f7ef89fa82
Custom email template rendered via AUTH_APP_URL, mounted in Authentik, and gitignored rendered HTML to avoid localhost hardcoding in prod.
41 lines
1.2 KiB
Bash
Executable File
41 lines
1.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Render Authentik blueprint + email templates using .env.resolved variables.
|
|
set -euo pipefail
|
|
|
|
ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
|
|
BP_DIR="$ROOT/deploy/authentik/blueprints"
|
|
TPL_DIR="$ROOT/deploy/authentik/templates"
|
|
|
|
if [[ -z "${SUITE_ORIGIN:-}" || -z "${PUBLIC_HOST:-}" ]]; then
|
|
echo "render-blueprints: SUITE_ORIGIN and PUBLIC_HOST must be set (source .env.resolved first)" >&2
|
|
exit 1
|
|
fi
|
|
|
|
# Frontend origin for auth pages (/login, /reset-password). Falls back to SUITE_ORIGIN.
|
|
AUTH_APP_URL="${AUTH_APP_URL:-${NEXT_PUBLIC_APP_URL:-${SUITE_ORIGIN}}}"
|
|
if [[ "$AUTH_APP_URL" == */mail ]]; then
|
|
AUTH_APP_URL="${AUTH_APP_URL%/mail}"
|
|
fi
|
|
|
|
render_one() {
|
|
local tpl="$1"
|
|
local out="${tpl%.template}"
|
|
sed \
|
|
-e "s|{{SUITE_ORIGIN}}|${SUITE_ORIGIN}|g" \
|
|
-e "s|{{PUBLIC_HOST}}|${PUBLIC_HOST}|g" \
|
|
-e "s|{{SECURE}}|${SECURE:-}|g" \
|
|
-e "s|{{AUTH_APP_URL}}|${AUTH_APP_URL}|g" \
|
|
"$tpl" > "$out"
|
|
echo "render-blueprints: ${out##*/}"
|
|
}
|
|
|
|
shopt -s nullglob
|
|
for tpl in "$BP_DIR"/*.yaml.template; do
|
|
render_one "$tpl"
|
|
done
|
|
|
|
for tpl in "$TPL_DIR"/**/*.template "$TPL_DIR"/*/*.template; do
|
|
[[ -f "$tpl" ]] || continue
|
|
render_one "$tpl"
|
|
done
|