mosaic/bootstrap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
80c3680ccb3b4175c05ecf4b2d725afbc33f34d8
bootstrap/tools/authentik
History
Jason Woltje 80c3680ccb feat: rename rails/ to tools/ and add service tool suites 
Rename the `rails/` directory to `tools/` for agent discoverability —
agents frequently failed to locate helper scripts due to the non-intuitive
directory name. Add backward-compat symlink `rails/ → tools/`.

New tool suites:
- Authentik: auth-token, user-list, user-create, group-list, app-list,
  flow-list, admin-status (8 scripts)
- Coolify: team-list, project-list, service-list, service-status, deploy,
  env-set (7 scripts)
- Woodpecker: pipeline-list, pipeline-status, pipeline-trigger (3 stubs)
- GLPI: session-init, computer-list, ticket-list, ticket-create, user-list
  (6 scripts)
- Health: stack-health.sh — stack-wide connectivity check

Infrastructure:
- Shared credential loader at tools/_lib/credentials.sh
- install.sh creates symlink + chmod on tool scripts
- All ~253 rails/ path references updated across 68+ files

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-22 11:51:39 -06:00
..
admin-status.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
app-list.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
auth-token.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
flow-list.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
group-list.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
README.md
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
user-create.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00
user-list.sh
feat: rename rails/ to tools/ and add service tool suites
2026-02-22 11:51:39 -06:00

README.md

Authentik Tool Suite

Manage Authentik identity provider (SSO, users, groups, applications, flows) via CLI.

Prerequisites

  • jq installed
  • Authentik credentials in ~/src/jarvis-brain/credentials.json (or $MOSAIC_CREDENTIALS_FILE)
  • Required fields: authentik.url, authentik.username, authentik.password

Authentication

Scripts use auth-token.sh to auto-authenticate via username/password and cache the API token at ~/.cache/mosaic/authentik-token. The token is validated on each use and refreshed automatically when expired.

For better security, create a long-lived API token in Authentik admin (Directory > Tokens) and set $AUTHENTIK_TOKEN in your environment — the scripts will use it directly.

Scripts

Script Purpose
auth-token.sh Authenticate and cache API token
user-list.sh List users (search, filter by group)
user-create.sh Create user with optional group assignment
group-list.sh List groups
app-list.sh List OAuth/SAML applications
flow-list.sh List authentication flows
admin-status.sh System health and version info

Common Options

All scripts support:

  • -f json — JSON output (default: table)
  • -h — Show help

API Reference

  • Base URL: https://auth.diversecanvas.com
  • API prefix: /api/v3/
  • OpenAPI schema: /api/v3/schema/
  • Auth: Bearer token in Authorization header

Examples

# List all users
~/.config/mosaic/tools/authentik/user-list.sh

# Search for a user
~/.config/mosaic/tools/authentik/user-list.sh -s "jason"

# Create a user in the admins group
~/.config/mosaic/tools/authentik/user-create.sh -u newuser -n "New User" -e new@example.com -g admins

# List OAuth applications as JSON
~/.config/mosaic/tools/authentik/app-list.sh -f json

# Check system health
~/.config/mosaic/tools/authentik/admin-status.sh
Reference in New Issue View Git Blame Copy Permalink