70 lines
2.8 KiB
YAML
70 lines
2.8 KiB
YAML
authentik-server:
|
|
command: server
|
|
depends_on:
|
|
- postgres
|
|
- redis
|
|
deploy:
|
|
labels:
|
|
traefik.enable: "true"
|
|
traefik.http.routers.authentik-rtr.rule: 'Host(`authentik.your.domain`) || HostRegexp(`{subdomain:[A-Za-z0-9](?:[A-Za-z0-9\-]{0,61}[A-Za-z0-9])?}.your.domain`) && PathPrefix(`/outpost.goauthentik.io/`)'
|
|
traefik.http.routers.authentik-rtr.service: "authentik"
|
|
traefik.http.services.authentik.loadbalancer.server.port: "9000"
|
|
traefik.http.middlewares.authentik.forwardauth.address: "http://authentik-server:9000/outpost.goauthentik.io/auth/traefik"
|
|
traefik.http.middlewares.authentik.forwardauth.trustForwardHeader: "true"
|
|
traefik.http.middlewares.authentik.forwardauth.authResponseHeaders: "X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid,X-authentik-jwt,X-authentik-meta-jwks,X-authentik-meta-outpost,X-authentik-meta-provider,X-authentik-meta-app,X-authentik-meta-version"
|
|
replicas: 1
|
|
environment:
|
|
AUTHENTIK_POSTGRESQL__HOST: "postgres"
|
|
AUTHENTIK_POSTGRESQL__NAME: "authentik"
|
|
AUTHENTIK_POSTGRESQL__USER: "authentik"
|
|
AUTHENTIK_POSTGRESQL__PASSWORD: "file:///run/secrets/authentik-postgres"
|
|
AUTHENTIK_REDIS__HOST: "valkey"
|
|
AUTHENTIK_SECRET_KEY: "file:///run/secrets/authentik-secret"
|
|
AUTHENTIK_EMAIL__HOST: "munin.your.domain"
|
|
AUTHENTIK_EMAIL__FROM: "authentik@turriff.net"
|
|
hostname: "authentik-server"
|
|
image: "ghcr.io/goauthentik/server:2024.4"
|
|
logging:
|
|
driver: journald
|
|
networks:
|
|
- homelab
|
|
restart: on-failure
|
|
secrets:
|
|
- authentik-postgres
|
|
- authentik-secret
|
|
user: "10008:10008"
|
|
volumes:
|
|
- "/srv/data/docker/authentik/media:/media"
|
|
- "/srv/data/docker/authentik/custom-templates:/templates"
|
|
|
|
authentik-worker:
|
|
command: worker
|
|
depends_on:
|
|
- postgres
|
|
- redis
|
|
deploy:
|
|
replicas: 1
|
|
environment:
|
|
AUTHENTIK_POSTGRESQL__HOST: "postgres"
|
|
AUTHENTIK_POSTGRESQL__NAME: "authentik"
|
|
AUTHENTIK_POSTGRESQL__USER: "authentik"
|
|
AUTHENTIK_POSTGRESQL__PASSWORD: "file:///run/secrets/authentik-postgres"
|
|
AUTHENTIK_REDIS__HOST: "valkey"
|
|
AUTHENTIK_SECRET_KEY: "file:///run/secrets/authentik-secret"
|
|
AUTHENTIK_EMAIL__HOST: "munin.your.domain"
|
|
AUTHENTIK_EMAIL__FROM: "authentik@turriff.net"
|
|
image: "ghcr.io/goauthentik/server:2024.4"
|
|
logging:
|
|
driver: journald
|
|
networks:
|
|
- homelab
|
|
restart: on-failure
|
|
secrets:
|
|
- authentik-postgres
|
|
- authentik-secret
|
|
user: "10008:10008"
|
|
volumes:
|
|
- "/srv/data/docker/authentik/media:/media"
|
|
- "/srv/data/docker/authentik/certs:/certs"
|
|
- "/srv/data/docker/authentik/custom-templates:/templates"
|