mirror of
https://gitlab.sectorq.eu/home/docker-compose.git
synced 2025-07-02 08:18:33 +02:00
113 lines
3.6 KiB
YAML
113 lines
3.6 KiB
YAML
---
|
|
|
|
#PG_PASS 499NU6Ze5HcJK4IwSShO8oDbj3j0i0CalyEzfgEp
|
|
#AUTHENTIK_SECRET_KEY ZKkVCxj8kKj5ZklvzxKG2IgYQOftDoLPRjc57yomr1qzbKEQVZ
|
|
#AUTHENTIK_ERROR_REPORTING__ENABLED true
|
|
services:
|
|
postgresql:
|
|
image: docker.io/library/postgres:16-alpine
|
|
restart: unless-stopped
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
|
|
start_period: 20s
|
|
interval: 30s
|
|
retries: 5
|
|
timeout: 5s
|
|
volumes:
|
|
- /share/docker_data/authentik/database:/var/lib/postgresql/data
|
|
env_file:
|
|
- stack.env
|
|
|
|
redis:
|
|
image: docker.io/library/redis:alpine
|
|
command: --save 60 1 --loglevel warning
|
|
restart: unless-stopped
|
|
env_file:
|
|
- stack.env
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
|
|
start_period: 20s
|
|
interval: 30s
|
|
retries: 5
|
|
timeout: 3s
|
|
volumes:
|
|
- redis:/data
|
|
server:
|
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.6.1}
|
|
restart: unless-stopped
|
|
command: server
|
|
env_file:
|
|
- stack.env
|
|
volumes:
|
|
- /share/docker_data/authentik/media:/media
|
|
- /share/docker_data/authentik/custom-templates:/templates
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
ports:
|
|
- "${COMPOSE_PORT_HTTP:-9003}:9000"
|
|
- "${COMPOSE_PORT_HTTPS:-9453}:9443"
|
|
depends_on:
|
|
- postgresql
|
|
- redis
|
|
labels:
|
|
- homepage.group=Utilities
|
|
- homepage.name=Authentik
|
|
- homepage.icon=authentik.png
|
|
- homepage.href=https://auth.sectorq.eu
|
|
- homepage.description=Authentification server
|
|
- homepage.server=my-docker
|
|
- homepage.container=authentik-server-1
|
|
- homepage.widget.type=authentik
|
|
- homepage.widget.url=https://auth.sectorq.eu
|
|
- homepage.widget.key=sVOwPPInTue7ZnvolmKG15hkE9gCyLcuAelLOQny6OIVn7JUilny9loPTG0v
|
|
worker:
|
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.6.1}
|
|
restart: unless-stopped
|
|
command: worker
|
|
env_file:
|
|
- stack.env
|
|
environment:
|
|
AUTHENTIK_REDIS__HOST: redis
|
|
AUTHENTIK_POSTGRESQL__HOST: postgresql
|
|
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
|
|
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
|
|
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
|
|
AUTHENTIK_SECRET_KEY: $AUTHENTIK_SECRET_KEY
|
|
TZ: Europe/Bratislava
|
|
# `user: root` and the docker socket volume are optional.
|
|
# See more for the docker socket integration here:
|
|
# https://goauthentik.io/docs/outposts/integrations/docker
|
|
# Removing `user: root` also prevents the worker from fixing the permissions
|
|
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
|
|
# (1000:1000 by default)
|
|
user: root
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- /share/docker_data/authentik/media:/media
|
|
- /share/docker_data/authentik/certs:/certs
|
|
- /share/docker_data/authentik/custom-templates:/templates
|
|
depends_on:
|
|
- postgresql
|
|
- redis
|
|
authentik_ldap:
|
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/ldap}:${AUTHENTIK_TAG:-2024.6.1}
|
|
# Optionally specify which networks the container should be
|
|
# might be needed to reach the core authentik server
|
|
# networks:
|
|
# - foo
|
|
ports:
|
|
- 2389:3389
|
|
- 2636:6636
|
|
restart: unless-stopped
|
|
env_file:
|
|
- stack.env
|
|
environment:
|
|
AUTHENTIK_HOST: https://auth.sectorq.eu
|
|
AUTHENTIK_INSECURE: "false"
|
|
AUTHENTIK_TOKEN: EfLokorVuj1woeO0p1he3mRJvVfGfvdKM8Bdew3DtDZZ3To6bVpFSDI7GOqY
|
|
TZ: Europe/Bratislava
|
|
volumes:
|
|
database:
|
|
driver: local
|
|
redis:
|
|
driver: local
|