82 lines
No EOL
2.8 KiB
YAML
82 lines
No EOL
2.8 KiB
YAML
---
|
|
|
|
services:
|
|
geoipupdate:
|
|
image: "maxmindinc/geoipupdate:latest"
|
|
volumes:
|
|
- "geoip:/usr/share/GeoIP"
|
|
environment:
|
|
GEOIPUPDATE_EDITION_IDS: "GeoLite2-City GeoLite2-ASN"
|
|
GEOIPUPDATE_FREQUENCY: "8"
|
|
GEOIPUPDATE_ACCOUNT_ID: "${GEOIPUPDATE_ACCOUNT_ID:?MaxMind GeoIP account ID required}"
|
|
GEOIPUPDATE_LICENSE_KEY: "${GEOIPUPDATE_LICENSE_KEY:?MaxMind GeoIP license key required}"
|
|
|
|
postgresql:
|
|
image: docker.io/library/postgres:${POSTGRES_TAG:?POSTGRES_TAG is not configured}
|
|
volumes:
|
|
- database:/var/lib/postgresql/data
|
|
networks:
|
|
- backend
|
|
|
|
redis:
|
|
image: docker.io/library/redis:${REDIS_TAG:?REDIS_TAG is not configured}
|
|
networks:
|
|
- backend
|
|
|
|
server:
|
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}
|
|
environment:
|
|
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS:?PG_PASS is required. - Password for authentik's postgresql database}
|
|
ports: []
|
|
volumes:
|
|
- media:/media
|
|
- ./data/authentik/custom-templates:/templates
|
|
- geoip:/geoip
|
|
networks:
|
|
- backend
|
|
- dokploy-network
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.docker.network=dokploy-network"
|
|
|
|
- "traefik.http.services.sso-server.loadbalancer.server.port=9443" # set port the container listenes to
|
|
- "traefik.http.services.sso-server.loadbalancer.server.scheme=https"
|
|
|
|
- "traefik.http.routers.sso-server-web.rule=Host(`${PUBLIC_DOMAIN}`)"
|
|
- "traefik.http.routers.sso-server-web.entrypoints=web"
|
|
- "traefik.http.routers.sso-server-web.service=sso-server"
|
|
- "traefik.http.routers.sso-server-web.middlewares=redirect-to-https@file"
|
|
|
|
- "traefik.http.routers.sso-server-websecure.entrypoints=websecure"
|
|
- "traefik.http.routers.sso-server-websecure.rule=Host(`${PUBLIC_DOMAIN}`)" # change hostname!
|
|
- "traefik.http.routers.sso-server-websecure.tls=true"
|
|
- "traefik.http.routers.sso-server-websecure.tls.certresolver=hetzner"
|
|
- "traefik.http.routers.sso-server-websecure.tls.domains[0].main=${TLS_DOMAIN}"
|
|
- "traefik.http.routers.sso-server-websecure.middlewares=secHeaders@file, hsts-header@file"
|
|
- "traefik.http.routers.sso-server-websecure.service=sso-server"
|
|
|
|
worker:
|
|
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:?AUTHENTIK_TAG is not configured}
|
|
environment:
|
|
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS:?PG_PASS is required. - Password for authentik's postgresql database}
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock
|
|
- media:/media
|
|
- certs:/certs
|
|
- ./data/authentik/custom-templates:/templates
|
|
- geoip:/geoip
|
|
networks:
|
|
- backend
|
|
|
|
volumes:
|
|
geoip:
|
|
driver: local
|
|
media:
|
|
driver: local
|
|
certs:
|
|
driver: local
|
|
|
|
networks:
|
|
backend:
|
|
dokploy-network:
|
|
external: true |