{{- $name := include "authentik-application.fullname" .root }} {{- $token := get . "ldapToken" }} {{- with get . "root" }} - model: authentik_providers_ldap.LDAPProvider id: provider identifiers: name: {{ .Values.blueprint.provider.name | default $name }} state: present attrs: base_dn: "DC=ldap,DC=goauthentik,DC=io" bind_mode: "direct" search_mode: "direct" mfa_support: False authorization_flow: !Find [authentik_flows.flow, [slug, default-authentication-flow]] invalidation_flow: !Find [authentik_flows.flow, [slug, default-invalidation-flow]] - model: authentik_core.user id: outpost-user state: present identifiers: username: {{ printf "outpost-user-%s" $name | quote }} attrs: username: {{ printf "outpost-user-%s" $name | quote }} type: "service_account" name: {{ printf "Outpost %s Service-Account" $name | quote }} path: "goauthentik.io/outposts" {{/* - model: authentik_core.Token id: outpost-token identifiers: identifier: {{ printf "outpost-token-%s-api" $name | quote }} state: present attrs: identifier: {{ printf "outpost-token-%s-api" $name | quote }} intent: "api" user: !KeyOf outpost-user description: {{ printf "Autogenerated by authentik for Outpost %s" $name | quote }} key: {{ $token | quote }} expiring: False */}} - model: authentik_outposts.Outpost id: outpost identifiers: name: {{ .Values.blueprint.provider.name | default (include "authentik-application.fullname" .) }} state: present attrs: type: ldap providers: - !KeyOf provider config: authentik_host: {{ .Values.blueprint.authentik.domain | quote }} authentik_host_insecure: False user: !KeyOf "outpost-user" {{/* token: !KeyOf "outpost-token" or: - model: UserObjectPermission identifiers: user: !KeyOf "outpost-user" content_type: "authentik_outposts.outpost" state: present attrs: user: !KeyOf "outpost-user" content_type: "authentik_outposts.outpost" object_pk: !KeyOf "outpost" permission: "view_outpost" */}} {{- end }}{{/* end with of get-root */}}