Home Esplora Aiuto
Accedi
LBP
/
ChristianLempa_Boilerplates
mirror da https://github.com/ChristianLempa/boilerplates.git
4
0
Forka 0
File Problemi 0 Wiki
Albero (Tree): e77640b863
Rami (Branch) Tag
ChristianLempa_...
/
library
/
compose
/
authentik
/
compose.yaml.j2

compose.yaml.j2 6.3 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154 
  1. services:
    2. 

  2.   {{ service_name | default('authentik-server') }}:
    3. 

  3.     image: ghcr.io/goauthentik/server:2025.6.3
    4. 

  4.     container_name: {{ container_name | default('authentik-server') }}
    5. 

  5.     command: server
    6. 

  6.     environment:
    7. 

  7.       - TZ={{ container_timezone | default('UTC') }}
    8. 

  8.       - AUTHENTIK_REDIS__HOST={{ service_name | default('authentik') }}-redis
    9. 

  9.       - AUTHENTIK_POSTGRESQL__HOST={{ service_name | default('authentik') }}-postgres
    10. 

  10.       - AUTHENTIK_POSTGRESQL__USER={{ database_user | default('authentik') }}
    11. 

  11.       - AUTHENTIK_POSTGRESQL__NAME={{ database_name | default('authentik') }}
    12. 

  12.       - AUTHENTIK_POSTGRESQL__PASSWORD={{ database_password | default('authentik') }}
    13. 

  13.       {% if authentik_secret_key -%}
    14. 

  14.       - AUTHENTIK_SECRET_KEY={{ authentik_secret_key }}
    15. 

  15.       {% endif %}
    16. 

  16.       - AUTHENTIK_ERROR_REPORTING__ENABLED={{ authentik_error_reporting | default(false) }}
    17. 

  17.       {% if email_enabled -%}
    18. 

  18.       - AUTHENTIK_EMAIL__HOST={{ email_host }}
    19. 

  19.       - AUTHENTIK_EMAIL__PORT={{ email_port | default(25) }}
    20. 

  20.       - AUTHENTIK_EMAIL__USERNAME={{ email_username }}
    21. 

  21.       - AUTHENTIK_EMAIL__PASSWORD={{ email_password }}
    22. 

  22.       - AUTHENTIK_EMAIL__USE_TLS={{ email_use_tls | default(false) }}
    23. 

  23.       - AUTHENTIK_EMAIL__USE_SSL={{ email_use_ssl | default(false) }}
    24. 

  24.       - AUTHENTIK_EMAIL__TIMEOUT={{ email_timeout | default(10) }}
    25. 

  25.       - AUTHENTIK_EMAIL__FROM={{ email_from }}
    26. 

  26.       {% endif %}
    27. 

  27.     {% if ports_enabled %}
    28. 

  28.     ports:
    29. 

  29.       - "{{ ports_http | default(9000) }}:9000"
    30. 

  30.       - "{{ ports_https | default(9443) }}:9443"
    31. 

  31.     {% endif %}
    32. 

  32.     {% if network_enabled %}
    33. 

  33.     networks:
    34. 

  34.       - {{ network_name | default('bridge') }}
    35. 

  35.     {% endif %}
    36. 

  36.     {% if traefik_enabled %}
    37. 

  37.     labels:
    38. 

  38.       - traefik.enable=true
    39. 

  39.       - traefik.http.services.{{ service_name | default('authentik') }}.loadbalancer.server.port=9000
    40. 

  40.       - traefik.http.services.{{ service_name | default('authentik') }}.loadbalancer.server.scheme=http
    41. 

  41.       - traefik.http.routers.{{ service_name | default('authentik') }}.rule=Host(`{{ traefik_host }}`)
    42. 

  42.       {% if traefik_tls_enabled %}
    43. 

  43.       - traefik.http.routers.{{ service_name | default('authentik') }}.entrypoints={{ traefik_tls_entrypoint | default('websecure') }}
    44. 

  44.       - traefik.http.routers.{{ service_name | default('authentik') }}.tls=true
    45. 

  45.       - traefik.http.routers.{{ service_name | default('authentik') }}.tls.certresolver={{ traefik_tls_certresolver }}
    46. 

  46.       {% else %}
    47. 

  47.       - traefik.http.routers.{{ service_name | default('authentik') }}.entrypoints={{ traefik_entrypoint | default('web') }}
    48. 

  48.       {% endif %}
    49. 

  49.     {% endif %}
    50. 

  50.     volumes:
    51. 

  51.       - ./media:/media
    52. 

  52.       - ./custom-templates:/templates
    53. 

  53.     depends_on:
    54. 

  54.       - {{ service_name | default('authentik') }}-postgres
    55. 

  55.       - {{ service_name | default('authentik') }}-redis
    56. 

  56.     restart: {{ restart_policy | default('unless-stopped') }}
    57. 

  57. 

  58.   {{ service_name | default('authentik') }}-worker:
    59. 

  59.     image: ghcr.io/goauthentik/server:2025.6.3
    60. 

  60.     container_name: {{ service_name | default('authentik') }}-worker
    61. 

  61.     command: worker
    62. 

  62.     environment:
    63. 

  63.       - TZ={{ container_timezone | default('UTC') }}
    64. 

  64.       - AUTHENTIK_REDIS__HOST={{ service_name | default('authentik') }}-redis
    65. 

