docker-compose/authentik
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: update Traefik configuration in docker-compose.override.yml and add prod.template.env for environment settings

Browse source
This commit is contained in:
Philip Henning 2025-08-28 22:01:59 +02:00
parent 70e68a2ed1
commit 0c13c07b8d
3 changed files with 6 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docker-compose.override.yml
View file

@ -41,17 +41,19 @@ services:
- "traefik.http.services.sso-server.loadbalancer.server.scheme=https" - "traefik.http.services.sso-server.loadbalancer.server.scheme=https"
- "traefik.http.routers.sso-server-web.rule=Host(`${PUBLIC_DOMAIN}`)" - "traefik.http.routers.sso-server-web.rule=Host(`${PUBLIC_DOMAIN}`)"
- "traefik.http.routers.sso-server-web.service=sso-server@docker"
- "traefik.http.routers.sso-server-web.entrypoints=web" - "traefik.http.routers.sso-server-web.entrypoints=web"
- "traefik.http.routers.sso-server-web.service=sso-server"
- "traefik.http.routers.sso-server-web.middlewares=redirect-to-https@file" - "traefik.http.routers.sso-server-web.middlewares=redirect-to-https@file"
- "traefik.http.routers.sso-server-websecure.entrypoints=websecure"
- "traefik.http.routers.sso-server-websecure.rule=Host(`${PUBLIC_DOMAIN}`)" # change hostname! - "traefik.http.routers.sso-server-websecure.rule=Host(`${PUBLIC_DOMAIN}`)" # change hostname!
- "traefik.http.routers.sso-server-websecure.service=sso-server@docker"
- "traefik.http.routers.sso-server-websecure.entrypoints=websecure"
- "traefik.http.routers.sso-server-websecure.tls=true" - "traefik.http.routers.sso-server-websecure.tls=true"
- "traefik.http.routers.sso-server-websecure.tls.options=modern@file"
- "traefik.http.routers.sso-server-websecure.tls.certresolver=hetzner" - "traefik.http.routers.sso-server-websecure.tls.certresolver=hetzner"
- "traefik.http.routers.sso-server-websecure.tls.domains[0].main=${TLS_DOMAIN}" - "traefik.http.routers.sso-server-websecure.tls.domains[0].main=${TLS_DOMAIN}"
- "traefik.http.routers.sso-server-websecure.middlewares=secHeaders@file, hsts-header@file" - "traefik.http.routers.sso-server-websecure.middlewares=secHeaders@file, hsts-header@file"
- "traefik.http.routers.sso-server-websecure.service=sso-server"
worker: worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured} image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}

48
env.test.template
View file

@ -1,48 +0,0 @@
# SETTINGS from env.template
# Misc configuration
PUBLIC_DOMAIN=sso.test.s1q.dev
COMPOSE_PROJECT_NAME=sso--test-s1q-dev
# Server Versions
AUTHENTIK_TAG=2025.6.4
POSTGRES_TAG=16.9-alpine
REDIS_TAG=8.0-alpine
# Error reporting & Logging
AUTHENTIK_ERROR_REPORTING__ENABLED=true
AUTHENTIK_LOG_LEVEL=warning
# Email configuration
# SMTP Host Emails are sent to
AUTHENTIK_EMAIL__HOST=mail.s1q.dev
AUTHENTIK_EMAIL__PORT=25
AUTHENTIK_EMAIL__USERNAME=sso@s1q.dev
# Use StartTLS
AUTHENTIK_EMAIL__USE_TLS=true
# Use SSL
AUTHENTIK_EMAIL__USE_SSL=false
AUTHENTIK_EMAIL__TIMEOUT=10
# Email address authentik will send from, should have a correct @domain
AUTHENTIK_EMAIL__FROM=sso@s1q.dev
# Exposed ports for Authentik -- Ports are note exposed due to traefik setup
# COMPOSE_PORT_HTTP=80
# COMPOSE_PORT_HTTPS=443
# Liste settings
AUTHENTIK_LISTEN__TRUSTED_PROXY_CIDRS="172.18.0.0/16"
# MaxMind GeoIP
GEOIPUPDATE_ACCOUNT_ID=1093308
# PostgreSQL configuration
PG_USER=authentik
PG_DB=authentik
# Secrets -- uncomment and add secrets
#PG_PASS=
#AUTHENTIK_SECRET_KEY=
#AUTHENTIK_EMAIL__PASSWORD=
#GEOIPUPDATE_LICENSE_KEY=

2
env.prod.template → prod.template.env
View file

@ -32,7 +32,7 @@ AUTHENTIK_EMAIL__FROM=sso@s1q.dev
# MaxMind GeoIP # MaxMind GeoIP
GEOIPUPDATE_ACCOUNT_ID=1093308 GEOIPUPDATE_ACCOUNT_ID=765001
# PostgreSQL configuration # PostgreSQL configuration