root: add geoip config to docker-compose
This commit is contained in:
parent
f8dc32b387
commit
13fceacfe4
|
@ -31,6 +31,7 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- ./media:/media
|
- ./media:/media
|
||||||
- ./custom-templates:/templates
|
- ./custom-templates:/templates
|
||||||
|
- geoip:/geoip
|
||||||
ports:
|
ports:
|
||||||
- 8000
|
- 8000
|
||||||
networks:
|
networks:
|
||||||
|
@ -61,6 +62,7 @@ services:
|
||||||
- ./backups:/backups
|
- ./backups:/backups
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
- ./custom-templates:/templates
|
- ./custom-templates:/templates
|
||||||
|
- geoip:/geoip
|
||||||
env_file:
|
env_file:
|
||||||
- .env
|
- .env
|
||||||
static:
|
static:
|
||||||
|
@ -93,10 +95,21 @@ services:
|
||||||
- "127.0.0.1:8080:8080"
|
- "127.0.0.1:8080:8080"
|
||||||
networks:
|
networks:
|
||||||
- internal
|
- internal
|
||||||
|
geoipupdate:
|
||||||
|
image: "maxmindinc/geoipupdate:latest"
|
||||||
|
volumes:
|
||||||
|
- "geoip:/usr/share/GeoIP"
|
||||||
|
environment:
|
||||||
|
GEOIPUPDATE_EDITION_IDS: "GeoLite2-City"
|
||||||
|
GEOIPUPDATE_FREQUENCY: "8"
|
||||||
|
env_file:
|
||||||
|
- .env
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
database:
|
database:
|
||||||
driver: local
|
driver: local
|
||||||
|
geoip:
|
||||||
|
driver: local
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
internal: {}
|
internal: {}
|
||||||
|
|
|
@ -20,7 +20,7 @@ To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.3.3 >> .en
|
||||||
|
|
||||||
If this is a fresh authentik install run the following commands to generate a password:
|
If this is a fresh authentik install run the following commands to generate a password:
|
||||||
|
|
||||||
```
|
```shell
|
||||||
sudo apt-get install -y pwgen
|
sudo apt-get install -y pwgen
|
||||||
echo "PG_PASS=$(pwgen 40 1)" >> .env
|
echo "PG_PASS=$(pwgen 40 1)" >> .env
|
||||||
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
|
echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
|
||||||
|
@ -32,7 +32,7 @@ It is also recommended to configure global email credentials. These are used by
|
||||||
|
|
||||||
Append this block to your `.env` file
|
Append this block to your `.env` file
|
||||||
|
|
||||||
```
|
```shell
|
||||||
# SMTP Host Emails are sent to
|
# SMTP Host Emails are sent to
|
||||||
AUTHENTIK_EMAIL__HOST=localhost
|
AUTHENTIK_EMAIL__HOST=localhost
|
||||||
AUTHENTIK_EMAIL__PORT=25
|
AUTHENTIK_EMAIL__PORT=25
|
||||||
|
@ -48,11 +48,27 @@ AUTHENTIK_EMAIL__TIMEOUT=10
|
||||||
AUTHENTIK_EMAIL__FROM=authentik@localhost
|
AUTHENTIK_EMAIL__FROM=authentik@localhost
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## GeoIP configuration (optional)
|
||||||
|
|
||||||
|
authentik can use a MaxMind-formatted GeoIP Database to extract location data from IPs. You can then use this location data in policies, and location data is saved in events.
|
||||||
|
|
||||||
|
To configure GeoIP, sign up for a free MaxMind account [here](https://www.maxmind.com/en/geolite2/signup).
|
||||||
|
|
||||||
|
After you have your account ID and license key, add the following block to your `.env` file:
|
||||||
|
|
||||||
|
```shell
|
||||||
|
GEOIPUPDATE_ACCOUNT_ID=*your account ID*
|
||||||
|
GEOIPUPDATE_LICENSE_KEY=* your license key*
|
||||||
|
AUTHENTIK_AUTHENTIK__GEOIP=/geoip/GeoLite2-City.mmdb
|
||||||
|
```
|
||||||
|
|
||||||
|
The GeoIP database will automatically be updated every 8 hours.
|
||||||
|
|
||||||
## Startup
|
## Startup
|
||||||
|
|
||||||
Afterwards, run these commands to finish
|
Afterwards, run these commands to finish
|
||||||
|
|
||||||
```
|
```shell
|
||||||
docker-compose pull
|
docker-compose pull
|
||||||
docker-compose up -d
|
docker-compose up -d
|
||||||
docker-compose run --rm server migrate
|
docker-compose run --rm server migrate
|
||||||
|
|
Reference in a new issue