colin/nas-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d8f0676cd77e87abfc5e9aaf6bfd6006c1284a4
nas-compose/authentication.docker-compose.yml
Colin Hebert 7a3985bdf1 Expose port 9443 for authentik
2023-01-07 08:01:37 +01:00

98 lines
2.3 KiB
YAML
Raw Blame History

name: authentication
services:
postgresql:
image: postgres:12-alpine
environment:
- POSTGRES_USER=authentik
- POSTGRES_DB=authentik
- POSTGRES_PASSWORD_FILE=/run/secrets/postgres_passwd
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
volumes:
- database:/var/lib/postgresql/data
secrets:
- postgres_passwd
restart: unless-stopped
redis:
image: redis:alpine
command: --save 60 1 --loglevel warning
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
volumes:
- redis:/data
restart: unless-stopped
server:
image: ghcr.io/goauthentik/server:2022.12.2
command: server
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: authentik
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: file:///run/secrets/postgres_passwd
AUTHENTIK_SECRET_KEY: file:///run/secrets/secret_key
expose:
- 9443
networks:
- default
- traefik
- macvlan
restart: unless-stopped
volumes:
- media:/media
- custom-templates:/templates
secrets:
- postgres_passwd
- secret_key
labels:
traefik.enable: true
worker:
image: ghcr.io/goauthentik/server:2022.12.2
command: worker
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: authentik
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__PASSWORD: file:///run/secrets/postgres_passwd
AUTHENTIK_SECRET_KEY: file:///run/secrets/secret_key
volumes:
- media:/media
- certs:/certs
- custom-templates:/templates
secrets:
- postgres_passwd
- secret_key
restart: unless-stopped
networks:
macvlan:
external: true
traefik:
external: true
volumes:
database:
redis:
media:
certs:
custom-templates:
secrets:
postgres_passwd:
file: ${NASCOMPOSE_SERVICES?}/secrets/authentik/postgres_passwd
secret_key:
file: ${NASCOMPOSE_SERVICES?}/secrets/authentik/secret_key
Reference in New Issue View Git Blame Copy Permalink