fern/stacks
1
0
Fork 0
mirror of https://github.com/firewalkwithm3/stacks.git synced 2025-07-01 18:37:48 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions
stacks/authentik/compose.yaml
Fern Garden fc40d136e4 dclint
2025-07-01 17:30:05 +08:00

141 lines
3.8 KiB
YAML
Raw Permalink Blame History

name: authentik
services:
authentik:
image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION}
container_name: authentik
depends_on:
authentik_db:
condition: service_healthy
authentik_redis:
condition: service_healthy
volumes:
- authentik_media:/media
- authentik_templates:/templates
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_REDIS__HOST=authentik_redis
- AUTHENTIK_POSTGRESQL__HOST=authentik_db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true
networks:
- default
- proxy
command: server
restart: unless-stopped
labels:
caddy: auth.fern.garden
caddy.reverse_proxy: "{{upstreams 9000}}"
authentik_db:
image: docker.io/library/postgres:16-alpine
container_name: authentik_db
volumes:
- authentik_db:/var/lib/postgresql/data
environment:
- POSTGRES_USER=authentik
- POSTGRES_DB=authentik
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
networks:
- default
restart: unless-stopped
healthcheck:
test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
authentik_ldap:
image: ghcr.io/goauthentik/ldap:${AUTHENTIK_VERSION}
container_name: authentik_ldap
depends_on:
authentik:
condition: service_healthy
authentik_worker:
condition: service_healthy
environment:
- AUTHENTIK_HOST=http://authentik:9000
- AUTHENTIK_HOST_BROWSER=https://auth.fern.garden
- AUTHENTIK_INSECURE=true
- AUTHENTIK_TOKEN=${AUTHENTIK_LDAP_TOKEN}
networks:
- default
authentik_proxy:
image: ghcr.io/goauthentik/proxy:${AUTHENTIK_VERSION}
container_name: authentik_proxy
depends_on:
authentik:
condition: service_healthy
authentik_worker:
condition: service_healthy
environment:
- AUTHENTIK_HOST=http://authentik:9000
- AUTHENTIK_HOST_BROWSER=https://auth.fern.garden
- AUTHENTIK_INSECURE=true
- AUTHENTIK_TOKEN=${AUTHENTIK_PROXY_TOKEN}
networks:
- default
- proxy
authentik_redis:
image: docker.io/library/redis:alpine
container_name: authentik_redis
volumes:
- authentik_redis:/data
networks:
- default
command: --save 60 1 --loglevel warning
restart: always
healthcheck:
test: [ "CMD-SHELL", "redis-cli ping | grep PONG" ]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
authentik_worker:
image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION}
container_name: authentik_worker
depends_on:
authentik_db:
condition: service_healthy
authentik_redis:
condition: service_healthy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- authentik_media:/media
- authentik_templates:/templates
- authentik_certs:/certs
environment:
- AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
- AUTHENTIK_REDIS__HOST=authentik_redis
- AUTHENTIK_POSTGRESQL__HOST=authentik_db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
- AUTHENTIK_OUTPOSTS__DISABLE_EMBEDDED_OUTPOST=true
networks:
- default
command: worker
restart: unless-stopped
user: root
networks:
default:
proxy:
external: true
volumes:
authentik_db:
name: authentik_db
authentik_redis:
name: authentik_redis
authentik_media:
name: authentik_media
authentik_certs:
name: authentik_certs
authentik_templates:
name: authentik_templates
Reference in a new issue View git blame Copy permalink