---
version: "2"
services:
  app:
    image: lscr.io/linuxserver/bookstack:latest
    environment:
      PUID: 1000
      PGID: 1000
      APP_URL: https://bookstack.sectorq.eu
      DB_HOST: db
      DB_PORT: 3306
      DB_USER: bookstack
      DB_PASS: l4c1j4yd33Du5lo
      DB_DATABASE: bookstackapp
      # Set authentication method to be saml2
      AUTH_METHOD: saml2
      # Control if BookStack automatically initiates login via your SAML system if it's the only authentication method.
      # Prevents the need for the user to click the "Login with x" button on the login page.
      # Setting this to true enables auto-initiation.
      AUTH_AUTO_INITIATE: false
      # Set the display name to be shown on the login button.
      # (Login with <name>)
      SAML2_NAME: authentik
      # Name of the attribute which provides the user's email address
      SAML2_EMAIL_ATTRIBUTE: email
      # Name of the attribute to use as an ID for the SAML user.
      SAML2_EXTERNAL_ID_ATTRIBUTE: uid
      # Enable SAML group sync.
      SAML2_USER_TO_GROUPS: true
      # Set the attribute from which BookStack will read groups names from.
      # You will need to rename your roles in Bookstack to match your groups in authentik.
      SAML2_GROUP_ATTRIBUTE: http://schemas.xmlsoap.org/claims/Group
      # Name of the attribute(s) to use for the user's display name
      # Can have multiple attributes listed, separated with a '|' in which
      # case those values will be joined with a space.
      # Example: SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName
      # Defaults to the ID value if not found.
      ######SAML2_DISPLAY_NAME_ATTRIBUTES: http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname
      SAML2_DISPLAY_NAME_ATTRIBUTES: username

      # Identity Provider entityID URL
      SAML2_IDP_ENTITYID: https://auth.sectorq.eu/api/v3/providers/saml/10/metadata/?download
      
      # Auto-load metadata from the IDP
      # Setting this to true negates the need to specify the next three options
      SAML2_AUTOLOAD_METADATA: true






      
    volumes:
      - /share/docker_data/bookstack/bookstack_app_data:/config
    ports:
      - 6875:80
    restart: ${RESTART:-unless-stopped}
    depends_on:
      - db
    labels:
      com.centurylinklabs.watchtower.enable: true
      homepage.group: Utilities
      homepage.name: Bookstack
      homepage.weight: 1
      homepage.icon: bookstack.png
      homepage.href: https://bookstack.sectorq.eu
      homepage.description: Books
      homepage.server: my-docker
      homepage.container: bookstack-app-1
      # homepage.widget.type: ${APPNAME}
      # homepage.widget.url: https://${APPNAME}.sectorq.eu
      # homepage.widget.key: ddfc91b29920082636da70cc677aec74c88a7666
      # homepage.widget.version: 2
  db:
    image: lscr.io/linuxserver/mariadb
    environment:
      PUID: 0
      PGID: 0
      MYSQL_ROOT_PASSWORD: l4c1j4yd33Du5lo
      TZ: Europe/Bratislava
      MYSQL_DATABASE: bookstackapp
      MYSQL_USER: bookstack
      MYSQL_PASSWORD: l4c1j4yd33Du5lo
    
    volumes:
      - /share/docker_data/bookstack/bookstack_db_data:/config
    restart: ${RESTART:-unless-stopped}