version: '3.7' # https://github.com/goauthentik/authentik/pkgs/container/server # https://goauthentik.io/docs/installation/docker-compose # https://goauthentik.io/docs/troubleshooting/login # initial setup: https:///if/flow/initial-setup/ # icon /static/dist/assets/icons/icon.svg # example flows, e.g. password recovery: # https://goauthentik.io/docs/flow/examples/flows # In default-authentication-flow: # - Edit Flow > Behavior Settings > check "Compatibility mode" # - Stage Bindings > Identification > Edit Stage # - Set password stage # - uncheck "Case insenstive matching" and "Show matched user" networks: authentik: services: authentik: image: ghcr.io/goauthentik/server:2024.6 container_name: authentik restart: "${RESTART:-no}" hostname: auth domainname: ${BASE_DOMAIN} command: server environment: - AUTHENTIK_LISTEN__HTTP=0.0.0.0:80 - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - AUTHENTIK_REDIS__HOST=redis-authentik - AUTHENTIK_POSTGRESQL__HOST=pg-authentik - AUTHENTIK_POSTGRESQL__USER=authentik - AUTHENTIK_POSTGRESQL__NAME=authentik - AUTHENTIK_POSTGRESQL__PASSWORD=${AUTHENTIK_PG_PWD:-password} - AUTHENTIK_EMAIL__HOST=mail - AUTHENTIK_EMAIL__PORT=25 - AUTHENTIK_EMAIL__USE_TLS=false - AUTHENTIK_EMAIL__USE_SSL=false - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_MAIL_FROM}@${BASE_DOMAIN} - AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME=false depends_on: - pg-authentik - redis-authentik networks: - proxy - mail - authentik authentik-worker: image: ghcr.io/goauthentik/server:2024.6 container_name: authentik-worker restart: "${RESTART:-no}" command: worker environment: - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - AUTHENTIK_REDIS__HOST=redis-authentik - AUTHENTIK_POSTGRESQL__HOST=pg-authentik - AUTHENTIK_POSTGRESQL__USER=authentik - AUTHENTIK_POSTGRESQL__NAME=authentik - AUTHENTIK_POSTGRESQL__PASSWORD=${AUTHENTIK_PG_PWD:-password} - AUTHENTIK_EMAIL__HOST=mail - AUTHENTIK_EMAIL__PORT=25 - AUTHENTIK_EMAIL__USE_TLS=false - AUTHENTIK_EMAIL__USE_SSL=false - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_MAIL_FROM}@${BASE_DOMAIN} depends_on: - pg-authentik - redis-authentik networks: - authentik - mail pg-authentik: image: postgres:16-alpine container_name: pg-authentik restart: "${RESTART:-no}" environment: - POSTGRES_DB=authentik - POSTGRES_USER=authentik - POSTGRES_PASSWORD=${AUTHENTIK_PG_PWD:-password} volumes: - ${BASE_DIR:-/srv}/authentik/psql:/var/lib/postgresql/data networks: - authentik redis-authentik: image: redis:7-alpine container_name: redis-authentik restart: "${RESTART:-no}" command: --save 60 1 --loglevel warning networks: - authentik