2024-03-26 11:35:40 +01:00
|
|
|
---
|
|
|
|
services:
|
|
|
|
postgres:
|
2024-05-10 02:26:30 +02:00
|
|
|
image: docker.io/library/postgres:16.3
|
2024-03-26 11:35:40 +01:00
|
|
|
container_name: authentik-db
|
|
|
|
environment:
|
2024-03-26 13:32:19 +01:00
|
|
|
- POSTGRES_USER=${POSTGRES_USER:-authentik}
|
|
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?error}
|
|
|
|
- POSTGRES_DB=${POSTGRES_DB:-authentik}
|
|
|
|
- TZ=${TZ:-UTC}
|
2024-03-26 11:35:40 +01:00
|
|
|
healthcheck:
|
2024-03-26 13:32:19 +01:00
|
|
|
test: ['CMD-SHELL', 'pg_isready -U "${POSTGRES_USER:-authentik}"']
|
|
|
|
start_period: 30s
|
|
|
|
interval: 10s
|
|
|
|
timeout: 10s
|
2024-03-26 11:35:40 +01:00
|
|
|
retries: 5
|
|
|
|
volumes:
|
2024-03-26 13:32:19 +01:00
|
|
|
- postgres_data:/var/lib/postgresql/data
|
2024-03-26 11:35:40 +01:00
|
|
|
restart: unless-stopped
|
|
|
|
redis:
|
2024-05-21 02:28:22 +02:00
|
|
|
image: docker.io/library/redis:7.2.5
|
2024-03-26 11:35:40 +01:00
|
|
|
container_name: authentik-redis
|
|
|
|
command: --save 60 1 --loglevel warning
|
|
|
|
healthcheck:
|
|
|
|
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
|
|
|
|
start_period: 20s
|
|
|
|
interval: 30s
|
|
|
|
retries: 5
|
|
|
|
timeout: 3s
|
|
|
|
volumes:
|
2024-03-26 13:32:19 +01:00
|
|
|
- redis_data:/data
|
2024-03-26 11:35:40 +01:00
|
|
|
restart: unless-stopped
|
|
|
|
server:
|
2024-06-26 14:24:13 +02:00
|
|
|
image: ghcr.io/goauthentik/server:2024.6.0
|
2024-03-26 11:35:40 +01:00
|
|
|
container_name: authentik-server
|
|
|
|
command: server
|
|
|
|
environment:
|
|
|
|
- AUTHENTIK_REDIS__HOST=authentik-redis
|
|
|
|
- AUTHENTIK_POSTGRESQL__HOST=authentik-db
|
2024-03-26 13:32:19 +01:00
|
|
|
- AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik}
|
|
|
|
- AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik}
|
|
|
|
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:?error}
|
2024-03-26 11:35:40 +01:00
|
|
|
# (Required) To generate a secret key run the following command:
|
|
|
|
# echo $(openssl rand -base64 32)
|
2024-03-26 13:32:19 +01:00
|
|
|
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY:?error}
|
2024-03-26 11:35:40 +01:00
|
|
|
# (Optional) Enable Error Reporting
|
2024-03-26 13:32:19 +01:00
|
|
|
# - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false}
|
2024-03-26 11:35:40 +01:00
|
|
|
# (Optional) Enable Email Sending
|
2024-03-26 13:32:19 +01:00
|
|
|
# - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error}
|
|
|
|
# - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25}
|
|
|
|
# - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error}
|
|
|
|
# - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error}
|
|
|
|
# - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false}
|
|
|
|
# - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false}
|
|
|
|
# - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10}
|
|
|
|
# - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error}
|
2024-03-26 11:35:40 +01:00
|
|
|
ports:
|
|
|
|
- 9000:9000
|
|
|
|
- 9443:9443
|
|
|
|
volumes:
|
|
|
|
- ./media:/media
|
|
|
|
- ./custom-templates:/templates
|
|
|
|
depends_on:
|
2024-03-26 13:32:19 +01:00
|
|
|
- postgres
|
2024-03-26 11:35:40 +01:00
|
|
|
- redis
|
|
|
|
restart: unless-stopped
|
|
|
|
worker:
|
2024-06-26 14:24:13 +02:00
|
|
|
image: ghcr.io/goauthentik/server:2024.6.0
|
2024-03-26 11:35:40 +01:00
|
|
|
container_name: authentik-worker
|
|
|
|
command: worker
|
|
|
|
environment:
|
|
|
|
- AUTHENTIK_REDIS__HOST=authentik-redis
|
|
|
|
- AUTHENTIK_POSTGRESQL__HOST=authentik-db
|
2024-03-26 13:32:19 +01:00
|
|
|
- AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik}
|
|
|
|
- AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik}
|
|
|
|
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:?error}
|
|
|
|
# (Required) To generate a secret key run the following command:
|
|
|
|
# echo $(openssl rand -base64 32)
|
|
|
|
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY:?error}
|
|
|
|
# (Optional) Enable Error Reporting
|
|
|
|
# - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false}
|
|
|
|
# (Optional) Enable Email Sending
|
|
|
|
# - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error}
|
|
|
|
# - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25}
|
|
|
|
# - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error}
|
|
|
|
# - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error}
|
|
|
|
# - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false}
|
|
|
|
# - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false}
|
|
|
|
# - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10}
|
|
|
|
# - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error}
|
2024-03-26 11:35:40 +01:00
|
|
|
# (Optional) When using the docker socket integration
|
|
|
|
# See more for the docker socket integration here:
|
|
|
|
# https://goauthentik.io/docs/outposts/integrations/docker
|
|
|
|
# user: root
|
|
|
|
volumes:
|
|
|
|
# (Optional) When using the docker socket integration
|
|
|
|
# - /var/run/docker.sock:/var/run/docker.sock
|
|
|
|
- ./media:/media
|
|
|
|
- ./certs:/certs
|
|
|
|
- ./custom-templates:/templates
|
|
|
|
depends_on:
|
2024-03-26 13:32:19 +01:00
|
|
|
- postgres
|
2024-03-26 11:35:40 +01:00
|
|
|
- redis
|
|
|
|
restart: unless-stopped
|
|
|
|
|
|
|
|
volumes:
|
2024-03-26 13:32:19 +01:00
|
|
|
postgres_data:
|
2024-03-26 11:35:40 +01:00
|
|
|
driver: local
|
2024-03-26 13:32:19 +01:00
|
|
|
redis_data:
|
2024-03-26 11:35:40 +01:00
|
|
|
driver: local
|