From 75ef48a4d01d88ce2b30c4e5882bd203b0911e1c Mon Sep 17 00:00:00 2001
From: reonokiy <reonokiy@nokiy.net>
Date: Sun, 18 May 2025 20:48:14 +0800
Subject: [PATCH 1/4] update

---
 gotosocial/docker-compose.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 gotosocial/docker-compose.yaml

diff --git a/gotosocial/docker-compose.yaml b/gotosocial/docker-compose.yaml
new file mode 100644
index 0000000..b293878
--- /dev/null
+++ b/gotosocial/docker-compose.yaml
@@ -0,0 +1,28 @@
+services:
+  gotosocial:
+    image: superseriousbusiness/gotosocial:0.19.1
+    container_name: gotosocial
+    restart: always
+    environment:
+      GTS_HOST: ${GTS_HOST}
+      GTS_TRUSTED_PROXIES: ${GTS_TRUSTED_PROXIES}
+      GTS_INSTANCE_LANGUAGE: ${GTS_INSTANCE_LANGUAGE}
+      GTS_OIDC_ENABLED: true
+      GTS_OIDC_ISSUER: ${GTS_OIDC_ISSUER}
+      GTS_OIDC_LINK_EXISTING: ${GTS_OIDC_LINK_EXISTING}
+      GTS_OIDC_ALLOWED_GROUPS: ${GTS_OIDC_ALLOWED_GROUPS}
+      GTS_OIDC_ADMIN_GROUPS: ${GTS_OIDC_ADMIN_GROUPS}
+      GTS_OIDC_CLIENT_ID: ${GTS_OIDC_CLIENT_ID}
+      GTS_OIDC_CLIENT_SECRET: ${GTS_OIDC_CLIENT_SECRET}
+      GTS_STORAGE_BACKEND: s3
+      GTS_STORAGE_S3_PROXY: false
+      GTS_STORAGE_S3_BUCKET: ${GTS_STORAGE_S3_BUCKET}
+      GTS_STORAGE_S3_ENDPOINT: ${GTS_STORAGE_S3_ENDPOINT}
+      GTS_STORAGE_S3_ACCESS_KEY: ${GTS_STORAGE_S3_ACCESS_KEY}
+      GTS_STORAGE_S3_SECRET_KEY: ${GTS_STORAGE_S3_SECRET_KEY}
+    ports:
+      - 80:8080
+    volumes:
+      - ${DATA_DIR:-./data}/gotosocial:/gotosocial/storage
+      - ${DATA_DIR:-./data}/cache:/gotosocial/.cache
+

From b09833178954bb0272e9e40737bdf64136cd5d7f Mon Sep 17 00:00:00 2001
From: reonokiy <reonokiy@nokiy.net>
Date: Sun, 18 May 2025 21:20:49 +0800
Subject: [PATCH 2/4] update

---
 authentik/docker-compose.yml | 92 ++++++++++++++++++++++++++++++++++++
 umami/docker-compose.yaml    | 35 ++++++++++++++
 2 files changed, 127 insertions(+)
 create mode 100644 authentik/docker-compose.yml
 create mode 100644 umami/docker-compose.yaml

