From 57344eae0b775887e61d24e51d64fa8851513ad5 Mon Sep 17 00:00:00 2001 From: Michael Scheidel Date: Tue, 4 Nov 2025 21:30:29 +0100 Subject: [PATCH] =?UTF-8?q?infrastructure/authentik/docker-compose.yml=20h?= =?UTF-8?q?inzugef=C3=BCgt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- infrastructure/authentik/docker-compose.yml | 121 ++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 infrastructure/authentik/docker-compose.yml diff --git a/infrastructure/authentik/docker-compose.yml b/infrastructure/authentik/docker-compose.yml new file mode 100644 index 0000000..32338c5 --- /dev/null +++ b/infrastructure/authentik/docker-compose.yml @@ -0,0 +1,121 @@ +services: + postgresql: + image: docker.io/library/postgres:15-alpine + restart: unless-stopped + healthcheck: + test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] + start_period: 20s + interval: 30s + retries: 5 + timeout: 5s + volumes: + - database:/var/lib/postgresql/data + - backup:/backup + environment: + POSTGRES_PASSWORD: ${PG_PASS:?database password required} + POSTGRES_USER: ${PG_USER:-authentik} + POSTGRES_DB: ${PG_DB:-authentik} + env_file: + - .env + + #postgresql: + #image: docker.io/library/postgres:14-alpine + #restart: unless-stopped + #healthcheck: + #test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] + #start_period: 20s + #interval: 30s + #retries: 5 + #timeout: 5s + #volumes: + #- database-14:/var/lib/postgresql/data + #- backup:/backup + #environment: + #POSTGRES_PASSWORD: ${PG_PASS:?database password required} + #POSTGRES_USER: ${PG_USER:-authentik} + #POSTGRES_DB: ${PG_DB:-authentik} + #env_file: + #- .env + + redis: + image: docker.io/library/redis:alpine + command: --save 60 1 --loglevel warning + restart: unless-stopped + healthcheck: + test: ["CMD-SHELL", "redis-cli ping | grep PONG"] + start_period: 20s + interval: 30s + retries: 5 + timeout: 3s + volumes: + - redis:/data + + server: + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.10.1} + restart: unless-stopped + command: server + environment: + AUTHENTIK_REDIS__HOST: redis + AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} + AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} + AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} + AUTHENTIK_EMAIL__HOST: smtp.strato.de + AUTHENTIK_EMAIL__PORT: 587 + AUTHENTIK_EMAIL__USERNAME: michael.scheidel@scheidel.biz + AUTHENTIK_EMAIL__PASSWORD: ?EAM?Yes!01 + AUTHENTIK_EMAIL__FROM: michael.scheidel@scheidel.biz + AUTHENTIK_EMAIL__USE_TLS: "true" + + + + + + volumes: + - ./media:/media + - ./custom-templates:/templates + env_file: + - .env + ports: + - "${COMPOSE_PORT_HTTP:-9000}:9000" + - "${COMPOSE_PORT_HTTPS:-9443}:9443" + depends_on: + - postgresql + - redis + + worker: + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.10.1} + restart: unless-stopped + command: worker + environment: + AUTHENTIK_REDIS__HOST: redis + AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} + AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} + AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} + # `user: root` and the docker socket volume are optional. + # See more for the docker socket integration here: + # https://goauthentik.io/docs/outposts/integrations/docker + # Removing `user: root` also prevents the worker from fixing the permissions + # on the mounted folders, so when removing this make sure the folders have the correct UID/GID + # (1000:1000 by default) + user: root + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./media:/media + - ./certs:/certs + - ./custom-templates:/templates + env_file: + - .env + depends_on: + - postgresql + - redis + +volumes: + #database-14: + #driver: local + redis: + driver: local + database: + driver: local + backup: