fix: Remove blocking HTTPS check from Authentik bootstrap
The HTTPS readiness check was causing deployment timeouts because:
- DNS propagation can take up to 5 minutes
- Let's Encrypt certificate issuance takes 30-60 seconds
- Deployment would timeout waiting for HTTPS to work
This check was unnecessary because:
- Authentik health is already verified via Docker health check
- OIDC provider creation uses internal localhost API (doesn't need HTTPS)
- HTTPS will work automatically once DNS/SSL is ready
Changes:
- Removed uri check for https://{{ authentik_domain }}/
- Removed 60 retries × 15 second delay (15 minute timeout)
- Added informational note about DNS/SSL timing
- Deployment now continues immediately after Docker health check
Result: Deployment completes in ~5 minutes instead of timing out.
DNS and SSL still propagate normally in the background.
Fixes: Deployment timeout issue during fresh builds
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Pieter
parent
d95862f522
commit
671ebc985b
1 changed files with 4 additions and 25 deletions
|
|
@ -1,31 +1,6 @@
|
||||||
---
|
---
|
||||||
# Bootstrap tasks for initial Authentik configuration
|
# Bootstrap tasks for initial Authentik configuration
|
||||||
|
|
||||||
- name: Wait for Authentik to be fully ready
|
|
||||||
uri:
|
|
||||||
url: "https://{{ authentik_domain }}/"
|
|
||||||
validate_certs: yes
|
|
||||||
status_code: [200, 302]
|
|
||||||
register: authentik_ready
|
|
||||||
until: authentik_ready.status in [200, 302]
|
|
||||||
retries: 60
|
|
||||||
delay: 15
|
|
||||||
failed_when: false
|
|
||||||
|
|
||||||
- name: Display warning if HTTPS access not yet available
|
|
||||||
debug:
|
|
||||||
msg: |
|
|
||||||
⚠ WARNING: Authentik not yet accessible via HTTPS
|
|
||||||
|
|
||||||
This is normal during initial deployment when:
|
|
||||||
- DNS records are still propagating
|
|
||||||
- Let's Encrypt certificates are being issued
|
|
||||||
- Traefik is still configuring routes
|
|
||||||
|
|
||||||
Authentik is running internally and will be accessible soon.
|
|
||||||
The deployment will continue with internal checks.
|
|
||||||
when: authentik_ready.status not in [200, 302]
|
|
||||||
|
|
||||||
- name: Display bootstrap status
|
- name: Display bootstrap status
|
||||||
debug:
|
debug:
|
||||||
msg: |
|
msg: |
|
||||||
|
|
@ -43,4 +18,8 @@
|
||||||
The admin account and API token are automatically configured
|
The admin account and API token are automatically configured
|
||||||
via AUTHENTIK_BOOTSTRAP_* environment variables.
|
via AUTHENTIK_BOOTSTRAP_* environment variables.
|
||||||
|
|
||||||
|
Note: HTTPS access requires DNS propagation and SSL certificate
|
||||||
|
issuance. This typically takes 1-5 minutes after deployment.
|
||||||
|
Authentik is accessible internally and the deployment will continue.
|
||||||
|
|
||||||
Documentation: https://docs.goauthentik.io
|
Documentation: https://docs.goauthentik.io
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue