habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3996bdac33f6afe8b4634ef009773e8a90c54860
authentik/website/integrations/services/powerdns-admin/index.md
dependabot[bot] 3996bdac33 website: Bump prettier from 3.3.3 to 3.4.1 in /website (#12205) 
* website: Bump prettier from 3.3.3 to 3.4.1 in /website

Bumps [prettier](https://github.com/prettier/prettier) from 3.3.3 to 3.4.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.3.3...3.4.1)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update formatting

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* sigh

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* disable flaky test

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
2024-11-27 15:14:19 +01:00

2.2 KiB
Raw Blame History

title, sidebar_label
title sidebar_label
Integrate with PowerDNS-Admin PowerDNS-Admin

PowerDNS-Admin

Support level: Community

What is PowerDNS-Admin

A PowerDNS web interface with advanced features.

-- https://github.com/ngoduykhanh/PowerDNS-Admin

Preparation

The following placeholders will be used:

  • pdns-admin.company is the FQDN of the PowerDNS-Admin install.
  • authentik.company is the FQDN of the authentik install.

Create a SAML provider with the following parameters:

  • ACS URL: https://pdns-admin.company/saml/authorized
  • Issuer: https://authentik.company
  • Service Provider Binding: Post
  • Audience: pdns-admin
  • Signing Keypair: Select any certificate you have.
  • Property mappings: Select all Managed mappings.

You can of course use a custom signing certificate, and adjust durations.

PowerDNS-Admin

You need to set the following env Variables for Docker based installations.

Set the following values:

SAML_ENABLED=True
SAML_PATH=os.path.join(os.path.dirname(file), 'saml')
SAML_METADATA_URL=https://authentik.company/application/saml/<application-slug>/metadata/
SAML_METADATA_CACHE_LIFETIME=1
SAML_LOGOUT_URL=https://authentik.company/application/saml/<application-slug>/slo/binding/redirect/
SAML_SP_ENTITY_ID=pdns-admin
SAML_SP_CONTACT_NAME=me
SAML_SP_CONTACT_MAIL=me
SAML_NAMEID_FORMAT=urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
SAML_ATTRIBUTE_USERNAME=http://schemas.goauthentik.io/2021/02/saml/username
SAML_ATTRIBUTE_NAME=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
SAML_ATTRIBUTE_EMAIL=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
SAML_ATTRIBUTE_GROUP=http://schemas.xmlsoap.org/claims/Group
SAML_GROUP_ADMIN_NAME=<admin-group-name>
SAML_SIGN_REQUEST='False'
SAML_ASSERTION_ENCRYPTED=False
SAML_WANT_MESSAGE_SIGNED=False
SAML_CERT=/saml.crt

You must mount the certificate selected in authentik as a file in the Docker container. The path in the container must match the path in the env variable SAML_CERT.

docker-compose

services:
    powerdns-admin:
        image: powerdnsadmin/pda-legacy:latest
        restart: always
        ports:
            - 80:80
        volumes:
            - ./saml.crt:/saml.crt:ro