docker-compose/authentik
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update docker-compose files to version 2025.2.1 and enforce required environment variables

Browse source
This commit is contained in:
Philip Henning 2025-03-11 11:48:11 +01:00
parent 9f3d79ba37
commit 1c5e397bbe
2 changed files with 20 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

20
docker-compose.prod.yml
View file

@ -1,4 +1,6 @@
--- ---
# Based on authentiks official docker-compose.yml
# Version: 2025.2.1
services: services:
geoipupdate: geoipupdate:
@ -12,7 +14,7 @@ services:
GEOIPUPDATE_LICENSE_KEY: "${GEOIPUPDATE_LICENSE_KEY:?MaxMind GeoIP license key required}" GEOIPUPDATE_LICENSE_KEY: "${GEOIPUPDATE_LICENSE_KEY:?MaxMind GeoIP license key required}"
postgresql: postgresql:
image: docker.io/library/postgres:${POSTGRES_TAG:-16.6-alpine} image: docker.io/library/postgres:${POSTGRES_TAG:?POSTGRES_TAG is not configured}
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
@ -33,7 +35,7 @@ services:
- backend - backend
redis: redis:
image: docker.io/library/redis:${REDIS_TAG:-7.4.2-alpine} image: docker.io/library/redis:${REDIS_TAG:?REDIS_TAG is not configured}
command: --save 60 1 --loglevel warning command: --save 60 1 --loglevel warning
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
@ -48,7 +50,7 @@ services:
- backend - backend
server: server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.10.0} image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}
restart: unless-stopped restart: unless-stopped
command: server command: server
environment: environment:
@ -73,7 +75,7 @@ services:
- frontend - frontend
worker: worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.10.0} image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}
restart: unless-stopped restart: unless-stopped
command: worker command: worker
environment: environment:
@ -110,7 +112,7 @@ services:
context: ./docker/nginx context: ./docker/nginx
dockerfile: Dockerfile dockerfile: Dockerfile
args: args:
IMAGE: "nginxinc/nginx-unprivileged:${NGINX_UNPRIVILEGED_TAG:-1.27.2-bookworm}" IMAGE: "nginxinc/nginx-unprivileged:${NGINX_UNPRIVILEGED_TAG:?NGINX_UNPRIVILEGED_TAG is not configured}"
IMG_TITLE: "nginx-unprivileged-base23" IMG_TITLE: "nginx-unprivileged-base23"
IMAGE_VERSION: "COMPOSE" IMAGE_VERSION: "COMPOSE"
depends_on: depends_on:
@ -149,7 +151,7 @@ services:
- frontend - frontend
backup: backup:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
restart: unless-stopped restart: unless-stopped
environment: environment:
PRE_COMMANDS: |- PRE_COMMANDS: |-
@ -182,7 +184,7 @@ services:
- ./data/.lego:/var/lib/lego/backups:ro - ./data/.lego:/var/lib/lego/backups:ro
prune-backup: prune-backup:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
restart: unless-stopped restart: unless-stopped
environment: environment:
SKIP_INIT: "true" SKIP_INIT: "true"
@ -196,7 +198,7 @@ services:
# prüft ob backups noch in Ordnung sind, evtl. erweitern zum prüfen der Daten # prüft ob backups noch in Ordnung sind, evtl. erweitern zum prüfen der Daten
check-backup: check-backup:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
restart: unless-stopped restart: unless-stopped
environment: environment:
#RUN_ON_STARTUP: "true" #RUN_ON_STARTUP: "true"
@ -210,7 +212,7 @@ services:
- ./data/restic/ssh/:/run/secrets/.ssh:ro - ./data/restic/ssh/:/run/secrets/.ssh:ro
restore-cli: restore-cli:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
entrypoint: /entrypoint-restore entrypoint: /entrypoint-restore
environment: environment:
RESTIC_REPOSITORY: sftp://${RESTIC_REPO_USER:?Restic repository user is required}@${RESTIC_REPO_ADDRESS:?Restic repository address is requried}:${RESTIC_REPO_PORT:?Restic repository port is required}//backup RESTIC_REPOSITORY: sftp://${RESTIC_REPO_USER:?Restic repository user is required}@${RESTIC_REPO_ADDRESS:?Restic repository address is requried}:${RESTIC_REPO_PORT:?Restic repository port is required}//backup

16
docker-compose.test.yml
View file

@ -1,4 +1,6 @@
--- ---
# Based on authentiks official docker-compose.yml
# Version: 2025.2.1
services: services:
geoipupdate: geoipupdate:
@ -12,7 +14,7 @@ services:
GEOIPUPDATE_LICENSE_KEY: "${GEOIPUPDATE_LICENSE_KEY:?MaxMind GeoIP license key required}" GEOIPUPDATE_LICENSE_KEY: "${GEOIPUPDATE_LICENSE_KEY:?MaxMind GeoIP license key required}"
postgresql: postgresql:
image: docker.io/library/postgres:${POSTGRES_TAG:-16.6-alpine} image: docker.io/library/postgres:${POSTGRES_TAG:?POSTGRES_TAG is not configured}
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"] test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
@ -33,7 +35,7 @@ services:
- backend - backend
redis: redis:
image: docker.io/library/redis:${REDIS_TAG:-7.4.2-alpine} image: docker.io/library/redis:${REDIS_TAG:?REDIS_TAG is not configured}
command: --save 60 1 --loglevel warning command: --save 60 1 --loglevel warning
restart: unless-stopped restart: unless-stopped
healthcheck: healthcheck:
@ -48,7 +50,7 @@ services:
- backend - backend
server: server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.0} image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}
restart: unless-stopped restart: unless-stopped
command: server command: server
environment: environment:
@ -83,7 +85,7 @@ services:
- "traefik.http.services.sso.loadbalancer.server.scheme=https" - "traefik.http.services.sso.loadbalancer.server.scheme=https"
worker: worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2.0} image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}
restart: unless-stopped restart: unless-stopped
command: worker command: worker
environment: environment:
@ -116,7 +118,7 @@ services:
- backend - backend
backup: backup:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
restart: unless-stopped restart: unless-stopped
environment: environment:
PRE_COMMANDS: |- PRE_COMMANDS: |-
@ -149,7 +151,7 @@ services:
- ./data/.lego:/var/lib/lego/backups:ro - ./data/.lego:/var/lib/lego/backups:ro
prune-backup: prune-backup:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
restart: unless-stopped restart: unless-stopped
environment: environment:
SKIP_INIT: "true" SKIP_INIT: "true"
@ -162,7 +164,7 @@ services:
- ./data/restic/ssh/:/run/secrets/.ssh:ro - ./data/restic/ssh/:/run/secrets/.ssh:ro
restore-cli: restore-cli:
image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:-0.17.0} image: registry.git.base23.de/base23/backup/resticker:${RESTICKER_TAG:?RESTICKER_TAG is not configured}
entrypoint: /entrypoint-restore entrypoint: /entrypoint-restore
environment: environment:
RESTIC_REPOSITORY: sftp://${RESTIC_REPO_USER:?Restic repository user is required}@${RESTIC_REPO_ADDRESS:?Restic repository address is requried}:${RESTIC_REPO_PORT:?Restic repository port is required}//backup RESTIC_REPOSITORY: sftp://${RESTIC_REPO_USER:?Restic repository user is required}@${RESTIC_REPO_ADDRESS:?Restic repository address is requried}:${RESTIC_REPO_PORT:?Restic repository port is required}//backup