diff --git a/README.md b/README.md index c08acec..ecf40e5 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,166 @@ -# authentik_ngx_cloudpanel +# Authentik Installation Script for CloudPanel Ubuntu 24.04 server ONLY +This repository contains an automated installation script for deploying Authentik Identity Provider alongside CloudPanel. The script handles Docker installation, service configuration, and initial setup, making it easy to get a production-ready Authentik instance up and running. + +[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) + +## Features + +- 🔧 Automated Docker installation and configuration +- 🚀 One-command Authentik deployment +- 🔒 Automatic secure credential generation +- 🛡️ Built-in health checks and verification +- 🔄 Service recovery and redeployment capabilities +- 📝 Detailed logging +- 🌐 CloudPanel integration support + +## Prerequisites + +- Ubuntu 24.04 server ONLY +- Root/sudo access +- CloudPanel installed (optional, for reverse proxy setup) +- Port 9000 and 9443 available + +## Quick Start + +1. Download the installation script: +```bash +wget -O authentik-install.sh wget https://git.hhf.technology/hhf/authentik_ngx_cloudpanel/raw/branch/main/authentik-install.sh +``` + +2. Make the script executable: +```bash +chmod +x authentik-install.sh +``` + +3. Run the installation: +```bash +sudo ./authentik-install.sh +``` + +## What the Script Does + +- Checks and installs Docker if necessary +- Sets up required directories and configurations +- Generates secure random passwords and tokens +- Deploys PostgreSQL, Redis, and Authentik services +- Configures initial admin account +- Verifies successful installation +- Provides detailed setup information + +## Configuration + +The script uses the following default configuration: + +- Installation Directory: `/docker/authentik` +- PostgreSQL Database: `authentik` +- Web Interface Port: `9000` +- HTTPS Port: `9443` + +To customize the admin email before installation, edit the script: +```bash +ADMIN_EMAIL="your-email@example.com" +``` + +## Directory Structure + +``` +/docker/authentik/ +├── docker-compose.yml +├── media/ +├── certs/ +└── custom-templates/ +``` + +## Logging + +The script maintains detailed logs at: +``` +/var/log/authentik-install.log +``` + +## CloudPanel Integration + +After installation, you can set up a reverse proxy in CloudPanel: + +1. Create a new site +2. Choose "Reverse Proxy" type +3. Point to `http://localhost:9000` +4. Set up SSL certificate + +## Troubleshooting + +### Common Issues + +1. **Services not starting:** +```bash +cd /docker/authentik +docker compose ps +docker compose logs +``` + +2. **Port conflicts:** +```bash +sudo lsof -i :9000 +sudo lsof -i :9443 +``` + +3. **Lost credentials:** +```bash +cd /docker/authentik +cat docker-compose.yml +``` + +### Initial Setup + +Access the setup page at: +``` +http://:9000/if/flow/initial-setup/ +``` + +## Maintenance + +### Backups + +Back up your Authentik installation: +```bash +cd /docker/authentik +docker compose down +tar -czf authentik-backup.tar.gz ./* +docker compose up -d +``` + +### Updates + +Update Authentik to the latest version: +```bash +cd /docker/authentik +docker compose pull +docker compose up -d +``` + +## Security Notes + +- Change default passwords after initial setup +- Enable 2FA for admin account +- Regularly update all services +- Monitor logs for suspicious activity +- Back up data regularly + +## License + +This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. + +## Acknowledgments + +- [Authentik Project](https://goauthentik.io/) +- [CloudPanel](https://www.cloudpanel.io/) +- Docker Community +- All contributors and testers + +## Support + +For issues and support: +1. Check the [troubleshooting guide](https://forum.hhf.technology/t/complete-guide-installing-authentik-with-cloudpanel-ubuntu-24-04-only/457) +2. Open an issue on the above troubleshooting link. +3. Visit the [Authentik Documentation](https://goauthentik.io/docs/) \ No newline at end of file