services: server: image: ghcr.io/goauthentik/server:latest container_name: authentik-server restart: unless-stopped command: server environment: AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY} AUTHENTIK_REDIS__HOST: redis AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__USER: authentik AUTHENTIK_POSTGRESQL__NAME: authentik AUTHENTIK_POSTGRESQL__PASSWORD: ${AUTHENTIK_PG_PASS} volumes: - ./media:/media - ./custom-templates:/templates env_file: - .env depends_on: - postgresql - redis networks: - web - default labels: - "traefik.enable=true" - "traefik.http.routers.authentik.entrypoints=https" - "traefik.http.routers.authentik.rule=Host(`authentik.${DOMAIN}`)" - "traefik.http.routers.authentik.tls.certresolver=http" - "traefik.http.services.authentik.loadbalancer.server.port=9000" worker: image: ghcr.io/goauthentik/server:latest container_name: authentik-worker restart: unless-stopped command: worker environment: AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY} AUTHENTIK_REDIS__HOST: redis AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQL__USER: authentik AUTHENTIK_POSTGRESQL__NAME: authentik AUTHENTIK_POSTGRESQL__PASSWORD: ${AUTHENTIK_PG_PASS} volumes: - ./media:/media - ./certs:/certs - ./custom-templates:/templates env_file: - .env depends_on: - postgresql - redis postgresql: image: postgres:15-alpine container_name: authentik-postgres restart: unless-stopped environment: POSTGRES_PASSWORD: ${AUTHENTIK_PG_PASS} POSTGRES_USER: authentik POSTGRES_DB: authentik volumes: - ./postgres:/var/lib/postgresql/data redis: image: redis:alpine container_name: authentik-redis restart: unless-stopped command: --save 60 1 --loglevel warning volumes: - ./redis:/data networks: web: external: true