starred/altstack-data
1
0
Fork 0
mirror of https://github.com/altstackHQ/altstack-data.git synced 2026-04-17 19:53:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
2a0ac1b1072ca8cb723817f06680a8c0a8c7ea92
altstack-data/docs/app/deploy/authentik/page.mdx
AltStack Bot 2a0ac1b107 Initialize public data and docs repository
2026-02-25 22:36:27 +05:30

173 lines
4.7 KiB
Plaintext
Raw Blame History

---
title: "Deploy Authentik Self-Hosted (Docker)"
description: "Step-by-step guide to self-hosting Authentik with Docker Compose. "
---
# Deploy Authentik
The overall-best open-source identity provider, focused on flexibility and versatility.
<div className="deploy-hero">
<span className="deploy-hero-item">⭐ 15.0k stars</span>
<span className="deploy-hero-item">📜 MIT</span>
<span className="deploy-hero-item">🔴 Advanced</span>
<span className="deploy-hero-item">⏱ ~20 minutes</span>
</div>
<div className="mt-8 mb-4">
<a
href="https://m.do.co/c/2ed27757a361"
target="_blank"
rel="noopener noreferrer"
className="flex items-center justify-center w-full px-6 py-4 text-lg font-bold text-white transition-all bg-blue-600 rounded-xl hover:bg-blue-700 hover:scale-[1.02] shadow-lg shadow-blue-500/30"
>
🚀 Deploy on DigitalOcean ($200 Free Credit)
</a>
</div>
## What You'll Get
A fully working Authentik instance running on your server. Your data stays on your hardware — no third-party access, no usage limits, no surprise invoices.
## Prerequisites
- A server with Docker and Docker Compose installed ([setup guide](/quick-start/choosing-a-server))
- A domain name pointed to your server (optional but recommended)
- Basic terminal access (SSH)
## The Config
Create a directory for Authentik and add this `docker-compose.yml`:
```yaml
# -------------------------------------------------------------------------
# 🚀 Created and distributed by The AltStack
# 🌍 https://thealtstack.com
# -------------------------------------------------------------------------
version: '3.8'
services:
server:
image: ghcr.io/goauthentik/server:latest
container_name: authentik-server
restart: unless-stopped
command: server
depends_on:
- db
- redis
ports:
- "9000:9000"
- "9443:9443"
environment:
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=authentik
- AUTHENTIK_SECRET_KEY=generate-a-random-secret-key
worker:
image: ghcr.io/goauthentik/server:latest
container_name: authentik-worker
restart: unless-stopped
command: worker
depends_on:
- db
- redis
environment:
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=authentik
- AUTHENTIK_SECRET_KEY=generate-a-random-secret-key
db:
image: postgres:12-alpine
container_name: authentik-db
restart: unless-stopped
environment:
- POSTGRES_PASSWORD=authentik
- POSTGRES_USER=authentik
- POSTGRES_DB=authentik
volumes:
- authentik_db_data:/var/lib/postgresql/data
redis:
image: redis:6-alpine
container_name: authentik-redis
restart: unless-stopped
volumes:
authentik_db_data:
```
## Let's Ship It
```bash
# Create a directory
mkdir -p /opt/authentik && cd /opt/authentik
# Create the docker-compose.yml (paste the config above)
nano docker-compose.yml
# Pull images and start
docker compose up -d
# Watch the logs
docker compose logs -f
```
## Environment Variables
| Variable | Default | Required |
|---|---|---|
| `AUTHENTIK_REDIS__HOST` | `redis` | No |
| `AUTHENTIK_POSTGRESQL__HOST` | `db` | No |
| `AUTHENTIK_POSTGRESQL__USER` | `authentik` | No |
| `AUTHENTIK_POSTGRESQL__NAME` | `authentik` | No |
| `AUTHENTIK_POSTGRESQL__PASSWORD` | `authentik` | No |
| `AUTHENTIK_SECRET_KEY` | `generate-a-random-secret-key` | No |
| `POSTGRES_PASSWORD` | `authentik` | No |
| `POSTGRES_USER` | `authentik` | No |
| `POSTGRES_DB` | `authentik` | No |
## Post-Deployment Checklist
- [ ] Service is accessible on the configured port
- [ ] Admin account created (if applicable)
- [ ] Reverse proxy configured ([Caddy guide](/concepts/reverse-proxies))
- [ ] SSL/HTTPS working
- [ ] Backup script set up ([backup guide](/concepts/backups))
- [ ] Uptime monitor added ([Uptime Kuma](/deploy/uptime-kuma))
## The "I Broke It" Section
**Container won't start?**
```bash
docker compose logs authentik | tail -50
```
**Port already in use?**
```bash
# Find what's using the port
lsof -i :PORT_NUMBER
```
**Need to start fresh?**
```bash
docker compose down -v # ⚠️ This deletes volumes/data!
docker compose up -d
```
## Going Further
- [Authentik on AltStack Directory](https://thealtstack.com/alternative-to/authentik)
- [Authentik Self-Hosted Guide](https://thealtstack.com/self-hosted/authentik)
- [Official Documentation](https://goauthentik.io)
- [GitHub Repository](https://github.com/goauthentik/authentik)
Reference in New Issue View Git Blame Copy Permalink