feat: add authentik-ldap module

tofu/modules/authentik-ldap/main.tf

@@ -0,0 +1,45 @@
+terraform {
+  required_version = ">= 1.6"
+  required_providers {
+    authentik = {
+      source  = "goauthentik/authentik"
+      version = "2025.10.1"
+    }
+  }
+}
+
+
+data "authentik_flow" "default-authentication-flow" {
+  slug = "default-authentication-flow"
+}
+
+data "authentik_flow" "default-invalidation-flow" {
+  slug = "default-invalidation-flow"
+}
+
+
+resource "authentik_provider_ldap" "provider_ldap" {
+  base_dn     = var.base_dn
+  bind_flow   = data.authentik_flow.default-authentication-flow.id
+  name        = var.name
+  unbind_flow = data.authentik_flow.default-invalidation-flow.id
+}
+
+
+resource "authentik_application" "app" {
+  name              = var.app_name
+  slug              = var.app_slug
+  protocol_provider = authentik_provider_ldap.provider_ldap.id
+  open_in_new_tab   = var.open_in_new_tab
+  meta_icon         = var.app_icon
+  meta_description  = var.app_description
+  meta_publisher    = var.app_publisher
+  meta_launch_url   = var.app_url
+}
+
+resource "authentik_policy_binding" "app_access" {
+  target = authentik_application.app.uuid
+  group  = var.app_access_group_id
+  order  = 0
+  count  = var.app_access_group_id != "" ? 1 : 0 # only add it if the group's name exists
+}