--- services: authentik-server: image: ghcr.io/goauthentik/server:2025.8.1 container_name: authentik-server command: server environment: - AUTHENTIK_REDIS__HOST=authentik-redis - AUTHENTIK_POSTGRESQL__HOST=authentik-postgres - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik} - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik} - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:?error} - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY:?error} - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false} labels: # (Optional) Enable Traefik integration for the Authentik Web UI. For more information # about integrating other services with Traefik and Authentik, see the # documentation at https://goauthentik.io/docs/outposts/integrations/traefik # and the middleware example files in `docker-compose/traefik/config`. - traefik.enable=true - traefik.http.services.authentik.loadbalancer.server.port=9000 - traefik.http.services.authentik.loadbalancer.server.scheme=http - traefik.http.routers.authentik.entrypoints=websecure - traefik.http.routers.authentik.rule=Host(`authentik.harkon.co.uk`) - traefik.http.routers.authentik.tls=true - traefik.http.routers.authentik.tls.certresolver=godaddy - traefik.http.routers.authentik.service=authentik volumes: - ./media:/media - ./custom-templates:/templates depends_on: - authentik-postgres - authentik-redis networks: - frontend - backend restart: unless-stopped authentik-worker: image: ghcr.io/goauthentik/server:2025.8.1 container_name: authentik-worker command: worker environment: - AUTHENTIK_REDIS__HOST=authentik-redis - AUTHENTIK_POSTGRESQL__HOST=authentik-postgres - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik} - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik} - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:?error} - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY:?error} - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false} # (Optional) Enable Email Sending # Highly recommended to notify you about alerts and configuration issues. # - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error} # - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25} # - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error} # - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error} # - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false} # - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false} # - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10} # - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error} # (Optional) See more for the docker socket integration here: # https://goauthentik.io/docs/outposts/integrations/docker user: root volumes: - /run/docker.sock:/run/docker.sock - ./media:/media - ./certs:/certs - ./custom-templates:/templates depends_on: - authentik-postgres - authentik-redis networks: - backend restart: unless-stopped authentik-redis: image: docker.io/library/redis:8.2.1 container_name: authentik-redis command: --save 60 1 --loglevel warning healthcheck: test: ["CMD-SHELL", "redis-cli ping | grep PONG"] start_period: 20s interval: 30s retries: 5 timeout: 3s volumes: - redis_data:/data networks: - backend restart: unless-stopped authentik-postgres: # (Optional) Add a PostgreSQL Database for Authentik # Alternatively, you can host your PostgreSQL database externally, and # change the connection settings in the `authentik-server` and # `authentik-worker`. image: docker.io/library/postgres:17.6 container_name: authentik-db environment: - POSTGRES_USER=${POSTGRES_USER:-authentik} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:?error} - POSTGRES_DB=${POSTGRES_DB:-authentik} - TZ=${TZ:-UTC} healthcheck: test: ["CMD-SHELL", 'pg_isready -U "${POSTGRES_USER:-authentik}"'] start_period: 30s interval: 10s timeout: 10s retries: 5 volumes: - postgres_data:/var/lib/postgresql/data networks: - backend restart: unless-stopped volumes: postgres_data: driver: local redis_data: driver: local networks: frontend: external: true backend: external: true