habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website/integrations: add Organizr integration (#3802)

Browse Source 
* Add new integration application category for Dashboard and initialize organizr service template

* added images and additional info for organizr integration

* alphabetized application integration categories

* alphabetized integration federation and social login categories

* forgot to make website-lint-fix :/

* revert mention of organizr in generic setup

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Co-authored-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Rob
2022-10-19 03:28:48 -05:00
committed by GitHub
parent 0b6dd49f36
commit 895658e7a3
10 changed files with 152 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/docs/providers/ldap/generic_setup.md
View File

@ -4,7 +4,7 @@ title: Generic Setup
### Create User/Group
1. Create a new user account to test LDAP bind under _Directory_ -> _Users_ -> _Create_, in this example called `ldapservice`.
1. Create a new user account to bind with under _Directory_ -> _Users_ -> _Create_, in this example called `ldapservice`.
Note the DN of this user will be `cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io`

78
website/integrations/services/organizr/index.md Normal file
View File

@ -0,0 +1,78 @@
---
title: organizr
---
<span class="badge badge--secondary">Support level: Community</span>
## What is organizr
From https://github.com/causefx/Organizr
:::note
Organizr allows you to setup "Tabs" that will be loaded all in one webpage.
:::
This integration leverages authentik's LDAP for the identity provider to achieve an SSO experience. See [ldap provider generic setup](../../../docs/providers/ldap/generic_setup) for setting up the LDAP provider.
## Preparation
The following placeholders will be used:
- `organizr.company` is the FQDN of the Service install.
- `authentik.company` is the FQDN of the authentik install.
Create a new user account _(or re-use an existing)_ for organizr to use for LDAP bind under _Directory_ -> _Users_ -> _Create_, in this example called `ldapservice`.
Note the DN of this user will be `cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io`
:::tip
_Optionally_, create a new group like `organizr users` to scope access to the organizr application.
:::
## authentik Configuration
1. Create a new Proxy Provider for `https://organizr.company`
![](./organizr1.png)
_Optionally_, add the regular expression to allow api calls in the advanced protocol settings.
![](./organizr2.png)
2. Create a new Application for the `https://organizr.company` Provider.
![](./organizr3.png)
:::tip
_Optionally_, bind the group to control access to the organizr to the application.
![](./organizr4.png)
![](./organizr5.png)
::: 3. Add the Application to the authentik Embedded Outpost.
## organizr Configuration
:::caution
Ensure any local usernames/email addresses in organizr do not conflict with usernames/email addresses in authentik.
:::
1. Enable Auth Proxy in organizr _system settings_ -> _main_ -> _Auth Proxy_
Auth Proxy Header Name: `X-authentik-username`
Auth Proxy Whitelist: _your network subnet in CIDR notation IE_ `10.0.0.0/8`
Auth Proxy Header Name for Email: `X-authentik-email`
Logout URL: `/outpost.goauthentik.io/sign_out`
![](./organizr6.png)
2. Setup Authentication in organizr _system settings_ -> _main_ -> _Authentication_
Authentication Type: `Organizr DB + Backend`
Authentication Backend: `Ldap`
Host Address: `<LDAP Outpost IP address:port>`
Host Base DN: `dc=ldap,dc=goauthentik,dc=io`
Account Prefix: `cn=`
Account Suffix: `,ou=users,dc=ldap,dc=goauthentik,dc=io`
Bind Username: `cn=ldapservice,ou=users,dc=ldap,dc=goauthentik,dc=io`
Bind Password: `<LDAP bind account password>`
LDAP Backend Type: `OpenLDAP`
![](./organizr7.png)
:::info
Access for authentik users is managed locally within organizr under _User Management_. By default, new users are assigned the `User` group.
:::
:::tip
Consider front-ending your application with a [forward auth provider](../../../docs/providers/proxy/forward_auth#nginx) for an SSO experience.
:::

BIN
website/integrations/services/organizr/organizr1.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 78 KiB

BIN
website/integrations/services/organizr/organizr2.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 62 KiB

BIN
website/integrations/services/organizr/organizr3.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 77 KiB

