chore: publish 10.1.2+2025.10.2 release

Reviewed-on: #20

.env.sample

@@ -156,5 +156,12 @@ COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
 # APP_ICONS="$APP_ICONS hedgedoc:~/.abra/recipes/authentik/icons/hedgedoc.png"
 # HEDGEDOC_APPGROUP="$GROUP_DOCUMENTATION"
 
+# COMPOSE_FILE="$COMPOSE_FILE:compose.mila.yml"
+# MILA_DOMAIN=mila.example.com
+# SECRET_MILA_ID_VERSION=v1
+# SECRET_MILA_SECRET_VERSION=v1
+# APP_ICONS="$APP_ICONS mila:~/.abra/recipes/authentik/icons/mila.svg"
+# MILA_APPGROUP=""
+
 # APPLICATIONS='{"Calendar": {"url":"https://nextcloud.example.com/apps/calendar/", "group": ""}, "BBB": {"url":"https://nextcloud.example.com/apps/bbb/", "group":""}, "Pretix": {"url":"https://pretix.example.com/control/", "group":""}}'
 # EXTRA_ICONS={"Calendar": "~/.abra/recipes/authentik/icons/calendar.svg", "BBB": "~/.abra/recipes/authentik/icons/bbb.png", "Pretix": "~/.abra/recipes/authentik/icons/pretix.svg"}

.gitignore

@@ -1 +1,2 @@
 .envrc
+.cursorignore

abra.sh

@@ -16,48 +16,46 @@ export ZAMMAD_CONFIG_VERSION=v4
 export RALLLY_CONFIG_VERSION=v4
 export HEDGEDOC_CONFIG_VERSION=v3
 export MONITORING_CONFIG_VERSION=v4
+export MILA_CONFIG_VERSION=v1
 export DB_ENTRYPOINT_VERSION=v1
 export PG_BACKUP_VERSION=v2
 export ENTRYPOINT_CSS_VERSION=v1
 
 customize() {
-    if [ -z "$1" ]
-    then
-            echo "Usage: ... customize <assets_path>"
-            exit 1
-    fi
-    asset_dir=$1
-    for asset in $COPY_ASSETS; do
-        source=$(echo $asset | cut -d "|" -f1)
-        target=$(echo $asset | cut -d "|" -f2)
-        echo copy $source to $target
-        abra app cp $APP_NAME $asset_dir/$source $target
-    done
+  if [ -z "$1" ]; then
+    echo "Usage: ... customize <assets_path>"
+    exit 1
+  fi
+  asset_dir=$1
+  for asset in $COPY_ASSETS; do
+    source=$(echo $asset | cut -d "|" -f1)
+    target=$(echo $asset | cut -d "|" -f2)
+    echo copy $source to $target
+    abra app cp $APP_NAME $asset_dir/$source $target
+  done
 }
 
-shell(){
-    if [ -z "$1" ]
-    then
-            echo "Usage: ... shell <python code>"
-            exit 1
-    fi
-    ak shell -c "$1" 2>&1 | quieten
+shell() {
+  if [ -z "$1" ]; then
+    echo "Usage: ... shell <python code>"
+    exit 1
+  fi
+  ak shell -c "$1" 2>&1 | quieten
 }
 
 import_user() {
-    if [ -z "$1" ]
-    then
-            echo "Usage: ... import_user <users.csv>"
-            exit 1
-    fi
-    source_file=$1
-    filename=$(basename $source_file)
-    abra app cp $APP_NAME $source_file worker:/tmp/
-    abra app cmd -T $APP_NAME worker _import_user $filename
+  if [ -z "$1" ]; then
+    echo "Usage: ... import_user <users.csv>"
+    exit 1
+  fi
+  source_file=$1
+  filename=$(basename $source_file)
+  abra app cp -C $APP_NAME $source_file worker:/tmp/
+  abra app cmd -C -T $APP_NAME worker _import_user $filename
 }
 
