docker-compose/authentik
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Docker compose deployment for my authentik instance, sso.s1q.dev.
28 commits 1 branch 0 tags 108 KiB
Find a file
Philip Henning 0668e5cda5 enable hsts
2024-11-19 15:52:33 +01:00
data/nginx enable hsts 2024-11-19 15:52:33 +01:00
docker/nginx Add cert scripts; update readme; update gitignore; add nginx 2024-11-19 10:54:05 +01:00
scripts change back from service to regular docker compose 2024-11-19 15:51:38 +01:00
.gitignore Add cert scripts; update readme; update gitignore; add nginx 2024-11-19 10:54:05 +01:00
docker-compose.yml re-add dependency on server by nginx 2024-11-19 14:23:39 +01:00
env.template update nginx resolver 2024-11-19 13:46:29 +01:00
README.md change back from service to regular docker compose 2024-11-19 15:51:38 +01:00

README.md

sso.base23.de - Base23 SSO for all services

Authentik based SSO for our sevices.

Prerequisites - Server Setup

apt update \
  && apt upgrade -y \
  && for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt remove $pkg; done \
  && apt install ca-certificates curl \
  && install -m 0755 -d /etc/apt/keyrings \
  && curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc \
  && chmod a+r /etc/apt/keyrings/docker.asc \
  && echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  tee /etc/apt/sources.list.d/docker.list > /dev/null \
  && apt update \
  && apt install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin \
  && mkdir -p /var/lib/apps \
  && ln -s /var/lib/apps \
  && apt install -y git vim \
  && TEMP_DIR=$(mktemp -d) \
  && curl -fsSL https://github.com/go-acme/lego/releases/download/v4.20.2/lego_v4.20.2_linux_amd64.tar.gz -o ${TEMP_DIR}/lego_v4.20.2_linux_amd64.tar.gz \
  && tar xzvf ${TEMP_DIR}/lego_v4.20.2_linux_amd64.tar.gz --directory=${TEMP_DIR} \
  && install -m 755 -o root -g root "${TEMP_DIR}/lego" "/usr/local/bin" \
  && rm -rf ${TEMP_DIR} \
  && unset TEMP_DIR

Installation

Clone & configure initially:

cd /root/apps \
  && git clone ssh://git@git.base23.de:222/base23/sso.base23.de.git \
  && cd sso.base23.de \
  && ./scripts/init.sh \
  && docker compose build --no-cache \
    --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \
    --build-arg SRC_REV=$(git rev-parse --short HEAD) \
  && docker compose up -d; docker compose logs -f

Upgrade

  1. Update AUTHENTIK_TAG to the desired tag in env.template, as well as in the deployed .env file.
  2. docker compose down
  3. docker compose up -d; docker compose logs -f

Rebuild containers locally

docker compose build --no-cache \
  --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') \
  --build-arg SRC_REV=$(git rev-parse --short HEAD)