diff --git a/authentik/outposts/controllers/docker.py b/authentik/outposts/controllers/docker.py index a500a50a7..5a3c45c57 100644 --- a/authentik/outposts/controllers/docker.py +++ b/authentik/outposts/controllers/docker.py @@ -63,7 +63,7 @@ class DockerController(BaseController): self.client.images.pull(image_name) container_args = { "image": image_name, - "name": f"authentik-proxy-{self.outpost.uuid.hex}", + "name": container_name, "detach": True, "ports": { f"{port.port}/{port.protocol.lower()}": port.inner_port or port.port diff --git a/authentik/outposts/models.py b/authentik/outposts/models.py index bd0d4b56e..af99e7b5c 100644 --- a/authentik/outposts/models.py +++ b/authentik/outposts/models.py @@ -50,6 +50,8 @@ class ServiceConnectionInvalid(SentryIgnoredException): class OutpostConfig: """Configuration an outpost uses to configure it self""" + # update website/docs/outposts/outposts.md + authentik_host: str authentik_host_insecure: bool = False diff --git a/web/src/pages/outposts/OutpostForm.ts b/web/src/pages/outposts/OutpostForm.ts index 187638eeb..9506a56d7 100644 --- a/web/src/pages/outposts/OutpostForm.ts +++ b/web/src/pages/outposts/OutpostForm.ts @@ -131,13 +131,16 @@ export class OutpostForm extends ModelForm { label=${t`Configuration`} name="config"> + let fc = config.config; + if (this.instance) { + fc = this.instance.config; + } + return YAML.stringify(fc); + }))}">

${t`Set custom attributes using YAML or JSON.`}

+

+ See documentation. +

`; } diff --git a/website/docs/outposts/outposts.md b/website/docs/outposts/outposts.md index a00fe1980..ebdbbb19c 100644 --- a/website/docs/outposts/outposts.md +++ b/website/docs/outposts/outposts.md @@ -19,3 +19,44 @@ To deploy an outpost manually, see: - [Kubernetes](./manual-deploy-kubernetes.md) - [docker-compose](./manual-deploy-docker-compose.md) + +## Configuration + +Outposts fetch their configuration from authentik. Below are all the options you can set, and how they influence the outpost. + +```yaml +# Log level that the outpost will set +log_level: debug +# Enable/disable error reporting for the outpost, based on the authentik settings +error_reporting_enabled: true +error_reporting_environment: beryjuorg-prod +######################################## +# The settings below are only relevant when using a managed outpost +######################################## +# URL that the outpost uses to connect back to authentik +authentik_host: https://authentik.tld/ +# Disable SSL Validation for the authentik connection +authentik_host_insecure: false +# Template used for objects created (deployments, services, secrets, etc) +object_naming_template: ak-outpost-%(name)s +######################################## +# Kubernetes outpost specific settings +######################################## +# Replica count for the deployment of the outpost +kubernetes_replicas: 1 +# Namespace to deploy in, defaults to the same namespace authentik is deployed in (if available) +kubernetes_namespace: authentik +# Any additional annotations to add to the ingress object, for example cert-manager +kubernetes_ingress_annotations: {} +# Name of the secret that is used for TLS connections +kubernetes_ingress_secret_name: authentik-outpost-tls +# Service kind created, can be set to LoadBalancer for LDAP outposts for example +kubernetes_service_type: ClusterIP +# Disable any components of the kubernetes integration, can be any of +# - 'secret' +# - 'deployment' +# - 'service' +# - 'ingress' +# - 'traefik middleware' +kubernetes_disabled_components: [] +```