added authentik

README.md

@@ -27,8 +27,6 @@
 
 ## ToDo
 
-- https://github.com/ChristianLempa/boilerplates/tree/main/docker-compose
-
 - Authentik
 - alpine
 - nginx
@@ -49,6 +47,12 @@
 - redis
 - tinyfilemanager
 - vaultwarden
+- https://github.com/ChristianLempa/boilerplates/tree/main/docker-compose
+  - cadvisor
+  - heimdall
+  - homer
+  - influxdb2
+  - pihole
 
 ### Übung
 
@@ -71,6 +75,7 @@
 - databases
 - dawarich
 - olivetin
+- authentik
 
 ## Tools
 

authentik/compose.yml

@@ -0,0 +1,116 @@
+# https://goauthentik.io/
+
+# secure and flexible solution for managing your identity needs. It covers both B2B and B2C use cases, supports various protocols and workflows, and lets you own your data and control your infrastructure.
+# To start the initial setup, navigate to http://<your server's IP or hostname>:9000/if/flow/initial-setup/.
+
+name: authentik
+
+services:
+  postgres:
+    image: docker.io/library/postgres:16.3
+    container_name: authentik-db
+    environment:
+      - POSTGRES_USER=${POSTGRES_USER:-authentik}
+      - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-authentik}
+      - POSTGRES_DB=${POSTGRES_DB:-authentik}
+      - TZ=${TZ:-UTC}
+    healthcheck:
+      test: ['CMD-SHELL', 'pg_isready -U "${POSTGRES_USER:-authentik}"']
+      start_period: 30s
+      interval: 10s
+      timeout: 10s
+      retries: 5
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+    restart: unless-stopped
+  redis:
+    image: docker.io/library/redis:7.2.5
+    container_name: authentik-redis
+    command: --save 60 1 --loglevel warning
+    healthcheck:
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+      start_period: 20s
+      interval: 30s
+      retries: 5
+      timeout: 3s
+    volumes:
+      - redis_data:/data
+    restart: unless-stopped
+  server:
+    image: ghcr.io/goauthentik/server:2024.6.1
+    container_name: authentik-server
+    command: server
+    environment:
+      - AUTHENTIK_REDIS__HOST=authentik-redis
+      - AUTHENTIK_POSTGRESQL__HOST=authentik-db
+      - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik}
+      - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik}
+      - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:-authentik}
+      # (Required)  To generate a secret key run the following command:
+      #             echo $(openssl rand -base64 32)
+      - AUTHENTIK_SECRET_KEY=MbcOqluK2LVkGtM9zI111PQSaGnqZvYEFnwf8EL8raA=
+      # (Optional)  Enable Error Reporting
+      # - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false}
+      # (Optional)  Enable Email Sending
+      # - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error}
+      # - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25}
+      # - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error}
+      # - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error}
+      # - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false}
+      # - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false}
+      # - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10}
+      # - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error}
+    ports:
+      - 9001:9000
+      - 9443:9443
+    volumes:
+      - ./media:/media
+      - ./custom-templates:/templates
+    depends_on:
+      - postgres
+      - redis
+    restart: unless-stopped
+  worker:
+    image: ghcr.io/goauthentik/server:2024.6.1
+    container_name: authentik-worker
+    command: worker
+    environment:
+      - AUTHENTIK_REDIS__HOST=authentik-redis
+      - AUTHENTIK_POSTGRESQL__HOST=authentik-db
+      - AUTHENTIK_POSTGRESQL__USER=${POSTGRES_USER:-authentik}
+      - AUTHENTIK_POSTGRESQL__NAME=${POSTGRES_DB:-authentik}
+      - AUTHENTIK_POSTGRESQL__PASSWORD=${POSTGRES_PASSWORD:-authentik}
+      # (Required)  To generate a secret key run the following command:
+      #             echo $(openssl rand -base64 32)
+      - AUTHENTIK_SECRET_KEY=MbcOqluK2LVkGtM9zI111PQSaGnqZvYEFnwf8EL8raA=
+      # (Optional)  Enable Error Reporting
+      # - AUTHENTIK_ERROR_REPORTING__ENABLED=${AUTHENTIK_ERROR_REPORTING:-false}
+      # (Optional)  Enable Email Sending
+      # - AUTHENTIK_EMAIL__HOST=${EMAIL_HOST:?error}
+      # - AUTHENTIK_EMAIL__PORT=${EMAIL_PORT:-25}
+      # - AUTHENTIK_EMAIL__USERNAME=${EMAIL_USERNAME:?error}
+      # - AUTHENTIK_EMAIL__PASSWORD=${EMAIL_PASSWORD:?error}
+      # - AUTHENTIK_EMAIL__USE_TLS=${EMAIL_USE_TLS:-false}
+      # - AUTHENTIK_EMAIL__USE_SSL=${EMAIL_USE_SSL:-false}
+      # - AUTHENTIK_EMAIL__TIMEOUT=${EMAIL_TIMEOUT:-10}
+      # - AUTHENTIK_EMAIL__FROM=${EMAIL_FROM:?error}
+    # (Optional)  When using the docker socket integration
+    #             See more for the docker socket integration here:
+    #             https://goauthentik.io/docs/outposts/integrations/docker
+    # user: root
+    volumes:
+      # (Optional)  When using the docker socket integration
+      # - /run/docker.sock:/run/docker.sock
+      - ./media:/media
+      - ./certs:/certs
+      - ./custom-templates:/templates
+    depends_on:
+      - postgres
+      - redis
+    restart: unless-stopped
+
+volumes:
+  postgres_data:
+    driver: local
+  redis_data:
+    driver: local

dawarich/compose.yml

@@ -2,6 +2,8 @@
 
 # import your location history from Google Maps Timeline and Owntracks, view it on a map and see some statistics, such as the number of countries and cities visited, and distance traveled
 
+# Default credentials user@domain.com/password
+
 name: dawarich
 
 services: