added authentik for testing

2026-04-21 22:49:18 +00:00
parent d596e57124
commit 8bfe33ba2d
3 changed files with 103 additions and 0 deletions
--- a/.env
+++ b/.env
@@ -0,0 +1,3 @@
+PG_PASS=Rq+boEEJNFFwSnTKKW40PN85u75d8DlrUJSV09i26IP13cbM
+AUTHENTIK_SECRET_KEY=XtJfET93+2Bmm0BTCV4E59W2lfC49jJfmJix5zxbmvzVLH4eRsppLmj5lJN4/JxtQdAj3lykt6OY7GWN
+AUTHENTIK_ERROR_REPORTING__ENABLED=true
--- a/compose.yml
+++ b/compose.yml
@@ -0,0 +1,100 @@
+services:
+  postgresql:
+    env_file:
+    - .env
+    environment:
+      POSTGRES_DB: ${PG_DB:-authentik}
+      POSTGRES_PASSWORD: ${PG_PASS:?database password required}
+      POSTGRES_USER: ${PG_USER:-authentik}
+    healthcheck:
+      interval: 30s
+      retries: 5
+      start_period: 20s
+      test:
+      - CMD-SHELL
+      - pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}
+      timeout: 5s
+    image: docker.io/library/postgres:16-alpine
+    networks:
+      - authentik
+    restart: unless-stopped
+    volumes:
+      - database:/var/lib/postgresql/data
+
+  server:
+    command: server
+    depends_on:
+      postgresql:
+        condition: service_healthy
+    env_file:
+    - .env
+    environment:
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2026.2.2}
+    ports:
+    - ${COMPOSE_PORT_HTTP:-9000}:9000
+    - ${COMPOSE_PORT_HTTPS:-9443}:9443
+    networks:
+      - authetik
+      - reverse-proxy
+    restart: unless-stopped
+    shm_size: 512mb
+    volumes:
+    - ./data:/data
+    - ./custom-templates:/templates
+
+  worker:
+    command: worker
+    depends_on:
+      postgresql:
+        condition: service_healthy
+    env_file:
+    - .env
+    environment:
+      AUTHENTIK_POSTGRESQL__HOST: postgresql
+      AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+      AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+      AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2026.2.2}
+    networks:
+      - authentik
+    restart: unless-stopped
+    shm_size: 512mb
+    user: root
+    volumes:
+    - ./data:/data
+    - ./certs:/certs
+    - ./custom-templates:/templates
+
+  authentik_proxy:
+    image: ghcr.io/goauthentik/proxy
+    # Optionally specify the container's network, which must be able to reach the core authentik server.
+    # networks:
+    #   - foo
+    networks:
+      - authentik
+    ports:
+      - 9000:9000
+      - 9443:9443
+    environment:
+      AUTHENTIK_HOST: https://authentik.company
+      AUTHENTIK_INSECURE: "false"
+      AUTHENTIK_TOKEN: token-generated-by-authentik
+      # Optional setting to be used when `authentik_host` for internal communication doesn't match the public URL.
+      # AUTHENTIK_HOST_BROWSER: https://external-domain.tld
+
+volumes:
+  database:
+    driver: local
+
+networks:
+  authentik:
+    name: authentik
+  reverse-proxy:
+    name: reverse-proxy
+    external: true
--- a/readme.md
+++ b/readme.md