Compare commits
1 Commits
main
...
feature/53
Author | SHA1 | Date | |
---|---|---|---|
f47da0c1b8 |
@ -9,14 +9,9 @@ ENABLE_BACKUPS=true
|
|||||||
DOMAIN=authentik.example.com
|
DOMAIN=authentik.example.com
|
||||||
## Domain aliases
|
## Domain aliases
|
||||||
#EXTRA_DOMAINS=', `www.authentik.example.com`'
|
#EXTRA_DOMAINS=', `www.authentik.example.com`'
|
||||||
# Redirects
|
|
||||||
# All redirect domains have to be added to extra_domains as well)
|
|
||||||
# multiple redirects can be added by seperating them with a | character
|
|
||||||
#REDIRECTS=www.authentik.example.com
|
|
||||||
COMPOSE_FILE="compose.yml"
|
COMPOSE_FILE="compose.yml"
|
||||||
AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME=false
|
AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME=false
|
||||||
AUTHENTIK_LOG_LEVEL=info
|
AUTHENTIK_LOG_LEVEL=info
|
||||||
# AUTHENTIK_DISABLE_UPDATE_CHECK=false
|
|
||||||
# AUTHENTIK_IMPERSONATION=true
|
# AUTHENTIK_IMPERSONATION=true
|
||||||
# AUTHENTIK_FOOTER_LINKS='[{"name": "My Organization","href":"https://example.com"}]'
|
# AUTHENTIK_FOOTER_LINKS='[{"name": "My Organization","href":"https://example.com"}]'
|
||||||
# WORKERS=1
|
# WORKERS=1
|
||||||
@ -67,7 +62,7 @@ COPY_ASSETS="$COPY_ASSETS icon.png|app:/web/dist/assets/icons/"
|
|||||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
# COMPOSE_FILE="$COMPOSE_FILE:compose.css.yml"
|
||||||
# BACKGROUND_FONT_COLOR=white
|
# BACKGROUND_FONT_COLOR=white
|
||||||
# BACKGROUND_BOX_COLOR='#eaeaeacf'
|
# BACKGROUND_BOX_COLOR='#eaeaeacf'
|
||||||
# THEME_BACKGROUND="url('https://authentik.example.com/static/dist/assets/images/flow_background.jpg'); background-position: center; background-repeat: no-repeat; background-size: cover;"
|
# THEME_BACKGROUND=""
|
||||||
|
|
||||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
|
# COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud.yml"
|
||||||
# NEXTCLOUD_DOMAIN=nextcloud.example.com
|
# NEXTCLOUD_DOMAIN=nextcloud.example.com
|
||||||
|
@ -3,7 +3,7 @@ services:
|
|||||||
app:
|
app:
|
||||||
deploy:
|
deploy:
|
||||||
labels:
|
labels:
|
||||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions,${STACK_NAME}-redirect,${STACK_NAME}-redirect-matrix-well-known"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect-matrix-well-known"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.regex=^https://(.*)/.well-known/matrix/(.*)"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.regex=^https://(.*)/.well-known/matrix/(.*)"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.replacement=https://${MATRIX_DOMAIN}/.well-known/matrix/$$2"
|
- "traefik.http.middlewares.${STACK_NAME}-redirect-matrix-well-known.redirectregex.replacement=https://${MATRIX_DOMAIN}/.well-known/matrix/$$2"
|
||||||
worker:
|
worker:
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
version: "3.8"
|
version: "3.8"
|
||||||
services:
|
services:
|
||||||
authentik_ldap:
|
authentik_ldap:
|
||||||
image: ghcr.io/goauthentik/ldap:2025.6.4
|
image: ghcr.io/goauthentik/ldap:2025.6.2
|
||||||
# Optionally specify which networks the container should be
|
# Optionally specify which networks the container should be
|
||||||
# might be needed to reach the core authentik server
|
# might be needed to reach the core authentik server
|
||||||
networks:
|
networks:
|
||||||
|
16
compose.yml
16
compose.yml
@ -17,7 +17,6 @@ x-env: &env
|
|||||||
- AUTHENTIK_EMAIL__TIMEOUT
|
- AUTHENTIK_EMAIL__TIMEOUT
|
||||||
- AUTHENTIK_EMAIL__FROM
|
- AUTHENTIK_EMAIL__FROM
|
||||||
- AUTHENTIK_LOG_LEVEL
|
- AUTHENTIK_LOG_LEVEL
|
||||||
- AUTHENTIK_DISABLE_UPDATE_CHECK
|
|
||||||
- BACKGROUND_FONT_COLOR=${BACKGROUND_FONT_COLOR:-white}
|
- BACKGROUND_FONT_COLOR=${BACKGROUND_FONT_COLOR:-white}
|
||||||
- BACKGROUND_BOX_COLOR=${BACKGROUND_BOX_COLOR:-#eaeaeacf}
|
- BACKGROUND_BOX_COLOR=${BACKGROUND_BOX_COLOR:-#eaeaeacf}
|
||||||
- AUTHENTIK_FOOTER_LINKS
|
- AUTHENTIK_FOOTER_LINKS
|
||||||
@ -35,7 +34,7 @@ x-env: &env
|
|||||||
version: '3.8'
|
version: '3.8'
|
||||||
services:
|
services:
|
||||||
app:
|
app:
|
||||||
image: ghcr.io/goauthentik/server:2025.6.4
|
image: ghcr.io/goauthentik/server:2025.6.2
|
||||||
command: server
|
command: server
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
@ -68,17 +67,16 @@ services:
|
|||||||
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
|
||||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||||
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions,${STACK_NAME}-redirect"
|
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect,${STACK_NAME}-frameOptions"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
|
||||||
|
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
|
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.customFrameOptionsValue=SAMEORIGIN"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
- "traefik.http.middlewares.${STACK_NAME}-frameOptions.headers.contentSecurityPolicy=frame-ancestors ${X_FRAME_OPTIONS_ALLOW_FROM}"
|
||||||
- "coop-cloud.${STACK_NAME}.version=7.4.1+2025.6.4"
|
- "coop-cloud.${STACK_NAME}.version=7.3.2+2025.6.2"
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.regex=^https://(${REDIRECTS})/(.*)"
|
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.replacement=https://${DOMAIN}/$${2}"
|
|
||||||
- "traefik.http.middlewares.${STACK_NAME}-redirect.redirectregex.permanent=true"
|
|
||||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||||
|
|
||||||
worker:
|
worker:
|
||||||
image: ghcr.io/goauthentik/server:2025.6.4
|
image: ghcr.io/goauthentik/server:2025.6.2
|
||||||
command: worker
|
command: worker
|
||||||
depends_on:
|
depends_on:
|
||||||
- db
|
- db
|
||||||
@ -154,7 +152,7 @@ services:
|
|||||||
backupbot.restore.post-hook: '/pg_backup.sh restore'
|
backupbot.restore.post-hook: '/pg_backup.sh restore'
|
||||||
|
|
||||||
redis:
|
redis:
|
||||||
image: redis:8.0.3-alpine
|
image: redis:8.0.2-alpine
|
||||||
command: --save 60 1 --loglevel warning
|
command: --save 60 1 --loglevel warning
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
Adds following new envs:
|
|
||||||
REDIRECTS
|
|
||||||
AUTHENTIK_DISABLE_UPDATE_CHECK
|
|
Reference in New Issue
Block a user