cupcakearmy/coolify
1
0
Fork 0
mirror of https://github.com/cupcakearmy/coolify.git synced 2024-10-23 00:24:15 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
c340921fbb
coolify/templates/compose/authentik.yaml

95 lines
3.8 KiB
YAML
Raw Blame History

# documentation: https://docs.goauthentik.io/docs/installation/docker-compose
# slogan: An open-source Identity Provider, focused on flexibility and versatility.
# tags: identity,login,user,oauth,openid,oidc,authentication,saml,auth0,okta
# logo: svgs/authentik.png
# port: 9000
services:
postgresql:
image: docker.io/library/postgres:12-alpine
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d authentik -U $${SERVICE_USER_POSTGRESQL}"]
interval: 2s
timeout: 10s
retries: 15
volumes:
- authentik-db:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRESQL}
- POSTGRES_USER=${SERVICE_USER_POSTGRESQL}
- POSTGRES_DB=authentik
redis:
image: docker.io/library/redis:alpine
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
interval: 2s
timeout: 10s
retries: 15
volumes:
- redis:/data
authentik-server:
image: ghcr.io/goauthentik/server:${AUTHENTIK_TAG:-2024.2.2}
restart: unless-stopped
command: server
environment:
- SERVICE_FQDN_AUTHENTIKSERVER_9000
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=postgresql
- AUTHENTIK_POSTGRESQL__USER=${SERVICE_USER_POSTGRESQL}
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${SERVICE_PASSWORD_POSTGRESQL}
- AUTHENTIK_SECRET_KEY=${SERVICE_PASSWORD_64_AUTHENTIKSERVER}
- AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING__ENABLED:-true}
- AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST}
- AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT}
- AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME}
- AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
- AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS}
- AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL}
- AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT}
- AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM}
volumes:
- ./media:/media
- ./custom-templates:/templates
depends_on:
- postgresql
- redis
authentik-worker:
image: ghcr.io/goauthentik/server:${AUTHENTIK_TAG:-2024.2.2}
restart: unless-stopped
command: worker
environment:
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=postgresql
- AUTHENTIK_POSTGRESQL__USER=${SERVICE_USER_POSTGRESQL}
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${SERVICE_PASSWORD_POSTGRESQL}
- AUTHENTIK_SECRET_KEY=${SERVICE_PASSWORD_64_AUTHENTIKSERVER}
- AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING__ENABLED}
- AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST}
- AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT}
- AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME}
- AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
- AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS}
- AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL}
- AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT}
- AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM}
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./media:/media
- ./certs:/certs
- ./custom-templates:/templates
depends_on:
- postgresql
- redis
Reference in New Issue View Git Blame Copy Permalink