popov/scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
464644f5d82e421e6cb54f9d171b99917a77abf0
scripts/GW/authentik,yml
Dobromir Popov 464644f5d8 new contaienrs - code server & novnc box
2026-02-12 12:53:19 +02:00

116 lines
3.4 KiB
Plaintext
Raw Blame History

services:
# Init service - generates secrets on first run and outputs them to logs
init-secrets:
image: alpine:latest
command:
- sh
- -c
- |
if [ ! -f /secrets/.initialized ]; then
PG_PASS=$$(head -c 32 /dev/urandom | base64 | tr -d '\n')
SECRET_KEY=$$(head -c 64 /dev/urandom | base64 | tr -d '\n')
echo "$$PG_PASS" > /secrets/pg_pass
echo "$$SECRET_KEY" > /secrets/secret_key
touch /secrets/.initialized
echo "========================================================"
echo " AUTHENTIK SECRETS GENERATED - SAVE THESE!"
echo "========================================================"
echo "PG_PASS: $$PG_PASS"
echo ""
echo "AUTHENTIK_SECRET_KEY: $$SECRET_KEY"
echo "========================================================"
else
echo "Secrets already initialized, skipping generation."
echo "PG_PASS: $$(cat /secrets/pg_pass)"
echo "AUTHENTIK_SECRET_KEY: $$(cat /secrets/secret_key)"
fi
volumes:
- secrets:/secrets
restart: "no"
postgresql:
image: docker.io/library/postgres:16-alpine
depends_on:
init-secrets:
condition: service_completed_successfully
environment:
POSTGRES_DB: authentik
POSTGRES_USER: authentik
POSTGRES_PASSWORD_FILE: /secrets/pg_pass
healthcheck:
interval: 30s
retries: 5
start_period: 20s
test:
- CMD-SHELL
- pg_isready -d authentik -U authentik
timeout: 5s
restart: unless-stopped
volumes:
- database:/var/lib/postgresql/data
- secrets:/secrets:ro
server:
# http://<your-server-ip>:9000/if/flow/initial-setup/
# dobromir.popov@gateway.one rT42eH5!sGR&4g2X6
# mem C379F
# MS Entra: memdemo@gateway.one Tufu857515
# Auth0 : memdemo@gateway.one diGSKh06z7SkxwpBS
image: ghcr.io/goauthentik/server:2025.10.3
depends_on:
postgresql:
condition: service_healthy
init-secrets:
condition: service_completed_successfully
entrypoint: ["/bin/bash", "-c"]
command:
- |
export AUTHENTIK_SECRET_KEY=$$(cat /secrets/secret_key)
export AUTHENTIK_POSTGRESQL__PASSWORD=$$(cat /secrets/pg_pass)
exec ak server
environment:
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__USER: authentik
ports:
- 9002:9000
- 9443:9443
restart: unless-stopped
volumes:
- ./media:/media
- ./custom-templates:/templates
- secrets:/secrets:ro
worker:
image: ghcr.io/goauthentik/server:2025.10.3
depends_on:
postgresql:
condition: service_healthy
init-secrets:
condition: service_completed_successfully
entrypoint: ["/bin/bash", "-c"]
command:
- |
export AUTHENTIK_SECRET_KEY=$$(cat /secrets/secret_key)
export AUTHENTIK_POSTGRESQL__PASSWORD=$$(cat /secrets/pg_pass)
exec ak worker
environment:
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__NAME: authentik
AUTHENTIK_POSTGRESQL__USER: authentik
restart: unless-stopped
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./media:/media
- ./certs:/certs
- ./custom-templates:/templates
- secrets:/secrets:ro
volumes:
database:
driver: local
secrets:
driver: local
Reference in New Issue View Git Blame Copy Permalink