From e46ca9171c190d47d2d389dc03b244fa415260a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Krop=C3=A1=C4=8Dek?= <kropikuba@gmail.com>
Date: Thu, 8 Aug 2024 12:10:16 +0200
Subject: [PATCH] ldap added

---
 inventory.py                               |  1 +
 poetry.lock                                |  6 +++---
 services/authentik-ldap/.env.template      |  3 +++
 services/authentik-ldap/docker-compose.yml | 16 ++++++++++++++++
 services/immich/.env.template              |  3 ++-
 services/immich/docker-compose.yml         |  1 +
 6 files changed, 26 insertions(+), 4 deletions(-)
 create mode 100644 services/authentik-ldap/.env.template
 create mode 100644 services/authentik-ldap/docker-compose.yml

diff --git a/inventory.py b/inventory.py
index 4634ca4..b24316b 100644
--- a/inventory.py
+++ b/inventory.py
@@ -6,6 +6,7 @@ servers = [
             "services": [
                 "traefik", "joplin", "kanboard",
                 "ntfy", "uptime-kuma", "usememos",
+                "authentik-ldap",
             ],
         },
 
diff --git a/poetry.lock b/poetry.lock
index 7e3b12f..91a29f1 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -741,13 +741,13 @@ requests = ">=2.0.0"
 
 [[package]]
 name = "setuptools"
-version = "71.1.0"
+version = "72.1.0"
 description = "Easily download, build, install, upgrade, and uninstall Python packages"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "setuptools-71.1.0-py3-none-any.whl", hash = "sha256:33874fdc59b3188304b2e7c80d9029097ea31627180896fb549c578ceb8a0855"},
-    {file = "setuptools-71.1.0.tar.gz", hash = "sha256:032d42ee9fb536e33087fb66cac5f840eb9391ed05637b3f2a76a7c8fb477936"},
+    {file = "setuptools-72.1.0-py3-none-any.whl", hash = "sha256:5a03e1860cf56bb6ef48ce186b0e557fdba433237481a9a625176c2831be15d1"},
+    {file = "setuptools-72.1.0.tar.gz", hash = "sha256:8d243eff56d095e5817f796ede6ae32941278f542e0f941867cc05ae52b162ec"},
 ]
 
 [package.extras]
diff --git a/services/authentik-ldap/.env.template b/services/authentik-ldap/.env.template
new file mode 100644
index 0000000..b7072fa
--- /dev/null
+++ b/services/authentik-ldap/.env.template
@@ -0,0 +1,3 @@
+AUTHENTIK_HOST=https://auth.katuwoss.dev/
+AUTHENTIK_INSECURE=false
+AUTHENTIK_TOKEN={{ password['15aa994d-7051-42d5-a2eb-8052307bade0'] }}
diff --git a/services/authentik-ldap/docker-compose.yml b/services/authentik-ldap/docker-compose.yml
new file mode 100644
index 0000000..7c7a5c4
--- /dev/null
+++ b/services/authentik-ldap/docker-compose.yml
@@ -0,0 +1,16 @@
+networks:
+  traefik-net:
+    external: true
+    name: traefik-net
+
+services:
+  ldap:
+    image: ghcr.io/goauthentik/ldap
+    networks:
+      - default
+      - traefik-net
+    ports:
+      - 389:3389
+      - 636:6636
+    env_file:
+      - .env
diff --git a/services/immich/.env.template b/services/immich/.env.template
index ee737d0..ec87c77 100644
--- a/services/immich/.env.template
+++ b/services/immich/.env.template
@@ -1,4 +1,5 @@
 UPLOAD_LOCATION=/mnt/data/immich
+EXTERNAL_LOCATION=/mnt/data/immich_external
 
 DB_PASSWORD={{ password['fc4c389b-f598-4f42-940b-eaeabecd8359'] }}
 DB_HOSTNAME=database
@@ -8,4 +9,4 @@ DB_DATABASE_NAME=immich
 REDIS_HOSTNAME=redis
 EXTERNAL_HOST=immich.togetherdays.cz
 
-IMMICH_VERSION=v1.110.0
+IMMICH_VERSION=v1.111.0
diff --git a/services/immich/docker-compose.yml b/services/immich/docker-compose.yml
index 889d124..52097ec 100644
--- a/services/immich/docker-compose.yml
+++ b/services/immich/docker-compose.yml
@@ -21,6 +21,7 @@ services:
     image: ghcr.io/immich-app/immich-server:${IMMICH_VERSION:-release}
     volumes:
       - ${UPLOAD_LOCATION}:/usr/src/app/upload
+      - ${EXTERNAL_LOCATION}:/mnt/external
       - /etc/localtime:/etc/localtime:ro
     env_file:
       - .env