 _import_user() {
-/manage.py shell -c """
+  /manage.py shell -c """
 import csv
 new_user = User()
 with open('/tmp/$1', newline='') as file:
@@ -79,15 +77,27 @@ with open('/tmp/$1', newline='') as file:
         else:
             group = Group.objects.create(name=group_name)
             print(f'{group_name} created')
-        group.users.add(new_user)
+        new_user.groups.add(group)
         print(f'add {username} to group {group_name}')
 """ 2>&1 | quieten
 }
 
+set_user_pass() {
+  username="$1"
+  password="$2"
+  /manage.py shell -c """
+user = User.objects.get(username='$username')
+user.set_password('$password')
+user.save()
+print('Changed $username password')
+""" 2>&1 | quieten
+
+}
+
 set_admin_pass() {
-password=$(cat /run/secrets/admin_pass)
-token=$(cat /run/secrets/admin_token)
-/manage.py shell -c """
+  password=$(cat /run/secrets/admin_pass)
+  token=$(cat /run/secrets/admin_token)
+  /manage.py shell -c """
 import time
 i = 0
 while (not User.objects.filter(username='akadmin')):
@@ -122,45 +132,45 @@ else:
 }
 
 rotate_db_pass() {
-    db_password=$(cat /run/secrets/db_password)
-    psql -U authentik -c """ALTER USER authentik WITH PASSWORD '$db_password';"""
+  db_password=$(cat /run/secrets/db_password)
+  psql -U authentik -c """ALTER USER authentik WITH PASSWORD '$db_password';"""
 }
 
 # This function is for blueprints that are overwriting custom blueprints
 # It deactivates the affected custom blueprints to avoid changes to be reverted
 apply_blueprints() {
-    update_and_disable_blueprint default/flow-password-change.yaml
-    update_and_disable_blueprint default/flow-default-authentication-flow.yaml
-    update_and_disable_blueprint default/flow-default-user-settings-flow.yaml
-    update_and_disable_blueprint default/flow-default-source-enrollment.yaml
-    
-    apply_blueprint 3_flow_translation.yaml
-    apply_blueprint 2_flow_authentication.yaml
+  update_and_disable_blueprint default/flow-password-change.yaml
+  update_and_disable_blueprint default/flow-default-authentication-flow.yaml
+  update_and_disable_blueprint default/flow-default-user-settings-flow.yaml
+  update_and_disable_blueprint default/flow-default-source-enrollment.yaml
+
+  apply_blueprint 3_flow_translation.yaml
+  apply_blueprint 2_flow_authentication.yaml
 }
 
 update_and_disable_blueprint() {
-    enable_blueprint $@ 2>&1 | quieten
-    sleep 1
-    apply_blueprint $@
-    sleep 1
-    disable_blueprint $@ 2>&1 | quieten
+  enable_blueprint $@ 2>&1 | quieten
+  sleep 1
+  apply_blueprint $@
+  sleep 1
+  disable_blueprint $@ 2>&1 | quieten
 }
 
 disable_blueprint() {
-    blueprint_state False $@
+  blueprint_state False $@
 }
 
 enable_blueprint() {
-    blueprint_state True $@
+  blueprint_state True $@
 }
 
 apply_blueprint() {
-    echo apply blueprint $@
-    ak apply_blueprint $@ 2>&1 | quieten
+  echo apply blueprint $@
+  ak apply_blueprint $@ 2>&1 | quieten
 }
 
 blueprint_state() {
-/manage.py shell -c """
+  /manage.py shell -c """
 import time
 blueprint_state=$1
 blueprint_path='$2'
@@ -178,9 +188,9 @@ print(f'{blueprint.name} enabled: {blueprint.enabled}')
 }
 
 # This function adds each application with its name, slug and group if passed
-add_applications(){
-export APPLICATIONS
-/manage.py shell -c """
+add_applications() {
+  export APPLICATIONS
+  /manage.py shell -c """
 import json
 import os
 if os.environ['APPLICATIONS'] == '':
@@ -199,77 +209,104 @@ for name, details in applications.items():
         app.group = group
         print(f'Add {name}: {url} in group: {group}')
     else:
+        app.group = ''
         print(f'Add {name}: {url}')
     app.open_in_new_tab = True
     app.save()
 """ 2>&1 | quieten
 }
 
