Authentik Identity Provider
Purpose: Centralized authentication and authorizationStack: authImages: ghcr.io/goauthentik/server:latestPlacement: Manager node (p0)
Components:
- Authentik Server: Web interface and API
- Authentik Worker: Background tasks
- Authentik Redis: Session storage
Key Configuration:
environment:
AUTHENTIK_POSTGRESQL__HOST: postgres
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_SECRET_KEY: [SECRET]
Access:https://auth.bitfrost.me
Features:
- SAML/OAuth2/OIDC provider
- User management
- Multi-factor authentication
- Application integration
Basic Authentication Middleware
Purpose: Simple authentication for Traefik dashboardImplementation: Traefik middleware
Configuration:
traefik-auth:
basicAuth:
users: ["admin:[SECRET]"]
Secret Management
Docker Secrets:
traefik_cloudflare_api_token: Cloudflare API access- Stored in:
/mnt/swarm-data/traefik/cloudflare_api_token.txt
Environment Variables: All sensitive configuration managed through environment variables in stack files.