Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8fa4f6e34c458904e082d0e67836d28bf60ad5b9
Olympus/system-config/services/containers/authentik/arion-compose.nix
blaknull 8fa4f6e34c age key vanished
2024-11-09 22:22:26 -06:00

98 lines
3.1 KiB
Nix
Raw Blame History

{ pkgs, ... }: {
project.name = "authentik";
services = let
authentik_img = "ghcr.io/goauthentik/server:2024.2.2";
in {
postgresql.service = {
image = "docker.io/library/postgres:12-alpine";
restart = "unless-stopped";
#command = "";
volumes = [
"/ssd1/Authentik/data/postgres:/var/lib/postgresql/data"
"/ssd1/Authentik/data/postgres.env:/etc/postgres/postgres.env"
];
healthcheck = {
test = [ "CMD-SHELL" "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ];
start_period = "20s";
interval = "30s";
retries = 5;
timeout = "5s";
};
environment = [
"POSTGRES_PASSWORD=$${POSTGRES_PASSWORD}"
"POSTGRES_USER=$${POSTGRES_USER}"
"POSTGRES_DB=$${POSTGRES_DB}"
];
env_file = "/etc/postgres/postgres.env";
networks = [ "backend" ];
};
redis.service = {
image = "docker.io/library/redis:alpine";
restart = "unless-stopped";
command = "--save 60 1 --loglevel warning";
volumes = [
"/ssd1/Authentik/data/redis:/data"
];
healthcheck = {
test = [ "CMD-SHELL" "redis-cli ping | grep PONG" ];
start_period = "20s";
interval = "30s";
retries = 5;
timeout = "3s";
};
#user = "authentik";
#env_file = "";
networks = [ "backend" ];
};
server.service = {
image = authentik_img;
restart = "unless-stopped";
command = "server";
volumes = [
"/ssd1/Authentik/data/authentik.env:/etc/authentik/authentik.env"
];
environment = [
"AUTHENTIK_REDIS__HOST=redis"
"AUTHENTIK_POSTGRESQL__HOST=postgresql"
"AUTHENTIK_POSTGRESQL__USER=$${POSTGRES_USER}"
"AUTHENTIK_POSTGRESQL__NAME=$${POSTGRES_DB}"
"AUTHENTIK_POSTGRESQL__PASSWORD=$${POSTGRES_PASSWORD}"
"AUTHENTIK_ERROR_REPORTING__ENABLED=true"
"AUTHENTIK_SECRET_KEY=$${AUTHENTIK_SECRET_KEY}"
];
depends_on = [ "postgresql" "redis" ];
#user = "";
env_file = "/etc/authentik/authentik.env";
networks = [ "backend" "frontend" ];
};
worker.service = {
image = authentik_img;
restart = "unless-stopped";
command = "worker";
volumes = [
"/ssd1/Authentik/data/authentik.env:/root/authentik.env"
];
depends_on = [ "postgresql" "redis" ];
healthcheck = {};
user = "root";
env_file = "/root/authentik.env";
networks = [ "backend" ];
};
};
networks = {
backend = {
name = "backend";
};
frontend = {
name = "frontend";
};
};
}
Reference in New Issue View Git Blame Copy Permalink