58 lines
2.2 KiB
Plaintext
58 lines
2.2 KiB
Plaintext
[Container]
|
|
ContainerName=authentik-worker
|
|
Environment="AUTHENTIK_POSTGRESQL__CONN_MAX_AGE=0"
|
|
Environment="AUTHENTIK_POSTGRESQL__HOST=192.168.11.2"
|
|
Environment="AUTHENTIK_POSTGRESQL__NAME=authentik"
|
|
Environment="AUTHENTIK_POSTGRESQL__PASSWORD=OCxfxtWadNuXslBbfWw9c0JXLMu+bWngv+qk9Ya65sw="
|
|
Environment="AUTHENTIK_POSTGRESQL__PORT=5439"
|
|
Environment="AUTHENTIK_POSTGRESQL__USER=authentik"
|
|
Environment="AUTHENTIK_REDIS__HOST=192.168.11.2"
|
|
Environment="AUTHENTIK_REDIS__PORT=5021"
|
|
# (Required) To generate a secret key run the following command:
|
|
# echo $(openssl rand -base64 32)
|
|
Environment="AUTHENTIK_SECRET_KEY=QvqdN5Pn4piWcoof1yPDa0FcaGnOL1gHAiSImJjEGZl6pypRgE2nCps8DTd4R9UHqfFuOtR9jhCelmQ2"
|
|
# (Optional) Enable Error Reporting
|
|
# Environment="AUTHENTIK_ERROR_REPORTING__ENABLED=true"
|
|
# (Optional) Enable Email Sending
|
|
# Environment="AUTHENTIK_EMAIL__HOST=smtp.centurylink.net"
|
|
# Environment="AUTHENTIK_EMAIL__PORT=587"
|
|
# Environment="AUTHENTIK_EMAIL__USERNAME=phares@centurylink.net"
|
|
# Environment="AUTHENTIK_EMAIL__PASSWORD=Q7rOkv6#YdLCx4SBvMIAw"
|
|
# Environment="AUTHENTIK_EMAIL__USE_TLS=false"
|
|
# Environment="AUTHENTIK_EMAIL__USE_SSL=false"
|
|
# Environment="AUTHENTIK_EMAIL__TIMEOUT=10"
|
|
# Environment="AUTHENTIK_EMAIL__FROM=noreply@phares.duckdns.org"
|
|
Exec=worker
|
|
Image=ghcr.io/goauthentik/server:2024.12.1
|
|
PublishPort=5019:9000
|
|
PublishPort=5020:9443
|
|
Volume=/etc/localtime:/etc/localtime:ro
|
|
Volume=/etc/timezone:/etc/timezone:ro
|
|
Volume=/home/podman/wild-phares/fullchain.cer:/certs/server.cert:ro
|
|
Volume=/home/podman/wild-phares/phares.duckdns.org.key:/certs/server.key:ro
|
|
Volume=authentik-server-media:/media:Z
|
|
Volume=authentik-server-templates:/templates:Z
|
|
|
|
[Service]
|
|
Restart=no
|
|
|
|
[Unit]
|
|
Requires=authentik-db.service
|
|
Requires=authentik-redis.service
|
|
After=authentik-db.service
|
|
After=authentik-redis.service
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target default.target
|
|
|
|
# podman pull ghcr.io/goauthentik/server:2024.12.1
|
|
# systemctl --user daemon-reload
|
|
# systemctl --user start authentik-worker
|
|
# systemctl --user status authentik-worker --lines=999
|
|
# journalctl -fu authentik-worker.service
|
|
# podman logs authentik-worker
|
|
# systemctl --user stop authentik-worker
|
|
# systemctl --user disable authentik-worker
|
|
# podman exec -ti authentik-worker /bin/sh
|
|
# podman exec -ti authentik-worker /bin/bash
|