--- services: postgres: image: docker.io/library/postgres:16.5 container_name: authentik-db environment: - POSTGRES_USER=${POSTGRES_USER:-authentik} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?error} - POSTGRES_DB=${POSTGRES_DB:-authentik} - TZ=${TZ:-UTC} healthcheck: test: ['CMD-SHELL', 'pg_isready -U "${POSTGRES_USER:-authentik}"'] start_period: 30s interval: 10s timeout: 10s retries: 5 volumes: - postgres_data:/var/lib/postgresql/data restart: unless-stopped redis: image: docker.io/library/redis:7.4.1 container_name: authentik-redis command: --save 60 1 --loglevel warning healthcheck: test: ["CMD-SHELL", "redis-cli ping | grep PONG"] start_period: 20s interval: 30s retries: 5 timeout: 3s volumes: - redis_data:/data restart: unless-stopped server: image: ghcr.io/goauthentik/server:2024.10.2 container_name: authentik-server command: server environment: - AUTHENTIK_REDIS__HOST=authentik-redis - AUTHENTIK_POSTGRESQL__HOST=authentik-db - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik} - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik} - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:?error} # (Required) To generate a secret key run the following command: # echo $(openssl rand -base64 32) - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY:?error} # (Optional) Enable Error Reporting # - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false} # (Optional) Enable Email Sending # - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error} # - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25} # - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error} # - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error} # - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false} # - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false} # - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10} # - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error} ports: - 9000:9000 - 9443:9443 volumes: - ./media:/media - ./custom-templates:/templates depends_on: - postgres - redis restart: unless-stopped worker: image: ghcr.io/goauthentik/server:2024.10.2 container_name: authentik-worker command: worker environment: - AUTHENTIK_REDIS__HOST=authentik-redis - AUTHENTIK_POSTGRESQL__HOST=authentik-db - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik} - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik} - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:?error} # (Required) To generate a secret key run the following command: # echo $(openssl rand -base64 32) - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY:?error} # (Optional) Enable Error Reporting # - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false} # (Optional) Enable Email Sending # - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error} # - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25} # - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error} # - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error} # - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false} # - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false} # - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10} # - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error} # (Optional) When using the docker socket integration # See more for the docker socket integration here: # https://goauthentik.io/docs/outposts/integrations/docker # user: root volumes: # (Optional) When using the docker socket integration # - /run/docker.sock:/run/docker.sock - ./media:/media - ./certs:/certs - ./custom-templates:/templates depends_on: - postgres - redis restart: unless-stopped volumes: postgres_data: driver: local redis_data: driver: local