authentik-worker
authentik-worker
Docker-Anwendung from zuerrex's Repository
Übersicht
Anforderungen
Running as non-root
If you remove --user root from Extra Parameters, you must ensure file/share permissions are handled manually so the worker can read/write any mapped paths.
Docker socket options (choose ONE):
1- Direct socket (easiest, least safe):
Map /var/run/docker.sock and set the socket path in the template. This gives Authentik broad Docker control - use only in trusted environments.
2- Socket-proxy:
Point Authentik’s Outpost Integration to your proxy and enable only the endpoints needed for outpost lifecycle:
IMAGES=1, CONTAINERS=1, POST=1, INFO=1, VERSION=1
Type: Docker Service-Connection, URL: http://socket-proxy:2375, Local: toggled off
3- No socket (recommended):
Don’t expose Docker Socket at all. Manage outposts manually from Authentik (create/update/remove them yourself).
Laufzeit-Argumente
- Netzwerk
bridge- Shell
sh- Privilegiert
- false
- Extra Params
--user root
Konfiguration der Vorlage
Cryptographic key for Authentik.
- Ziel
- AUTHENTIK_SECRET_KEY
Host/IP of the Redis server.
- Ziel
- AUTHENTIK_REDIS__HOST
- Standard
- redis
- Wert
- redis
Password of Redis server.
- Ziel
- AUTHENTIK_REDIS__PASSWORD
Host/IP of the PostgreSQL database.
- Ziel
- AUTHENTIK_POSTGRESQL__HOST
- Standard
- postgresql16
- Wert
- postgresql
Username for PostgreSQL access.
- Ziel
- AUTHENTIK_POSTGRESQL__USER
- Standard
- postgres
- Wert
- postgres
Name of the PostgreSQL database.
- Ziel
- AUTHENTIK_POSTGRESQL__NAME
- Standard
- authentik
- Wert
- authentik
Password for the PostgreSQL user.
- Ziel
- AUTHENTIK_POSTGRESQL__PASSWORD
Mounts Docker socket for container management.
- Ziel
- /var/run/docker.sock
Stores uploaded media and assets.
- Ziel
- /media
- Standard
- /mnt/user/appdata/authentik/media
- Wert
- /mnt/user/appdata/authentik/media
Stores SSL/TLS certificates.
- Ziel
- /certs
- Standard
- /mnt/user/appdata/authentik/certs
- Wert
- /mnt/user/appdata/authentik/certs
Stores custom Authentik templates.
- Ziel
- /templates
- Standard
- /mnt/user/appdata/authentik/templates
- Wert
- /mnt/user/appdata/authentik/templates
Enable/disable sending error reports (true/false).
- Ziel
- AUTHENTIK_ERROR_REPORTING__ENABLED
- Standard
- true
- Wert
- true
SMTP server hostname.
- Ziel
- AUTHENTIK_EMAIL__HOST
- Standard
- smtp.gmail.com
- Wert
- smtp.gmail.com
SMTP server port.
- Ziel
- AUTHENTIK_EMAIL__PORT
- Standard
- 587
- Wert
- 587
SMTP account username.
- Ziel
- AUTHENTIK_EMAIL__USERNAME
- Standard
- example@localhost
For Gmail, visit https://myaccount.google.com/apppasswords
- Ziel
- AUTHENTIK_EMAIL__PASSWORD
Enable TLS for SMTP (true/false).
- Ziel
- AUTHENTIK_EMAIL__USE_TLS
- Standard
- true
- Wert
- true
Enable SSL for SMTP (true/false).
- Ziel
- AUTHENTIK_EMAIL__USE_SSL
- Standard
- false
- Wert
- false
SMTP timeout in seconds.
- Ziel
- AUTHENTIK_EMAIL__TIMEOUT
- Standard
- 10
- Wert
- 10
Default “From” email address.
- Ziel
- AUTHENTIK_EMAIL__FROM
- Standard
- authintik@localhost
Einzelheiten
ghcr.io/goauthentik/server:2025.8.1Führen Sie authentik-worker auf Unraid aus.
authentik-worker ist gelistet in Community Apps für Unraid OS. Erkunden Sie Unraid, um einen flexiblen Heimserver, ein NAS oder ein Heimlabor aufzubauen.