+# This function adds one application with its name, slug and group if passed
+add_single_application() {
+  if [ -z "$2" ]; then
+    echo "Usage: ... add_single_application <name> <url> <group>"
+    exit 1
+  fi
+  /manage.py shell -c """
+import json
+import os
+name = '$1'
+url = '$2'
+app = Application.objects.filter(name=name).first()
+if not app:
+    app = Application()
+app.name = name
+app.slug = name.replace(' ', '-')
+app.meta_launch_url = url
+group = '$3'
+if group:
+    app.group = group
+    print(f'Add {name}: {url} in group: {group}')
+else:
+    app.group = ''
+    print(f'Add {name}: {url}')
+app.open_in_new_tab = True
+app.save()
+""" 2>&1 | quieten
+}
+
 ## This function is for renaming apps - usage: rename "old name" "new name"
 rename() {
-    /manage.py shell -c """
-    old_name = '$1'
-    new_name = '$2' if '$2' else old_name
+  /manage.py shell -c """
+old_name = '$1'
+new_name = '$2' if '$2' else old_name
 
-    app = Application.objects.filter(name=old_name).first()
-    if app:
-        app.name = new_name
-        app.save()
-        print(f'Renamed application from {old_name} to {new_name}')
-    else:
-        print(f'No application found with name: {old_name}')
-    """ > /dev/null 2>&1
+app = Application.objects.filter(name=old_name).first()
+if app:
+    app.name = new_name
+    app.save()
+    print(f'Renamed application from {old_name} to {new_name}')
+else:
+    print(f'No application found with name: {old_name}')
+""" 2>&1 | quieten
 }
 
-
-
-quieten(){
-    # 'SyntaxWarning|version_regex|"http\['
-    # is a workaround to get rid of some verbose syntax warnings, this might be fixed with another version
-    grep -Pv '"level": "(info|debug)"|SyntaxWarning|version_regex|"http\[|RuntimeWarning:'
+quieten() {
+  # 'SyntaxWarning|version_regex|"http\['
+  # is a workaround to get rid of some verbose syntax warnings, this might be fixed with another version
+  grep -Pv '"level": "(info|debug)"|SyntaxWarning|version_regex|"http\[|RuntimeWarning:|### authentik shell|### Node| objects imported automatically|^$'
 }
 
-add_email_templates(){
-for file_path in "$@"; do
+add_email_templates() {
+  for file_path in "$@"; do
     echo copy template $file_path
     abra app cp $APP_NAME $file_path app:/templates/
-done
+  done
 }
 
-set_icons(){
-if [ -n "$1" ]
-then
-APP_ICONS="$1"
-fi
-for icon in $APP_ICONS; do
+set_icons() {
+  if [ -n "$1" ]; then
+    APP_ICONS="$1"
+  fi
+  for icon in $APP_ICONS; do
     app=$(echo $icon | cut -d ":" -f1)
     file_path=$(eval echo $(echo $icon | cut -d ":" -f2))
     file=$(basename $file_path)
     echo copy icon $file_path for $app
-    abra app cp $APP_NAME $file_path app:/media/
-    abra app cmd -T $APP_NAME app set_app_icon $app /media/$file
-done
+    abra app cp -C $APP_NAME $file_path app:/media/
+    abra app cmd -C -T $APP_NAME app set_app_icon $app /media/$file
+  done
 }
 
-set_extra_icons(){
-    if [ -z "$EXTRA_ICONS" ]
-    then
-        echo "Variable EXTRA_ICONS is not set"
-        exit 1
-    fi
-    export EXTRA_ICONS
-    icon_key_values=$(python3 -c "
+set_extra_icons() {
+  if [ -z "$EXTRA_ICONS" ]; then
+    echo "Variable EXTRA_ICONS is not set"
+    exit 1
+  fi
+  export EXTRA_ICONS
+  icon_key_values=$(python3 -c "
 import json
 import os
 for key, value in json.loads(os.environ['EXTRA_ICONS']).items():
-    print(f'{key}:{value}')
+  slug = key.replace(' ','-')
+  print(f'{slug}:{value}')
 ")
-    set_icons "$icon_key_values"
+  set_icons "$icon_key_values"
 }
 
 set_app_icon() {
-TOKEN=$(cat /run/secrets/admin_token)
-python -c """
+  TOKEN=$(cat /run/secrets/admin_token)
+  python -c """
 import requests
 import os
 my_token = '$TOKEN'
@@ -288,18 +325,18 @@ with open(icon_path, 'rb') as img:
 }
 
 blueprint_cleanup() {
-/manage.py shell -c """
+  /manage.py shell -c """
 delete_flows = ['default-recovery-flow' , 'custom-authentication-flow' , 'invitation-enrollment-flow' , 'initial-setup']
 Flow.objects.filter(slug__in=delete_flows).delete()
 Stage.objects.filter(flow=None).delete()
 Prompt.objects.filter(promptstage=None).delete()
 Brand.objects.filter(default=True).delete()
 """ 2>&1 | quieten
-apply_blueprints
+  apply_blueprints
 }
 
 get_certificate() {
-/manage.py shell -c """
+  /manage.py shell -c """
 provider_name='$1'
 if not provider_name:
     print('no Provider Name given')
@@ -312,7 +349,18 @@ print(''.join(cert.certificate_data.splitlines()[1:-1]))
 }
 
 get_user_uid() {
-/manage.py shell -c """
+  /manage.py shell -c """
 print(User.objects.filter(username='$1').first().uid)
 """ 2>&1 | quieten
 }
+
+get_secrets() {
+  grep "" -r /var/run/secrets
+}
+
+fix_collation_mismatch() {
+  psql -U ${POSTGRES_USER} -d authentik -c "ALTER DATABASE authentik REFRESH COLLATION VERSION;"
+  psql -U ${POSTGRES_USER} -d authentik -c "REINDEX DATABASE authentik;"
+  psql -U ${POSTGRES_USER} -d postgres -c "ALTER DATABASE postgres REFRESH COLLATION VERSION;"
+  psql -U ${POSTGRES_USER} -d postgres -c "REINDEX DATABASE postgres;"
+}

alaconnect.yml

@@ -87,3 +87,12 @@ hedgedoc:
         - hedgedoc.png
     secrets:
         hedgedoc_id: hedgedoc
+mila:
+    uncomment:
+        - compose.mila.yml
+        - MILA_DOMAIN
+        - SECRET_MILA_ID_VERSION
+        - SECRET_MILA_SECRET_VERSION
+        - mila.svg
+    secrets:
+        mila_id: mila

compose.mila.yml

@@ -0,0 +1,27 @@
+version: "3.8"
+services:
+  worker:
+    secrets:
+      - mila_id
+      - mila_secret
+    environment:
+      - MILA_DOMAIN
+    configs:
+      - source: mila
+        target: /blueprints/mila.yaml
+
+secrets:
+  mila_id:
+    external: true
+    name: ${STACK_NAME}_mila_id_${SECRET_MILA_ID_VERSION}
+  mila_secret:
+    external: true
+    name: ${STACK_NAME}_mila_secret_${SECRET_MILA_SECRET_VERSION}
+
+
+configs:
+  mila:
+    name: ${STACK_NAME}_mila_${MILA_CONFIG_VERSION}
+    file: mila.yaml.tmpl
+    template_driver: golang
+

compose.outposts.ldap.yml

@@ -1,7 +1,7 @@
 version: "3.8"
 services:
   authentik_ldap:
-      image: ghcr.io/goauthentik/ldap:2025.8.1
+      image: ghcr.io/goauthentik/ldap:2025.10.2
       # Optionally specify which networks the container should be
       # might be needed to reach the core authentik server
       networks:

