chore: revert authentik changes for now

docs/examples/docker/idp-authentik-traefik/based-on/docker-compose-authentik.yml

@@ -1,5 +1,6 @@
 # https://goauthentik.io/docker-compose.yml
 ---
+version: "3.4"
 
 services:
   postgresql:

docs/examples/docker/idp-authentik-traefik/based-on/docker-compose-traefik.yml

@@ -1,6 +1,6 @@
 # https://goauthentik.io/docs/providers/proxy/server_traefik
 ---
-
+version: "3.7"
 services:
   traefik:
     image: traefik:v2.2

docs/examples/docker/idp-authentik-traefik/docker-compose.yml

@@ -1,14 +1,14 @@
----
+version: "3.4"
 
 volumes:
   database:
     driver: local
-  valkey:
+  redis:
     driver: local
 
 services:
   copyparty:
-    image: copyparty/ac:latest
+    image: copyparty/ac
     container_name: idp_copyparty
     restart: unless-stopped
     user: "1000:1000"  # should match the user/group of your fileshare volumes
@@ -30,46 +30,20 @@ services:
       PYTHONUNBUFFERED: 1
       # ensures log-messages are not delayed (but can reduce speed a tiny bit)
 
-  socket-proxy:
-    image: lscr.io/linuxserver/socket-proxy:3.2.3
-    container_name: idp_socket_proxy
-    restart: unless-stopped
-    environment:
-      - CONTAINERS=1
-      - NETWORKS=1
-      - EVENTS=1
-      - PING=1 
-      - VERSION=1
-      - LOG_LEVEL=warning
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    security_opt:
-      - no-new-privileges:true
-    read_only: true
-    tmpfs:
-      - /run:noexec,nosuid,size=10m
-    expose:
-      - 2375
-
   traefik:
-    image: traefik:3.5
+    image: traefik:v2.11
     container_name: traefik
     volumes:
-      - ./traefik:/etc/traefik:Z
+      - /var/run/docker.sock:/var/run/docker.sock  # WARNING: this gives traefik full root-access to the host OS, but is recommended/required(?) by traefik
+    security_opt:
+      - label:disable  # disable selinux because it (rightly) blocks access to docker.sock
     ports:
-      - "80:80"
+      - 80:80
-      - "443:443"
     command:
       - '--api'
-      - '--providers.docker.endpoint=tcp://socket-proxy:2375'
+      - '--providers.docker=true'
       - '--providers.docker.exposedByDefault=false'
       - '--entrypoints.web.address=:80'
-      - '--entrypoints.web.http.redirections.entrypoint.to=websecure'
-      - '--entrypoints.web.http.redirections.entrypoint.scheme=https'
-      - '--entrypoints.websecure.address=:443'
-      - '--log.level=WARNING'
-    depends_on:
-      - idp_socket_proxy
 
   postgresql:
     image: docker.io/library/postgres:12-alpine
@@ -90,19 +64,19 @@ services:
     env_file:
       - .env
 
-  valkey:
+  redis:
-    image: valkey/valkey:8.0-alpine
+    image: docker.io/library/redis:alpine
     command: --save 60 1 --loglevel warning
-    container_name: idp_valkey
+    container_name: idp_redis
     restart: unless-stopped
     healthcheck:
-      test: ["CMD-SHELL", "valkey-cli ping | grep PONG"]
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
       start_period: 20s
       interval: 30s
       retries: 5
       timeout: 3s
     volumes:
-      - valkey:/data:z
+      - redis:/data:z
 
   authentik_server:
     image: ghcr.io/goauthentik/server:2024.2.1