The nixpkgs authentik-django package hardcodes blueprints_dir to its
Nix store path, making custom blueprints mounted at /blueprints/custom
invisible to the discovery system. Add extraCommands to create a
/blueprints directory with symlinks to the built-in blueprint dirs,
and set AUTHENTIK_BLUEPRINTS_DIR=/blueprints so authentik scans the
unified directory.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The ak wrapper script requires mkdir (and likely other coreutils)
to create runtime directories.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Nix-built container using pkgs.authentik with ak entrypoint.
Includes bashInteractive (ak is a bash wrapper), cacert, tzdata.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
