Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- services:
- db:
- image: postgres:16-alpine
- restart: unless-stopped
- healthcheck:
- test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
- start_period: 20s
- interval: 30s
- retries: 5
- timeout: 5s
- volumes:
- - database:/var/lib/postgresql/data
- environment:
- POSTGRES_PASSWORD: ${PG_PASS:-authentik}
- POSTGRES_USER: ${PG_USER:-authentik}
- POSTGRES_DB: ${PG_DB:-authentik}
- env_file:
- - ./.env
- networks:
- - default
- redis:
- image: redis:alpine
- command: --save 60 1 --loglevel warning
- restart: unless-stopped
- healthcheck:
- test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
- start_period: 20s
- interval: 30s
- retries: 5
- timeout: 3s
- volumes:
- - redis:/data
- networks:
- - default
- server:
- image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION:-2024.4}
- restart: unless-stopped
- command: server
- environment:
- AUTHENTIK_REDIS__HOST: redis
- AUTHENTIK_POSTGRESQL__HOST: db
- AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
- AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
- AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS:-authentik}
- AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY}
- volumes:
- - media:/media
- - custom-templates:/templates
- env_file:
- - ./.env
- # ports:
- # - "9000:9000"
- # - "9443:9443"
- depends_on:
- - db
- - redis
- labels:
- - "traefik.enable=true"
- - "traefik.http.routers.authentik.rule=Host(`${AUTHENTIK_SUBDOMAIN}.${DOMAIN_NAME}`)"
- - "traefik.http.routers.authentik.entrypoints=securedweb"
- - "traefik.http.routers.authentik-outpost.rule=HostRegexp(`{subdomain:[a-z0-9-]+}.${DOMAIN_NAME}`) && PathPrefix(`/outpost.goauthentik.io/`)"
- - "traefik.http.routers.authentik-outpost.entrypoints=securedweb"
- - "traefik.http.services.authentik.loadbalancer.server.port=9000"
- networks:
- - default
- - traefik_proxy
- worker:
- image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION:-2024.4}
- restart: unless-stopped
- command: worker
- environment:
- AUTHENTIK_REDIS__HOST: redis
- AUTHENTIK_POSTGRESQL__HOST: db
- AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
- AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
- AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS:-authentik}
- AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY}
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock:ro
- - media:/media
- - certs:/certs
- - custom-templates:/templates
- env_file:
- - ./.env
- user: root
- depends_on:
- - db
- - redis
- networks:
- - default
- ldap:
- image: ghcr.io/goauthentik/ldap:${AUTHENTIK_VERSION:-2024.4}
- networks:
- - default
- - traefik_proxy
- environment:
- AUTHENTIK_HOST: https://${AUTHENTIK_SUBDOMAIN}.${DOMAIN_NAME}
- AUTHENTIK_INSECURE: false
- AUTHENTIK_TOKEN: ${AUTHENTIK_LDAP_TOKEN}
- #AUTHENTIK_LISTEN__LDAP: "0.0.0.0:389"
- #AUTHENTIK_LISTEN__LDAPS: "0.0.0.0:636"
- env_file:
- ./.env
- labels:
- - "io.goauthentik.outpost-uuid=219aeada-d950-4ac3-88a2-aaa56ad4d556"
- - "traefik.enable=true"
- - "traefik.tcp.routers.ak-outpost-ldap.rule=HostSNI(`*`)"
- - "traefik.tcp.routers.ak-outpost-ldap.entrypoints=ldaps"
- # - "traefik.tcp.services.ak-outpost-ldap.loadbalancer.healthcheck.path=/outpost.goauthentik.io/ping"
- # - "traefik.tcp.services.ak-outpost-ldap.loadbalancer.healthcheck.port=9300"
- - "traefik.tcp.services.ak-outpost-ldap.loadbalancer.server.port=3389"
- - "traefik.tcp.routers.ak-outpost-ldap.tls.certResolver=wildcardresolver"
- - "traefik.tcp.routers.ak-outpost-ldap.tls=true"
- # - "traefik.tcp.routers.ak-outpost-ldap.tls.passthrough=false"
- volumes:
- database:
- redis:
- media:
- custom-templates:
- certs:
- networks:
- default:
- traefik_proxy:
- external: true
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement