39 lines
1.5 KiB
Django/Jinja
39 lines
1.5 KiB
Django/Jinja
# Noble — directory groups (blueprint). Merges (in order): **noble_authentik_blueprint_public_groups**,
|
|
# **noble_authentik_blueprint_extra_directory_groups**, **noble_authentik_blueprint_nikflix_groups** (see role README).
|
|
# Each entry: a string (**name** only), or a mapping with **name** and optional **is_superuser**, **attributes**, **parents**.
|
|
# **parents** must reference groups that already exist: list those entries *before* children in the merged list, or rely on built-in groups.
|
|
version: 1
|
|
metadata:
|
|
name: noble-directory-groups
|
|
labels:
|
|
blueprints.goauthentik.io/instantiate: "true"
|
|
entries:
|
|
{% set _all = (noble_authentik_blueprint_public_groups | default([]))
|
|
+ (noble_authentik_blueprint_extra_directory_groups | default([]))
|
|
+ (noble_authentik_blueprint_nikflix_groups | default([])) %}
|
|
{% for g in _all %}
|
|
{% set gn = (g.name if (g is mapping) else g) | trim %}
|
|
- model: authentik_core.group
|
|
identifiers:
|
|
name: {{ gn | to_json }}
|
|
{% if g is mapping and (
|
|
(g.get('is_superuser') | default(false) | bool)
|
|
or ((g.get('attributes') or {}) | length > 0)
|
|
or ((g.get('parents') or []) | length > 0)
|
|
) %}
|
|
attrs:
|
|
{% if g.get('is_superuser') | default(false) | bool %}
|
|
is_superuser: true
|
|
{% endif %}
|
|
{% if (g.get('attributes') or {}) | length > 0 %}
|
|
attributes: {{ g.attributes | to_json }}
|
|
{% endif %}
|
|
{% if (g.get('parents') or []) | length > 0 %}
|
|
parents:
|
|
{% for p in g.parents %}
|
|
- !Find [authentik_core.group, [name, {{ p | trim | to_json }}]]
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% endif %}
|
|
{% endfor %}
|