Compare commits

...

8 Commits
main ... main

5 changed files with 20 additions and 10 deletions

View File

@ -9,9 +9,14 @@ ENABLE_BACKUPS=true
DOMAIN=authentik.example.com DOMAIN=authentik.example.com
## Domain aliases ## Domain aliases
#EXTRA_DOMAINS=', `www.authentik.example.com`' #EXTRA_DOMAINS=', `www.authentik.example.com`'
# Redirects
# All redirect domains have to be added to extra_domains as well)
# multiple redirects can be added by seperating them with a | character
#REDIRECTS=www.authentik.example.com
COMPOSE_FILE="compose.yml" COMPOSE_FILE="compose.yml"
AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME=false AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME=false
AUTHENTIK_LOG_LEVEL=info AUTHENTIK_LOG_LEVEL=info
# AUTHENTIK_DISABLE_UPDATE_CHECK=false
# AUTHENTIK_IMPERSONATION=true # AUTHENTIK_IMPERSONATION=true
# AUTHENTIK_FOOTER_LINKS='[{"name": "My Organization","href":"https://example.com"}]' # AUTHENTIK_FOOTER_LINKS='[{"name": "My Organization","href":"https://example.com"}]'
# WORKERS=1 # WORKERS=1

View File

@ -3,7 +3,7 @@ services:
app: app:
deploy: deploy:
labels: labels:
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect-matrix-well-known" - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions,${STACK_NAME}-redirect,${STACK_NAME}-redirect-matrix-well-known"
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.regex=^https://(.*)/.well-known/matrix/(.*)" - "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.regex=^https://(.*)/.well-known/matrix/(.*)"
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.replacement=https://${MATRIX_DOMAIN}/.well-known/matrix/$$2" - "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.replacement=https://${MATRIX_DOMAIN}/.well-known/matrix/$$2"
worker: worker:

View File

@ -1,7 +1,7 @@
version: "3.8" version: "3.8"
services: services:
authentik_ldap: authentik_ldap:
image: ghcr.io/goauthentik/ldap:2025.2.4 image: ghcr.io/goauthentik/ldap:2025.6.4
# Optionally specify which networks the container should be # Optionally specify which networks the container should be
# might be needed to reach the core authentik server # might be needed to reach the core authentik server
networks: networks:

View File

@ -17,6 +17,7 @@ x-env: &env
- AUTHENTIK_EMAIL__TIMEOUT - AUTHENTIK_EMAIL__TIMEOUT
- AUTHENTIK_EMAIL__FROM - AUTHENTIK_EMAIL__FROM
- AUTHENTIK_LOG_LEVEL - AUTHENTIK_LOG_LEVEL
- AUTHENTIK_DISABLE_UPDATE_CHECK
- BACKGROUND_FONT_COLOR=${BACKGROUND_FONT_COLOR:-white} - BACKGROUND_FONT_COLOR=${BACKGROUND_FONT_COLOR:-white}
- BACKGROUND_BOX_COLOR=${BACKGROUND_BOX_COLOR:-#eaeaeacf} - BACKGROUND_BOX_COLOR=${BACKGROUND_BOX_COLOR:-#eaeaeacf}
- AUTHENTIK_FOOTER_LINKS - AUTHENTIK_FOOTER_LINKS
@ -34,7 +35,7 @@ x-env: &env
version: '3.8' version: '3.8'
services: services:
app: app:
image: ghcr.io/goauthentik/server:2025.2.4 image: ghcr.io/goauthentik/server:2025.6.4
command: server command: server
depends_on: depends_on:
- db - db
@ -67,16 +68,17 @@ services:
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})" - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions" - "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions,${STACK_NAME}-redirect"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN" - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}" - "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
- "coop-cloud.${STACK_NAME}.version=7.1.0+2025.2.4" - "coop-cloud.${STACK_NAME}.version=7.4.1+2025.6.4"
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.regex=^https://(${REDIRECTS})/(.*)"
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}" - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
worker: worker:
image: ghcr.io/goauthentik/server:2025.2.4 image: ghcr.io/goauthentik/server:2025.6.4
command: worker command: worker
depends_on: depends_on:
- db - db
@ -117,7 +119,7 @@ services:
start_period: 5m start_period: 5m
db: db:
image: postgres:15.12 image: postgres:15.13
secrets: secrets:
- db_password - db_password
configs: configs:
@ -152,7 +154,7 @@ services:
backupbot.restore.post-hook: '/pg_backup.sh restore' backupbot.restore.post-hook: '/pg_backup.sh restore'
redis: redis:
image: redis:7.4.2-alpine image: redis:8.0.3-alpine
command: --save 60 1 --loglevel warning command: --save 60 1 --loglevel warning
networks: networks:
- internal - internal

3
release/7.4.0+2025.6.3 Normal file
View File

@ -0,0 +1,3 @@
Adds following new envs:
REDIRECTS
AUTHENTIK_DISABLE_UPDATE_CHECK