authentik compose

1. networks:
2.   authentik:
3.     internal: true
4.   proxy:
5.     external: true
6.  
7. services:
8.   authentik-db:
9.     image: postgres:16-alpine
10.     container_name: authentik-db
11.     restart: unless-stopped
12.     healthcheck:
13.       test: ['CMD-SHELL', 'pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}']
14.       start_period: 20s
15.       interval: 30s
16.       retries: 5
17.       timeout: 5s
18.     volumes:
19.      - $HOME/data/authentik/db:/var/lib/postgresql/data
20.       - /etc/localtime:/etc/localtime:ro
21.     environment:
22.      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
23.       - POSTGRES_USER=${POSTGRES_USER}
24.       - POSTGRES_DB=${POSTGRES_DB}
25.     networks:
26.      - authentik
27.     tty: true
28.     cpus: 2
29.     mem_limit: 200m
30.  
31.   authentik-cache:
32.     image: redis:alpine
33.     container_name: authentik-cache
34.     command: --save 60 1 --loglevel warning
35.     restart: unless-stopped
36.     healthcheck:
37.       test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
38.       start_period: 20s
39.       interval: 30s
40.       retries: 5
41.       timeout: 3s
42.     volumes:
43.      - $HOME/data/authentik/cache:/data
44.       - /etc/localtime:/etc/localtime:ro
45.     networks:
46.      - authentik
47.     tty: true
48.     cpus: 1
49.     mem_limit: 100m
50.  
51.   authentik:
52.     image: ghcr.io/goauthentik/server:${AUTHENTIK_IMAGE_VER}
53.     container_name: authentik
54.     restart: unless-stopped
55.     command: server
56.     environment:
57.      - AUTHENTIK_REDIS__HOST=${REDIS_HOST}
58.       - AUTHENTIK_POSTGRESQL__HOST=${POSTGRES_HOST}
59.       - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER}
60.       - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB}
61.       - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
62.       - AUTHENTIK_ERROR_REPORTING__ENABLED=true
63.       - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
64.       - AUTHENTIK_REDIS__DB=1
65.       - AUTHENTIK_REDIS__PORT=6379
66.       - AUTHENTIK_POSTGRESQL__PORT=5432
67.     volumes:
68.      - $HOME/data/authentik/media:/media
69.       - $HOME/data/authentik/templates:/templates
70.       - /etc/localtime:/etc/localtime:ro
71.     ports:
72.      - 9000:9000/tcp
73.       - 9443:9443/tcp
74.     extra_hosts:
75.      - host.docker.internal:host-gateway
76.     depends_on:
77.      - authentik-db
78.       - authentik-cache
79.     networks:
80.      - authentik
81.       - proxy
82.     tty: true
83.     cpus: 2
84.     mem_limit: 400m
85.  
86.   authentik-worker:
87.     image: ghcr.io/goauthentik/server:${AUTHENTIK_IMAGE_VER}
88.     container_name: authentik-worker
89.     restart: unless-stopped
90.     command: worker
91.     environment:
92.      - AUTHENTIK_REDIS__HOST=${REDIS_HOST}
93.       - AUTHENTIK_POSTGRESQL__HOST=${POSTGRES_HOST}
94.       - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER}
95.       - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB}
96.       - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD}
97.       - AUTHENTIK_ERROR_REPORTING__ENABLED=true
98.       - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY}
99.       - AUTHENTIK_REDIS__DB=1
100.       - AUTHENTIK_REDIS__PORT=6379
101.       - AUTHENTIK_POSTGRESQL__PORT=5432
102.     user: root
103.     volumes:
104.      - $HOME/data/authentik/media:/media
105.       - $HOME/data/authentik/certs:/certs
106.       - $HOME/data/authentik/templates:/templates
107.       - /etc/localtime:/etc/localtime:ro
108.     networks:
109.      - authentik
110.       - proxy
111.     depends_on:
112.      - authentik-db
113.       - authentik-cache
114.     tty: true
115.     #cpus: 2
116.     #mem_limit: 400m