version: '3.7' # https://github.com/goauthentik/authentik/pkgs/container/server # https://goauthentik.io/docs/installation/docker-compose # initial setup: https:///if/flow/initial-setup/ networks: auth: name: auth authentik: services: authentik: image: ghcr.io/goauthentik/server container_name: authentik restart: "${RESTART:-no}" hostname: auth domainname: ${BASE_DOMAIN} command: server environment: # - AUTHENTIK_LOG_LEVEL=trace - AUTHENTIK_LISTEN__HTTP=0.0.0.0:80 - AUTHENTIK_REDIS__HOST=redis-authentik - AUTHENTIK_POSTGRESQL__HOST=pg-authentik - AUTHENTIK_POSTGRESQL__USER=authentik - AUTHENTIK_POSTGRESQL__NAME=authentik - AUTHENTIK_POSTGRESQL__PASSWORD=${AUTHENTIK_PG_PWD:-password} - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - AUTHENTIK_EMAIL__HOST=mail - AUTHENTIK_EMAIL__PORT=25 - AUTHENTIK_EMAIL__USE_TLS=false - AUTHENTIK_EMAIL__USE_SSL=false - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_MAIL_FROM}@${BASE_DOMAIN} depends_on: - pg-authentik - redis-authentik networks: - proxy - mail - auth - authentik authentik-worker: image: ghcr.io/goauthentik/server container_name: authentik-worker restart: "${RESTART:-no}" command: worker environment: - AUTHENTIK_REDIS__HOST=redis-authentik - AUTHENTIK_POSTGRESQL__HOST=pg-authentik - AUTHENTIK_POSTGRESQL__USER=authentik - AUTHENTIK_POSTGRESQL__NAME=authentik - AUTHENTIK_POSTGRESQL__PASSWORD=${AUTHENTIK_PG_PWD:-password} - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} depends_on: - pg-authentik - redis-authentik networks: - authentik pg-authentik: image: postgres:${POSTGRES_VERSION}-alpine container_name: pg-authentik restart: "${RESTART:-no}" environment: - POSTGRES_DB=authentik - POSTGRES_USER=authentik - POSTGRES_PASSWORD=${AUTHENTIK_PG_PWD:-password} volumes: - ${BASE_DIR:-/srv}/authentik/psql:/var/lib/postgresql/data networks: - authentik redis-authentik: image: redis:alpine container_name: redis-authentik restart: "${RESTART:-no}" command: --save 60 1 --loglevel warning networks: - authentik