  65.       - AUTHENTIK_POSTGRESQL__HOST={{ service_name | default('authentik') }}-postgres
    66. 

  66.       - AUTHENTIK_POSTGRESQL__USER={{ database_user | default('authentik') }}
    67. 

  67.       - AUTHENTIK_POSTGRESQL__NAME={{ database_name | default('authentik') }}
    68. 

  68.       - AUTHENTIK_POSTGRESQL__PASSWORD={{ database_password | default('authentik') }}
    69. 

  69.       {% if authentik_secret_key -%}
    70. 

  70.       - AUTHENTIK_SECRET_KEY={{ authentik_secret_key }}
    71. 

  71.       {% endif %}
    72. 

  72.       - AUTHENTIK_ERROR_REPORTING__ENABLED={{ authentik_error_reporting | default(false) }}
    73. 

  73.       {% if email_enabled -%}
    74. 

  74.       - AUTHENTIK_EMAIL__HOST={{ email_host }}
    75. 

  75.       - AUTHENTIK_EMAIL__PORT={{ email_port | default(25) }}
    76. 

  76.       - AUTHENTIK_EMAIL__USERNAME={{ email_username }}
    77. 

  77.       - AUTHENTIK_EMAIL__PASSWORD={{ email_password }}
    78. 

  78.       - AUTHENTIK_EMAIL__USE_TLS={{ email_use_tls | default(false) }}
    79. 

  79.       - AUTHENTIK_EMAIL__USE_SSL={{ email_use_ssl | default(false) }}
    80. 

  80.       - AUTHENTIK_EMAIL__TIMEOUT={{ email_timeout | default(10) }}
    81. 

  81.       - AUTHENTIK_EMAIL__FROM={{ email_from }}
    82. 

  82.       {% endif %}
    83. 

  83.     user: root
    84. 

  84.     volumes:
    85. 

  85.       - /run/docker.sock:/run/docker.sock
    86. 

  86.       - ./media:/media
    87. 

  87.       - ./certs:/certs
    88. 

  88.       - ./custom-templates:/templates
    89. 

  89.     {% if network_enabled %}
    90. 

  90.     networks:
    91. 

  91.       - {{ network_name | default('bridge') }}
    92. 

  92.     {% endif %}
    93. 

  93.     depends_on:
    94. 

  94.       - {{ service_name | default('authentik') }}-postgres
    95. 

  95.       - {{ service_name | default('authentik') }}-redis
    96. 

  96.     restart: {{ restart_policy | default('unless-stopped') }}
    97. 

  97. 

  98.   {{ service_name | default('authentik') }}-redis:
    99. 

  99.     image: docker.io/library/redis:8.2.1
    100. 

  100.     container_name: {{ service_name | default('authentik') }}-redis
    101. 

  101.     command: --save 60 1 --loglevel warning
    102. 

  102.     environment:
    103. 

  103.       - TZ={{ container_timezone | default('UTC') }}
    104. 

  104.     healthcheck:
    105. 

  105.       test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
    106. 

  106.       start_period: 20s
    107. 

  107.       interval: 30s
    108. 

  108.       retries: 5
    109. 

  109.       timeout: 3s
    110. 

  110.     volumes:
    111. 

  111.       - redis_data:/data
    112. 

  112.     {% if network_enabled %}
    113. 

  113.     networks:
    114. 

  114.       - {{ network_name | default('bridge') }}
    115. 

  115.     {% endif %}
    116. 

  116.     restart: {{ restart_policy | default('unless-stopped') }}
    117. 

  117. 

  118.   {{ if not database_external }}
    119. 

  119.   {{ service_name | default('authentik') }}-postgres:
    120. 

  120.     image: docker.io/library/postgres:17.6
    121. 

  121.     container_name: {{ service_name | default('authentik') }}-db
    122. 

  122.     environment:
    123. 

  123.       - POSTGRES_USER={{ database_user | default('authentik') }}
    124. 

  124.       - POSTGRES_PASSWORD={{ database_password | default('authentik') }}
    125. 

  125.       - POSTGRES_DB={{ database_name | default('authentik') }}
    126. 

  126.       - TZ={{ container_timezone | default('UTC') }}
    127. 

  127.     healthcheck:
    128. 

  128.       test: ['CMD-SHELL', 'pg_isready -U "{{ database_user | default('authentik') }}"']
    129. 

  129.       start_period: 30s
    130. 

  130.       interval: 10s
    131. 

  131.       timeout: 10s
    132. 

  132.       retries: 5
    133. 

  133.     volumes:
    134. 

  134.       - database_data:/var/lib/postgresql/data
    135. 

  135.     {% if network_enabled %}
    136. 

  136.     networks:
    137. 

  137.       - {{ network_name | default('bridge') }}
    138. 

  138.     {% endif %}
    139. 

  139.     restart: {{ restart_policy | default('unless-stopped') }}
    140. 

  140.   {{ endif }}
    141. 

  141. 

  142. volumes:
    143. 

  143.   database_data:
    144. 

  144.     driver: local
    145. 

  145.   redis_data:
    146. 

  146.     driver: local
    147. 

  147. 

  148. {% if network_enabled %}
    149. 

  149. networks:
    150. 

  150.   {{ network_name | default('bridge') }}:
    151. 

  151.     {% if network_external %}
    152. 

  152.     external: true
    153. 

  153.     {% endif %}
    154. 

  154. {% endif %}
    155.