compose.yml

@@ -5,7 +5,6 @@ x-env: &env
     - AUTHENTIK_POSTGRESQL__USER=authentik
     - AUTHENTIK_POSTGRESQL__NAME=authentik
     - AUTHENTIK_POSTGRESQL__HOST=db
-    - AUTHENTIK_REDIS__HOST=redis
     - AUTHENTIK_ERROR_REPORTING__ENABLED
     - AUTHENTIK_SECRET_KEY=file:///run/secrets/secret_key
     - AUTHENTIK_EMAIL__HOST
@@ -35,11 +34,10 @@ x-env: &env
 version: '3.8'
 services:
   app:
-    image: ghcr.io/goauthentik/server:2025.8.1
+    image: ghcr.io/goauthentik/server:2025.10.2
     command: server
     depends_on:
       - db
-      - redis
     secrets:
       - db_password
       - admin_pass
@@ -71,18 +69,17 @@ services:
         - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions,${STACK_NAME}-redirect"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
         - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
-        - "coop-cloud.${STACK_NAME}.version=8.0.0+2025.8.1"
+        - "coop-cloud.${STACK_NAME}.version=10.1.2+2025.10.2"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.regex=^https://(${REDIRECTS})/(.*)"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
         - "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
 
   worker:
-    image: ghcr.io/goauthentik/server:2025.8.1
+    image: ghcr.io/goauthentik/server:2025.10.2
     command: worker
     depends_on:
       - db
-      - redis
     secrets:
       - db_password
       - admin_pass
@@ -119,7 +116,7 @@ services:
       start_period: 5m
 
   db:
-    image: postgres:15.13
+    image: postgres:15.15
     secrets:
       - db_password
     configs:
@@ -150,22 +147,8 @@ services:
           backupbot.backup: "${ENABLE_BACKUPS:-true}"
           backupbot.backup.pre-hook: "/pg_backup.sh backup"
           backupbot.backup.volumes.database.path: "backup.sql"
-          backupbot.backup.volumes.redis: "false"
           backupbot.restore.post-hook: '/pg_backup.sh restore'
 
-  redis:
-    image:  redis:8.2.1-alpine
-    command: --save 60 1 --loglevel warning
-    networks:
-      - internal
-    healthcheck:
-      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
-      interval: 30s
-      timeout: 10s
-      retries: 10
-      start_period: 1m
-    volumes:
-        - redis:/data
 
 secrets:
   db_password:
@@ -192,7 +175,6 @@ networks:
 volumes:
   media:
   certs:
-  redis:
   templates:
   assets:
   database:

icons/collectives.svg

@@ -0,0 +1,12 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" height="16" width="16" viewBox="0 0 16 16">
+<g>
+	<path d="M2.9,8.8c0-1.2,0.4-2.4,1.2-3.3L0.3,6c-0.2,0-0.3,0.3-0.1,0.4l2.7,2.6C2.9,9,2.9,8.9,2.9,8.8z" />
+	<path d="M8,3.7c0.7,0,1.3,0.1,1.9,0.4L8.2,0.6c-0.1-0.2-0.3-0.2-0.4,0L6.1,4C6.7,3.8,7.3,3.7,8,3.7z" />
+	<path d="M3.7,11.5L3,15.2c0,0.2,0.2,0.4,0.4,0.3l3.3-1.7C5.4,13.4,4.4,12.6,3.7,11.5z" />
+	<path d="M15.7,6l-3.7-0.5c0.7,0.9,1.2,2,1.2,3.3c0,0.1,0,0.2,0,0.3l2.7-2.6C15.9,6.3,15.9,6.1,15.7,6z" />
+	<path d="M12.3,11.5c-0.7,1.1-1.8,1.9-3,2.2l3.3,1.7c0.2,0.1,0.4-0.1,0.4-0.3L12.3,11.5z" />
+	<path d="M9.6,10.1c-0.4,0.5-1,0.8-1.6,0.8c-1.1,0-2-0.9-2.1-2C5.9,7.7,6.8,6.7,8,6.7c0.6,0,1.1,0.3,1.5,0.7
+		c0.1,0.1,0.1,0.1,0.2,0.1h1.4c0.2,0,0.4-0.2,0.3-0.5c-0.7-1.3-2.1-2.2-3.8-2.1C5.8,5,4.3,6.6,4.1,8.5C4,10.8,5.8,12.7,8,12.7
+		c1.6,0,2.9-0.9,3.5-2.3c0.1-0.2-0.1-0.4-0.3-0.4H9.9C9.8,10,9.7,10,9.6,10.1z" />
+</g>
+</svg>

