31 lines
No EOL
1.3 KiB
YAML
31 lines
No EOL
1.3 KiB
YAML
services:
|
|
authentik_proxy:
|
|
image: ghcr.io/goauthentik/proxy:${AUTHENTIK_TAG:?Authentik tag is not configured}
|
|
# Optionally specify the container's network, which must be able to reach the core authentik server.
|
|
# networks:
|
|
# - foo
|
|
restart: unless-stopped
|
|
ports:
|
|
- 42080:42080
|
|
- 42443:42443
|
|
networks:
|
|
- dokploy-network
|
|
extra_hosts:
|
|
- "host.docker.internal:host-gateway"
|
|
environment:
|
|
AUTHENTIK_HOST: ${AUTHENTIK_HOST:?Authentik host is not configured}
|
|
AUTHENTIK_INSECURE: ${AUTHENTIK_INSECURE:?Authentik insecure is not configured}
|
|
AUTHENTIK_LISTEN__HTTP: "0.0.0.0:42080"
|
|
AUTHENTIK_LISTEN__HTTPS: "0.0.0.0:42443"
|
|
AUTHENTIK_TOKEN: ${AUTHENTIK_TOKEN:?Authentik token is not configured}
|
|
AUTHENTIK_HOST_BROWSER: ${AUTHENTIK_HOST_BROWSER:?Authentik host browser is not configured}
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=dokploy-network"
|
|
- "traefik.http.services.sso-proxy-outpost.loadbalancer.server.port=42080" # set port the container listenes to
|
|
- "traefik.http.services.sso-proxy-outpost.loadbalancer.server.scheme=http"
|
|
- "traefik.http.routers.sso-proxy-outpost-websecure.tls=false"
|
|
|
|
networks:
|
|
dokploy-network:
|
|
external: true |