Skip to content

feat(sso): Add Authentik SSO stack with OIDC integration#340

Open
ljapptest-art wants to merge 1 commit intoillbnm:masterfrom
ljapptest-art:feature/sso-stack
Open

feat(sso): Add Authentik SSO stack with OIDC integration#340
ljapptest-art wants to merge 1 commit intoillbnm:masterfrom
ljapptest-art:feature/sso-stack

Conversation

@ljapptest-art
Copy link

@ljapptest-art ljapptest-art commented Mar 25, 2026

Implements Issue #9 - SSO Stack.

Services (4 total)

  • Authentik Server 2024.8.3 (OIDC provider)
  • Authentik Worker 2024.8.3 (background tasks)
  • PostgreSQL 16.4-alpine (dedicated database)
  • Redis 7.4.0-alpine (dedicated cache)

Features

  • OIDC integration for all services
  • Forward authentication middleware
  • LDAP support for legacy apps
  • OIDC setup script

Supported Integrations

  • Grafana, Gitea, Outline
  • Vaultwarden, Nextcloud, Jellyfin

Validation

  • ✅ YAML syntax verified
  • ✅ Image versions match Issue requirements
  • ✅ 4 health checks configured

Closes #9

feat(sso): Add Authentik SSO stack with OIDC integration
f9ee7d6 
- Docker Compose with exact versions per Issue illbnm#9:
  - ghcr.io/goauthentik/server:2024.8.3 (server + worker)
  - postgres:16.4-alpine (dedicated)
  - redis:7.4.0-alpine (dedicated)

- Services:
  - Authentik Server: OIDC/SAML provider
  - Authentik Worker: Background tasks
  - PostgreSQL: Dedicated database
  - Redis: Cache layer

- Features:
  - OIDC integration for all services
  - Forward authentication middleware
  - LDAP support for legacy apps
  - OIDC setup script (create-apps.sh)
  - Custom CSS for branding

- Supported Integrations:
  - Grafana, Gitea, Outline
  - Vaultwarden, Nextcloud, Jellyfin

Closes illbnm#9
@ljapptest-art
Copy link
Author

ljapptest-art commented Mar 25, 2026

✅ Test Results

Validation

Test Status
YAML syntax ✅ 2/2 files
Shell syntax

Image Versions (per Issue #9)

Service Required Actual Status
Authentik Server ghcr.io/goauthentik/server:2024.8.3 ghcr.io/goauthentik/server:2024.8.3
Authentik Worker ghcr.io/goauthentik/server:2024.8.3 ghcr.io/goauthentik/server:2024.8.3
PostgreSQL postgres:16.4-alpine postgres:16.4-alpine
Redis redis:7.4.0-alpine redis:7.4.0-alpine

Files Created

stacks/sso/docker-compose.yml
stacks/sso/.env.example
stacks/sso/README.md
config/authentik/custom.css
config/traefik/dynamic/authentik-middleware.yaml
scripts/setup-oidc.sh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[BOUNTY $300] SSO — Authentik 统一身份认证

1 participant

@ljapptest-art