8c3553d89f
This commit adds password recovery and user invitation flows for Authentik, enabling users to reset passwords via email and admins to invite users. Features Added: - Recovery flow: Users can request password reset emails - Invitation flow: Admins can send user invitation emails - Python scripts use Authentik API (no hardcoded credentials) - Flows task automatically verifies/creates flows on deployment Changes: - authentik/files/create_recovery_flow.py: Recovery flow script - authentik/files/create_invitation_flow.py: Invitation flow script - authentik/tasks/flows.yml: Flow configuration task - authentik/tasks/main.yml: Include flows task This ensures: ✓ Password recovery emails work automatically ✓ User invitations work automatically ✓ Flows are configured on every deployment ✓ No hardcoded credentials (uses bootstrap token) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
23 lines
765 B
YAML
23 lines
765 B
YAML
---
|
|
# Main tasks file for Authentik role
|
|
|
|
- name: Include Docker Compose setup
|
|
include_tasks: docker.yml
|
|
|
|
- name: Include bootstrap setup
|
|
include_tasks: bootstrap.yml
|
|
when: authentik_bootstrap | default(true)
|
|
|
|
- name: Include OIDC provider configuration
|
|
include_tasks: providers.yml
|
|
tags: ['authentik', 'oidc']
|
|
|
|
- name: Include email configuration
|
|
include_tasks: email.yml
|
|
when: mailgun_smtp_user is defined or (client_secrets.mailgun_smtp_user is defined and client_secrets.mailgun_smtp_user != "" and "PLACEHOLDER" not in client_secrets.mailgun_smtp_user)
|
|
tags: ['authentik', 'email']
|
|
|
|
- name: Include flows configuration (recovery, invitation)
|
|
include_tasks: flows.yml
|
|
when: authentik_bootstrap | default(true)
|
|
tags: ['authentik', 'flows']
|