services: authentik-server: image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION} restart: unless-stopped command: server environment: - AUTHENTIK_REDIS__HOST=redis - AUTHENTIK_POSTGRESQL__HOST=postgresql - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER} - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB} - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD} - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING__ENABLED} volumes: - ${VOLUMES_PATH}/auth/media:/media - ${VOLUMES_PATH}/auth/custom-templates:/templates depends_on: postgresql: condition: service_healthy redis: condition: service_healthy networks: - web - auth authentik-worker: image: ghcr.io/goauthentik/server:${AUTHENTIK_VERSION} restart: unless-stopped command: worker environment: - AUTHENTIK_REDIS__HOST=redis - AUTHENTIK_POSTGRESQL__HOST=postgresql - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER} - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB} - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD} - AUTHENTIK_SECRET_KEY=${AUTHENTIK_SECRET_KEY} - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING__ENABLED} user: root volumes: # - /var/run/docker.sock:/var/run/docker.sock - ${VOLUMES_PATH}/auth/media:/media - ${VOLUMES_PATH}/auth/certs:/certs - ${VOLUMES_PATH}/auth/custom-templates:/templates depends_on: postgresql: condition: service_healthy redis: condition: service_healthy networks: - auth postgresql: image: postgres:${POSTGRES_VERSION} restart: unless-stopped healthcheck: test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] start_period: 20s interval: 30s retries: 5 timeout: 5s volumes: - ${VOLUMES_PATH}/auth/postgres/:/var/lib/postgresql/data environment: - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - POSTGRES_USER=${POSTGRES_USER} - POSTGRES_DB=${POSTGRES_DB} networks: - auth redis: image: redis:${REDIS_VERSION} command: --save 60 1 --loglevel warning restart: unless-stopped healthcheck: test: ["CMD-SHELL", "redis-cli ping | grep PONG"] start_period: 20s interval: 30s retries: 5 timeout: 3s volumes: - ${VOLUMES_PATH}/auth/redis:/data networks: - auth networks: auth: web: external: true