reonokiy/compose
1
0
Fork 0
mirror of https://github.com/reonokiy/compose.git synced 2025-06-15 13:12:54 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

update authentik

Browse source
This commit is contained in:
reonokiy 2025-05-21 22:05:15 +08:00
parent 85956e3183
commit cefb575b68
Signed by: reonokiy
SSH key fingerprint: SHA256:2VjKpUxMIe0QYY3OVnOMuPiB0X5pvrIpJ+UiyFhxtq0
1 changed files with 45 additions and 48 deletions
Download patch file Download diff file Expand all files Collapse all files

93
authentik/docker-compose.yml
View file

@ -1,9 +1,7 @@
---
services: services:
postgres: postgres:
image: docker.io/library/postgres:16-alpine image: postgres:17
restart: unless-stopped restart: always
healthcheck: healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s start_period: 20s
@ -11,17 +9,17 @@ services:
retries: 5 retries: 5
timeout: 5s timeout: 5s
volumes: volumes:
- database:/var/lib/postgresql/data - ${DATA_DIR:-./data}/postgres:/var/lib/postgresql/data
environment: environment:
POSTGRES_PASSWORD: ${PG_PASS:?database password required} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-authentik}
POSTGRES_USER: ${PG_USER:-authentik} POSTGRES_USER: ${POSTGRES_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik} POSTGRES_DB: ${POSTGRES_DB:-authentik}
env_file: env_file:
- .env - .env
redis: redis:
image: docker.io/library/redis:alpine image: redis:8
command: --save 60 1 --loglevel warning command: --save 60 1 --loglevel warning
restart: unless-stopped restart: always
healthcheck: healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"] test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s start_period: 20s
@ -29,64 +27,63 @@ services:
retries: 5 retries: 5
timeout: 3s timeout: 3s
volumes: volumes:
- redis:/data - ${DATA_DIR:-./data}/redis:/data
server: server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.4.0} image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION:-2025.4.0}
restart: unless-stopped restart: always
user: root
command: server command: server
environment: environment:
AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required} AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
AUTHENTIK_REDIS__HOST: redis AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__HOST: postgres
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQL__USER: ${POSTGRES_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQL__NAME: ${POSTGRES_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} AUTHENTIK_POSTGRESQL__PASSWORD: ${POSTGRES_PASSWORD:-authentik}
AUTHENTIK_ERROR_REPORTING__ENABLED: true
AUTHENTIK_EMAIL__HOST: ${SMTP_HOST:?smtp host required}
AUTHENTIK_EMAIL__PORT: ${SMTP_PORT:-587}
AUTHENTIK_EMAIL__USERNAME: ${SMTP_USERNAME:?smtp username required}
AUTHENTIK_EMAIL__PASSWORD: ${SMTP_PASSWORD:?smtp password required}
AUTHENTIK_EMAIL__USE_TLS: ${SMTP_USE_TLS:-true}
AUTHENTIK_EMAIL__FROM: ${SMTP_FROM:?smtp from required}
volumes: volumes:
- ./media:/media - ${DATA_DIR:-./data}/authentik/media:/media
- ./custom-templates:/templates - ${DATA_DIR:-./data}/authentik/templates:/templates
env_file:
- .env
ports: ports:
- "${COMPOSE_PORT_HTTP:-9000}:9000" - "${HTTP_PORT:-9000}:9000"
- "${COMPOSE_PORT_HTTPS:-9443}:9443" - "${HTTPS_PORT:-9443}:9443"
depends_on: depends_on:
postgresql: postgresql:
condition: service_healthy condition: service_healthy
redis: redis:
condition: service_healthy condition: service_healthy
worker: worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.4.0} image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION:-2025.4.0}
restart: unless-stopped restart: always
user: root
command: worker command: worker
environment: environment:
AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required} AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
AUTHENTIK_REDIS__HOST: redis AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__HOST: postgres
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQL__USER: ${POSTGRES_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQL__NAME: ${POSTGRES_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} AUTHENTIK_POSTGRESQL__PASSWORD: ${POSTGRES_PASSWORD:-authentik}
# `user: root` and the docker socket volume are optional. AUTHENTIK_ERROR_REPORTING__ENABLED: true
# See more for the docker socket integration here: AUTHENTIK_EMAIL__HOST: ${SMTP_HOST:?smtp host required}
# https://goauthentik.io/docs/outposts/integrations/docker AUTHENTIK_EMAIL__PORT: ${SMTP_PORT:-587}
# Removing `user: root` also prevents the worker from fixing the permissions AUTHENTIK_EMAIL__USERNAME: ${SMTP_USERNAME:?smtp username required}
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID AUTHENTIK_EMAIL__PASSWORD: ${SMTP_PASSWORD:?smtp password required}
# (1000:1000 by default) AUTHENTIK_EMAIL__USE_TLS: ${SMTP_USE_TLS:-true}
user: root AUTHENTIK_EMAIL__FROM: ${SMTP_FROM:?smtp from required}
volumes: volumes:
- /var/run/docker.sock:/var/run/docker.sock - /var/run/docker.sock:/var/run/docker.sock
- ./media:/media - ${DATA_DIR:-./data}/authentik/media:/media
- ./certs:/certs - ${DATA_DIR:-./data}/authentik/certs:/certs
- ./custom-templates:/templates - ${DATA_DIR:-./data}/authentik/templates:/templates
env_file:
- .env
depends_on: depends_on:
postgresql: postgres:
condition: service_healthy condition: service_healthy
redis: redis:
condition: service_healthy condition: service_healthy
volumes:
database:
driver: local
redis:
driver: local