[services]

[services.redis]
container_name = "redis-authentik"
image = "redis:alpine"
restart = "unless-stopped"
networks = ["authentik"]

[services.authentik]
container_name = "authentik"
image = "goauthentik.io/server:latest"
restart = "unless-stopped"
command = "server"
volumes = [
  "/docker/authentik/media:/media",
  "/docker/authentik/custom-templates:/templates",
]
env_file = [".env"]
networks = ["authentik", "postgres", "proxy"]
labels = [
  "traefik.enable=true",
  "traefik.docker.network=proxy",
  "traefik.http.routers.authentik-redirect.entrypoints=http",
  "traefik.http.routers.authentik-redirect.rule=Host(`sso.korhonen.cc`)",
  "traefik.http.routers.authentik-redirect.middlewares=http2https@file",
  "traefik.http.routers.authentik.entrypoints=https",
  "traefik.http.routers.authentik.middlewares=secHeaders@file,compress@file",
  "traefik.http.routers.authentik.rule=Host(`sso.korhonen.cc`)",
  "traefik.http.routers.authentik.service=authentik",
  "traefik.http.services.authentik.loadbalancer.server.port=9000",
]

[services.authentik-worker]
container_name = "authentik-worker"
image = "${AUTHENTIK_IMAGE:-goauthentik.io/server}:${AUTHENTIK_TAG:-2021.10.4}"
restart = "unless-stopped"
command = "worker"
networks = ["authentik", "postgres"]
user = "root"
volumes = [
  "/docker/authentik/backups:/backups",
  "/docker/authentik/media:/media",
  "/var/run/docker.sock:/var/run/docker.sock",
  "/docker/authentik/custom-templates:/templates",
]
environment = [
  "AUTHENTIK_POSTGRESQL__HOST",
  "AUTHENTIK_POSTGRESQL__USER",
  "AUTHENTIK_POSTGRESQL__NAME",
  "AUTHENTIK_POSTGRESQL__PASSWORD",
  "AUTHENTIK_SECRET_KEY",
]
env_file = [".env"]

[networks]

[networks.authentik]
external = true

[networks.postgres]
external = true

[networks.proxy]
external = true