BIN
website/integrations/services/organizr/organizr4.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 50 KiB

BIN
website/integrations/services/organizr/organizr5.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 27 KiB

BIN
website/integrations/services/organizr/organizr6.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 68 KiB

BIN
website/integrations/services/organizr/organizr7.png Executable file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 109 KiB

142
website/sidebarsIntegrations.js
View File

@ -8,6 +8,56 @@ module.exports = {
id: "services/index",
},
items: [
{
type: "category",
label: "Chat, Communication & Collaboration",
items: [
"services/bookstack/index",
"services/hedgedoc/index",
"services/kimai/index",
"services/matrix-synapse/index",
"services/nextcloud/index",
"services/onlyoffice/index",
"services/paperless-ng/index",
"services/rocketchat/index",
"services/roundcube/index",
"services/vikunja/index",
"services/wekan/index",
"services/wiki-js/index",
"services/zulip/index",
],
},
{
type: "category",
label: "Cloud Providers",
items: [
"services/aws/index",
"services/oracle-cloud/index",
],
},
{
type: "category",
label: "Dashboards",
items: ["services/organizr/index"],
},
{
type: "category",
label: "Platforms",
items: [
"services/budibase/index",
"services/wordpress/index",
],
},
{
type: "category",
label: "Hypervisors / Orchestrators",
items: [
"services/portainer/index",
"services/proxmox-ve/index",
"services/rancher/index",
"services/vmware-vcenter/index",
],
},
{
type: "category",
label: "Infrastructure",
@ -30,12 +80,13 @@ module.exports = {
},
{
type: "category",
label: "Hypervisors / Orchestrators",
label: "Miscellaneous",
items: [
"services/portainer/index",
"services/proxmox-ve/index",
"services/rancher/index",
"services/vmware-vcenter/index",
"services/home-assistant/index",
"services/node-red/index",
"services/sonarr/index",
"services/tautulli/index",
"services/jellyfin/index",
],
},
{
@ -48,33 +99,6 @@ module.exports = {
"services/zabbix/index",
],
},
{
type: "category",
label: "Cloud Providers",
items: [
"services/aws/index",
"services/oracle-cloud/index",
],
},
{
type: "category",
label: "Chat, Communication & Collaboration",
items: [
"services/bookstack/index",
"services/hedgedoc/index",
"services/kimai/index",
"services/matrix-synapse/index",
"services/nextcloud/index",
"services/onlyoffice/index",
"services/paperless-ng/index",
"services/rocketchat/index",
"services/roundcube/index",
"services/vikunja/index",
"services/wekan/index",
"services/wiki-js/index",
"services/zulip/index",
],
},
{
type: "category",
label: "Platforms",
@ -83,15 +107,6 @@ module.exports = {
"services/wordpress/index",
],
},
{
type: "category",
label: "Developer tools",
items: [
"services/sentry/index",
"services/sssd/index",
"services/weblate/index",
],
},
{
type: "category",
label: "Version Control Systems",
@ -102,17 +117,6 @@ module.exports = {
"services/gitlab/index",
],
},
{
type: "category",
label: "Miscellaneous",
items: [
"services/home-assistant/index",
"services/node-red/index",
"services/sonarr/index",
"services/tautulli/index",
"services/jellyfin/index",
],
},
],
},
{
@ -126,7 +130,24 @@ module.exports = {
"Sources of users which can be federated with authentik",
},
items: [
{
type: "category",
label: "Directory syncronization",
items: [
"sources/active-directory/index",
"sources/freeipa/index",
],
},
"sources/general",
{
type: "category",
label: "Protocols",
items: [
"sources/ldap/index",
"sources/oauth/index",
"sources/saml/index",
],
},
{
type: "category",
label: "Social Logins",
@ -142,23 +163,6 @@ module.exports = {
"sources/twitter/index",
],
},
{
type: "category",
label: "Directory syncronization",
items: [
"sources/active-directory/index",
"sources/freeipa/index",
],
},
{
type: "category",
label: "Protocols",
items: [
"sources/ldap/index",
"sources/oauth/index",
"sources/saml/index",
],
},
],
},
],