = "gitlab"
redirect_uris = ["https://gitlab.example.com/users/auth/openid_connect/callback"]
}
}
proxy_applications = {
"portainer" = {
name = "Portainer"
slug = "portainer"
external_host = "https://portainer.example.com"
internal_host = "http://portainer:9000"
outpost = "k8s-outpost"
}
}
outposts = {
"k8s-outpost" = {
name = "Kubernetes Outpost"
type = "proxy"
service_connection = "k8s-local"
}
}
}
Structure
main.tf
- Main configurationvariables.tf
- Input variablesoutputs.tf
- Output valuesmodules/oauth-provider/
- OAuth2/OIDC provider modulemodules/proxy-provider/
- Proxy provider moduleterraform.tfvars.example
- Configuration example
Requirements
- Terraform >= 1.0
- Authentik provider >= 2023.10.0
- Authentik API token with admin permissions