Archive authentik

.archived/authentik/docker-compose.yml

@@ -0,0 +1,121 @@
+# Authentik Identity Provider Configuration
+
+services:
+  authentik_db:
+    container_name: authentik_db
+    image: docker.io/library/postgres:17.5-alpine
+    restart: unless-stopped
+    environment:
+      # Database configuration
+      - POSTGRES_USER=${POSTGRES_USER}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
+      - POSTGRES_DB=${POSTGRES_DB}
+    volumes:
+      - ${APPDATA_PATH}/authentik/db:/var/lib/postgresql/data
+    ports:
+      - ${POSTGRES_PORT}:5432
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"]
+      start_period: 10s
+      interval: 5s
+      retries: 5
+      timeout: 5s
+
+  authentik_valkey:
+    container_name: authentik_valkey
+    image: docker.io/valkey/valkey:8.1.3-alpine
+    restart: unless-stopped
+    command: valkey-server --save 60 1 --requirepass ${VALKEY_PASSWORD}
+    volumes:
+      - ${APPDATA_PATH}/authentik/valkey:/data
+    healthcheck:
+      test: ["CMD-SHELL", "echo 'auth ${VALKEY_PASSWORD}\nping' | valkey-cli | grep PONG"]
+      start_period: 10s
+      interval: 5s
+      retries: 5
+      timeout: 5s
+
+  authentik_server:
+    container_name: authentik_server
+    image: ghcr.io/goauthentik/server:2025.6.3
+    restart: unless-stopped
+    depends_on:
+      authentik_db:
+        condition: service_healthy
+      authentik_valkey:
+        condition: service_healthy
+    command: server
+    environment:
+      # Generic configuration
+      - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
+      - AUTHENTIK_DISABLE_STARTUP_ANALYTICS=${AUTHENTIK_DISABLE_STARTUP_ANALYTICS}
+      - AUTHENTIK_DISABLE_UPDATE_CHECK=${AUTHENTIK_DISABLE_UPDATE_CHECK}
+      - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING__ENABLED}
+
+      # Database configuration
+      - AUTHENTIK_POSTGRESQL__HOST=authentik_db
+      - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB}
+      - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER}
+      - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
+
+      # Valkey cache configuration
+      - AUTHENTIK_REDIS__HOST=authentik_valkey
+      - AUTHENTIK_REDIS__PASSWORD=${VALKEY_PASSWORD}
+
+      # Email configuration
+      - AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST}
+      - AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT}
+      - AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME}
+      - AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
+      - AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS}
+      - AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL}
+      - AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT}
+      - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM}
+    volumes:
+      - ${APPDATA_PATH}/authentik/media:/media
+      - ${APPDATA_PATH}/authentik/custom-templates:/templates
+    ports:
+      - ${AUTHENTIK_HTTP_PORT}:9000
+      - ${AUTHENTIK_HTTPS_PORT}:9443
+
+  authentik_worker:
+    container_name: authentik_worker
+    image: ghcr.io/goauthentik/server:2025.6.3
+    restart: unless-stopped
+    depends_on:
+      authentik_db:
+        condition: service_healthy
+      authentik_valkey:
+        condition: service_healthy
+    command: worker
+    user: ${PUID}:${PGID}
+    environment:
+      # Generic configuration
+      - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
+      - AUTHENTIK_DISABLE_STARTUP_ANALYTICS=${AUTHENTIK_DISABLE_STARTUP_ANALYTICS}
+      - AUTHENTIK_DISABLE_UPDATE_CHECK=${AUTHENTIK_DISABLE_UPDATE_CHECK}
+      - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING__ENABLED}
+
+      # Database configuration
+      - AUTHENTIK_POSTGRESQL__HOST=authentik_db
+      - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB}
+      - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER}
+      - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
+
+      # Valkey cache configuration
+      - AUTHENTIK_REDIS__HOST=authentik_valkey
+      - AUTHENTIK_REDIS__PASSWORD=${VALKEY_PASSWORD}
+
+      # Email configuration
+      - AUTHENTIK_EMAIL__HOST=${AUTHENTIK_EMAIL__HOST}
+      - AUTHENTIK_EMAIL__PORT=${AUTHENTIK_EMAIL__PORT}
+      - AUTHENTIK_EMAIL__USERNAME=${AUTHENTIK_EMAIL__USERNAME}
+      - AUTHENTIK_EMAIL__PASSWORD=${AUTHENTIK_EMAIL__PASSWORD}
+      - AUTHENTIK_EMAIL__USE_TLS=${AUTHENTIK_EMAIL__USE_TLS}
+      - AUTHENTIK_EMAIL__USE_SSL=${AUTHENTIK_EMAIL__USE_SSL}
+      - AUTHENTIK_EMAIL__TIMEOUT=${AUTHENTIK_EMAIL__TIMEOUT}
+      - AUTHENTIK_EMAIL__FROM=${AUTHENTIK_EMAIL__FROM}
+    volumes:
+      - ${APPDATA_PATH}/authentik/media:/media
+      - ${APPDATA_PATH}/authentik/certs:/certs
+      - ${APPDATA_PATH}/authentik/custom-templates:/templates