icons/mila.svg

@@ -0,0 +1,5 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 100 100" width="100" height="100">
+  <rect width="100" height="100" rx="12" fill="#4f46e5"/>
+  <text x="50" y="65" font-family="Arial, sans-serif" font-size="48" font-weight="bold" fill="white" text-anchor="middle">M</text>
+</svg>
+

icons/poll.svg

@@ -0,0 +1,3 @@
+<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M6.75 3.00464V5.25464M17.25 3.00464V5.25464M3 18.7546V7.50464C3 6.262 4.00736 5.25464 5.25 5.25464H18.75C19.9926 5.25464 21 6.262 21 7.50464V18.7546M3 18.7546C3 19.9973 4.00736 21.0046 5.25 21.0046H18.75C19.9926 21.0046 21 19.9973 21 18.7546M3 18.7546V11.2546C3 10.012 4.00736 9.00464 5.25 9.00464H18.75C19.9926 9.00464 21 10.012 21 11.2546V18.7546M12 12.7546H12.0075V12.7621H12V12.7546ZM12 15.0046H12.0075V15.0121H12V15.0046ZM12 17.2546H12.0075V17.2621H12V17.2546ZM9.75 15.0046H9.7575V15.0121H9.75V15.0046ZM9.75 17.2546H9.7575V17.2621H9.75V17.2546ZM7.5 15.0046H7.5075V15.0121H7.5V15.0046ZM7.5 17.2546H7.5075V17.2621H7.5V17.2546ZM14.25 12.7546H14.2575V12.7621H14.25V12.7546ZM14.25 15.0046H14.2575V15.0121H14.25V15.0046ZM14.25 17.2546H14.2575V17.2621H14.25V17.2546ZM16.5 12.7546H16.5075V12.7621H16.5V12.7546ZM16.5 15.0046H16.5075V15.0121H16.5V15.0046Z" stroke="#0F172A" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"/>
+</svg>

mila.yaml.tmpl

@@ -0,0 +1,49 @@
+version: 1
+metadata:
+  labels:
+    blueprints.goauthentik.io/instantiate: "true"
+  name: mila
+
+entries:
+
+- attrs:
+    access_code_validity: minutes=1
+    authentication_flow: !Find [authentik_flows.flow, [slug, default-authentication-flow]]
+    authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-implicit-consent]]
+    invalidation_flow: !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
+    client_id: {{ secret  "mila_id" }}
+    client_secret: {{ secret  "mila_secret" }}
+    client_type: confidential
+    include_claims_in_id_token: true
+    issuer_mode: per_provider
+    redirect_uris:
+    - matching_mode: strict
+      url: https://{{ env  "MILA_DOMAIN" }}/auth/user/rauthy/callback
+    name: Mila
+    property_mappings:
+    - !Find [authentik_providers_oauth2.scopemapping, [scope_name, openid]]
+    - !Find [authentik_providers_oauth2.scopemapping, [scope_name, email]]
+    - !Find [authentik_providers_oauth2.scopemapping, [scope_name, profile]]
+    signing_key: !Find [authentik_crypto.certificatekeypair, [name, authentik Self-signed Certificate]]
+    sub_mode: hashed_user_id
+    token_validity: days=30
+  conditions: []
+  id: mila_provider
+  identifiers:
+    pk: 9990
+  model: authentik_providers_oauth2.oauth2provider
+  state: present
+
+- attrs:
+    meta_launch_url: https://{{ env  "MILA_DOMAIN" }}
+    open_in_new_tab: true
+    policy_engine_mode: any
+    provider: !KeyOf mila_provider
+    slug: mila
+  conditions: []
+  id: mila_application
+  identifiers:
+    name: Mila
+  model: authentik_core.application
+  state: present
+

release/10.0.0+2025.10.2

@@ -0,0 +1 @@
+2025.10 removes redis. Since 2025.8 all redis tasks have been migrated to postgres.