container-server/services/authentik/docker-compose.yml

102 lines
2.9 KiB
YAML
Raw Normal View History

2022-12-17 19:20:46 +01:00
version: '3.7'
# https://github.com/goauthentik/authentik/pkgs/container/server
# https://goauthentik.io/docs/installation/docker-compose
# https://goauthentik.io/docs/troubleshooting/login
2022-12-17 19:20:46 +01:00
# initial setup: https://<your server>/if/flow/initial-setup/
2023-02-18 15:25:31 +01:00
# icon /static/dist/assets/icons/icon.svg
2022-12-17 19:20:46 +01:00
# example flows, e.g. password recovery:
# https://goauthentik.io/docs/flow/examples/flows
# In default-authentication-flow:
# - Edit Flow > Behavior Settings > check "Compatibility mode"
# - Stage Bindings > Identification > Edit Stage
# - Set password stage
# - uncheck "Case insenstive matching" and "Show matched user"
2022-12-17 19:20:46 +01:00
networks:
authentik:
services:
authentik:
image: ghcr.io/goauthentik/server:2023.8
2022-12-17 19:20:46 +01:00
container_name: authentik
restart: "${RESTART:-no}"
hostname: auth
domainname: ${BASE_DOMAIN}
command: server
environment:
- AUTHENTIK_LISTEN__HTTP=0.0.0.0:80
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
2023-06-27 23:38:10 +02:00
2022-12-17 19:20:46 +01:00
- AUTHENTIK_REDIS__HOST=redis-authentik
2022-12-17 19:20:46 +01:00
- AUTHENTIK_POSTGRESQL__HOST=pg-authentik
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${AUTHENTIK_PG_PWD:-password}
2022-12-22 18:11:48 +01:00
- AUTHENTIK_EMAIL__HOST=mail
- AUTHENTIK_EMAIL__PORT=25
- AUTHENTIK_EMAIL__USE_TLS=false
- AUTHENTIK_EMAIL__USE_SSL=false
- AUTHENTIK_EMAIL__FROM=${AUTHENTIK_MAIL_FROM}@${BASE_DOMAIN}
- AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME=false
2022-12-17 19:20:46 +01:00
depends_on:
- pg-authentik
- redis-authentik
networks:
- proxy
2022-12-22 18:11:48 +01:00
- mail
2022-12-17 19:20:46 +01:00
- authentik
authentik-worker:
image: ghcr.io/goauthentik/server:2023.8
2022-12-17 19:20:46 +01:00
container_name: authentik-worker
restart: "${RESTART:-no}"
command: worker
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
2022-12-17 19:20:46 +01:00
- AUTHENTIK_REDIS__HOST=redis-authentik
- AUTHENTIK_POSTGRESQL__HOST=pg-authentik
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${AUTHENTIK_PG_PWD:-password}
- AUTHENTIK_EMAIL__HOST=mail
- AUTHENTIK_EMAIL__PORT=25
- AUTHENTIK_EMAIL__USE_TLS=false
- AUTHENTIK_EMAIL__USE_SSL=false
- AUTHENTIK_EMAIL__FROM=${AUTHENTIK_MAIL_FROM}@${BASE_DOMAIN}
2022-12-17 19:20:46 +01:00
depends_on:
- pg-authentik
- redis-authentik
networks:
- authentik
- mail
2022-12-17 19:20:46 +01:00
pg-authentik:
image: postgres:${POSTGRES_VERSION}-alpine
container_name: pg-authentik
restart: "${RESTART:-no}"
environment:
- POSTGRES_DB=authentik
- POSTGRES_USER=authentik
- POSTGRES_PASSWORD=${AUTHENTIK_PG_PWD:-password}
volumes:
- ${BASE_DIR:-/srv}/authentik/psql:/var/lib/postgresql/data
networks:
- authentik
redis-authentik:
image: redis:7-alpine
2022-12-17 19:20:46 +01:00
container_name: redis-authentik
restart: "${RESTART:-no}"
command: --save 60 1 --loglevel warning
networks:
- authentik