diff --git a/authentik/docker-compose.yml b/authentik/docker-compose.yml
new file mode 100644
index 0000000..4ce084b
--- /dev/null
+++ b/authentik/docker-compose.yml
@@ -0,0 +1,92 @@
+---
+
+services:
+  postgres:
+    image: docker.io/library/postgres:16-alpine
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 5s
+    volumes:
+      - database:/var/lib/postgresql/data
+    environment:
+      POSTGRES_PASSWORD: ${PG_PASS:?database password required}
+      POSTGRES_USER: ${PG_USER:-authentik}
+      POSTGRES_DB: ${PG_DB:-authentik}
+    env_file:
+      - .env
+  redis:
+    image: docker.io/library/redis:alpine
+    command: --save 60 1 --loglevel warning
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 3s
+    volumes:
+      - redis:/data
+  server:
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.4.0}
+    restart: unless-stopped
+    command: server
+    environment:
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    volumes:
+      - ./media:/media
+      - ./custom-templates:/templates
+    env_file:
+      - .env
+    ports:
+      - "${COMPOSE_PORT_HTTP:-9000}:9000"
+      - "${COMPOSE_PORT_HTTPS:-9443}:9443"
+    depends_on:
+      postgresql:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+  worker:
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.4.0}
+    restart: unless-stopped
+    command: worker
+    environment:
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
+      AUTHENTIK_REDIS__HOST: redis
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+    # `user: root` and the docker socket volume are optional.
+    # See more for the docker socket integration here:
+    # https://goauthentik.io/docs/outposts/integrations/docker
+    # Removing `user: root` also prevents the worker from fixing the permissions
+    # on the mounted folders, so when removing this make sure the folders have the correct UID/GID
+    # (1000:1000 by default)
+    user: root
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./media:/media
+      - ./certs:/certs
+      - ./custom-templates:/templates
+    env_file:
+      - .env
+    depends_on:
+      postgresql:
+        condition: service_healthy
+      redis:
+        condition: service_healthy
+
+volumes:
+  database:
+    driver: local
+  redis:
+    driver: local
diff --git a/umami/docker-compose.yaml b/umami/docker-compose.yaml
new file mode 100644
index 0000000..df055a6
--- /dev/null
+++ b/umami/docker-compose.yaml
@@ -0,0 +1,35 @@
+services:
+  umami:
+    image: ghcr.io/umami-software/umami:postgresql-v2.18.1
+    ports:
+      - "3000:3000"
+    environment:
+      DATABASE_URL: postgresql://umami:${POSTGRES_PASSWORD:-umami}@postgres:5432/umami
+      DATABASE_TYPE: postgresql
+      APP_SECRET: ${APP_SECRET}
+    init: true
+    restart: always
+    healthcheck:
+      test: ["CMD-SHELL", "curl http://localhost:3000/api/heartbeat"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+  postgres:
+    image: postgres:17.5
+    container_name: postgres
+    restart: always
+    environment:
+      POSTGRES_DB: umami
+      POSTGRES_USER: umami
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-umami}
+    volumes:
+      - ${DATA_DIR:-./data}/postgres:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
+      interval: 5s
+      timeout: 5s
+      retries: 5

From e4d0a728774f92104fb8030941db435cb168c5ae Mon Sep 17 00:00:00 2001
From: reonokiy <reonokiy@nokiy.net>
Date: Sun, 18 May 2025 21:25:42 +0800
Subject: [PATCH 3/4] update

---
 umami/docker-compose.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/umami/docker-compose.yaml b/umami/docker-compose.yaml
index df055a6..3d3cb02 100644
--- a/umami/docker-compose.yaml
+++ b/umami/docker-compose.yaml
@@ -2,7 +2,7 @@ services:
   umami:
     image: ghcr.io/umami-software/umami:postgresql-v2.18.1
     ports:
-      - "3000:3000"
+      - 80:3000
     environment:
       DATABASE_URL: postgresql://umami:${POSTGRES_PASSWORD:-umami}@postgres:5432/umami
       DATABASE_TYPE: postgresql

From 85956e318381a236e1ae583e2d315819eb9866b4 Mon Sep 17 00:00:00 2001
From: reonokiy <reonokiy@nokiy.net>
Date: Sun, 18 May 2025 21:28:24 +0800
Subject: [PATCH 4/4] update

---
 umami/docker-compose.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/umami/docker-compose.yaml b/umami/docker-compose.yaml
index 3d3cb02..e37f0a8 100644
--- a/umami/docker-compose.yaml
+++ b/umami/docker-compose.yaml
@@ -1,6 +1,7 @@
 services:
   umami:
     image: ghcr.io/umami-software/umami:postgresql-v2.18.1
+    container_name: umami
     ports:
       - 80:3000
     environment: