chore: revert authentik changes for now

2025-08-17 09:02:15 -06:00 · 2025-07-31 21:35:28 +02:00 · 2025-07-31 21:35:28 +02:00 · 3dc36c2152
parent 62edda5f9f
commit 3dc36c2152
3 changed files with 16 additions and 41 deletions
--- a/docs/examples/docker/idp-authentik-traefik/based-on/docker-compose-authentik.yml
+++ b/docs/examples/docker/idp-authentik-traefik/based-on/docker-compose-authentik.yml
@ -1,5 +1,6 @@
 # https://goauthentik.io/docker-compose.yml
 ---
+version: "3.4"

 services:
  postgresql:
--- a/docs/examples/docker/idp-authentik-traefik/based-on/docker-compose-traefik.yml
+++ b/docs/examples/docker/idp-authentik-traefik/based-on/docker-compose-traefik.yml
@ -1,6 +1,6 @@
 # https://goauthentik.io/docs/providers/proxy/server_traefik
 ---
-
+version: "3.7"
 services:
  traefik:
    image: traefik:v2.2
--- a/docs/examples/docker/idp-authentik-traefik/docker-compose.yml
+++ b/docs/examples/docker/idp-authentik-traefik/docker-compose.yml
@ -1,14 +1,14 @@
---
+version: "3.4"

 volumes:
  database:
    driver: local
-  valkey:
+  redis:
    driver: local

 services:
  copyparty:
-    image: copyparty/ac:latest
+    image: copyparty/ac
    container_name: idp_copyparty
    restart: unless-stopped
    user: "1000:1000"  # should match the user/group of your fileshare volumes
@ -30,46 +30,20 @@ services:
      PYTHONUNBUFFERED: 1
      # ensures log-messages are not delayed (but can reduce speed a tiny bit)

-  socket-proxy:
-    image: lscr.io/linuxserver/socket-proxy:3.2.3
-    container_name: idp_socket_proxy
-    restart: unless-stopped
-    environment:
-      - CONTAINERS=1
-      - NETWORKS=1
-      - EVENTS=1
-      - PING=1 
-      - VERSION=1
-      - LOG_LEVEL=warning
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-    security_opt:
-      - no-new-privileges:true
-    read_only: true
-    tmpfs:
-      - /run:noexec,nosuid,size=10m
-    expose:
-      - 2375
-
  traefik:
-    image: traefik:3.5
+    image: traefik:v2.11
    container_name: traefik
    volumes:
-      - ./traefik:/etc/traefik:Z
+      - /var/run/docker.sock:/var/run/docker.sock  # WARNING: this gives traefik full root-access to the host OS, but is recommended/required(?) by traefik
+    security_opt:
+      - label:disable  # disable selinux because it (rightly) blocks access to docker.sock
    ports:
-      - "80:80"
-      - "443:443"
+      - 80:80
    command:
      - '--api'
-      - '--providers.docker.endpoint=tcp://socket-proxy:2375'
+      - '--providers.docker=true'
      - '--providers.docker.exposedByDefault=false'
      - '--entrypoints.web.address=:80'
-      - '--entrypoints.web.http.redirections.entrypoint.to=websecure'
-      - '--entrypoints.web.http.redirections.entrypoint.scheme=https'
-      - '--entrypoints.websecure.address=:443'
-      - '--log.level=WARNING'
-    depends_on:
-      - idp_socket_proxy

  postgresql:
    image: docker.io/library/postgres:12-alpine
@ -90,19 +64,19 @@ services:
    env_file:
      - .env

-  valkey:
-    image: valkey/valkey:8.0-alpine
+  redis:
+    image: docker.io/library/redis:alpine
    command: --save 60 1 --loglevel warning
-    container_name: idp_valkey
+    container_name: idp_redis
    restart: unless-stopped
    healthcheck:
-      test: ["CMD-SHELL", "valkey-cli ping | grep PONG"]
+      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
      start_period: 20s
      interval: 30s
      retries: 5
      timeout: 3s
    volumes:
-      - valkey:/data:z
+      - redis:/data:z

  authentik_server:
    image: ghcr.io/goauthentik/server:2024.2.1