From 88044cd3f3a1d216a99670f33d52ecb51c5932c8 Mon Sep 17 00:00:00 2001 From: RealStickman Date: Mon, 10 Oct 2022 19:17:35 +0200 Subject: [PATCH] WIP authentik --- pages/02.linux/31.authenik/default.en.md | 94 ++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 pages/02.linux/31.authenik/default.en.md diff --git a/pages/02.linux/31.authenik/default.en.md b/pages/02.linux/31.authenik/default.en.md new file mode 100644 index 0000000..3449997 --- /dev/null +++ b/pages/02.linux/31.authenik/default.en.md @@ -0,0 +1,94 @@ +--- +title: Authentik +visible: false +--- + +[toc] +## Podman +### Network and Pod +`# podman network create net_authentik` +`# podman pod create --name pod_authentik --network net_authentik -p ` + +#### Port Mappings +``` + +``` + +### Database +``` +# podman run --name authentik_db \ + -e PGDATA=/var/lib/postgresql/data/pgdata \ + -e POSTGRES_USER=authentik \ + -e POSTGRES_PASSWORD=authentik \ + -e POSTGRES_DB=authentik \ + -v /mnt/authentik_db:/var/lib/postgresql/data \ + --pod pod_authentik \ + -d docker.io/postgres:14 +``` + +### Redis +``` +# podman run --name authentik_redis \ + -v /mnt/authentik_redis:/data \ + --pod pod_authentik \ + -d docker.io/redis:7 \ + redis-server --save 60 1 --loglevel warning +``` + +### Application Server +https://goauthentik.io/docs/installation/docker-compose +``` + server: + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0} + restart: unless-stopped + command: server + environment: + AUTHENTIK_REDIS__HOST: redis + AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} + AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} + AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} + # AUTHENTIK_ERROR_REPORTING__ENABLED: "true" + volumes: + - ./media:/media + - ./custom-templates:/templates + - geoip:/geoip + env_file: + - .env + ports: + - "0.0.0.0:${AUTHENTIK_PORT_HTTP:-9000}:9000" + - "0.0.0.0:${AUTHENTIK_PORT_HTTPS:-9443}:9443" +``` +``` + +``` + +### Application Worker +``` +worker: + image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.9.0} + restart: unless-stopped + command: worker + environment: + AUTHENTIK_REDIS__HOST: redis + AUTHENTIK_POSTGRESQL__HOST: postgresql + AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik} + AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik} + AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS} + # AUTHENTIK_ERROR_REPORTING__ENABLED: "true" + # This is optional, and can be removed. If you remove this, the following will happen + # - The permissions for the /media folders aren't fixed, so make sure they are 1000:1000 + # - The docker socket can't be accessed anymore + user: root + volumes: + - ./media:/media + - ./certs:/certs + - /var/run/docker.sock:/var/run/docker.sock + - ./custom-templates:/templates + - geoip:/geoip + env_file: + - .env +``` +``` + +```