diff --git a/authentik/outposts/controllers/docker.py b/authentik/outposts/controllers/docker.py index 839ed378e..2806a9aa5 100644 --- a/authentik/outposts/controllers/docker.py +++ b/authentik/outposts/controllers/docker.py @@ -106,9 +106,12 @@ class DockerController(BaseController): ).lower() def _get_labels(self) -> dict[str, str]: - return { + labels = { "io.goauthentik.outpost-uuid": self.outpost.pk.hex, } + if self.outpost.config.docker_labels: + labels.update(self.outpost.config.docker_labels) + return labels def _get_env(self) -> dict[str, str]: return { diff --git a/authentik/outposts/models.py b/authentik/outposts/models.py index 9c3efe8e0..012cf35e7 100644 --- a/authentik/outposts/models.py +++ b/authentik/outposts/models.py @@ -60,6 +60,7 @@ class OutpostConfig: docker_network: Optional[str] = field(default=None) docker_map_ports: bool = field(default=True) + docker_labels: Optional[dict[str, str]] = field(default=None) container_image: Optional[str] = field(default=None) diff --git a/website/docs/outposts/index.md b/website/docs/outposts/index.md index a7ebf2af6..4898d0a99 100644 --- a/website/docs/outposts/index.md +++ b/website/docs/outposts/index.md @@ -50,6 +50,9 @@ docker_network: null # Optionally disable mapping of ports to outpost container, may be useful when using docker networks # (Available with 2021.9.4+) docker_map_ports: true +# Optionally additional labels for docker containers +# (Available with 2022.1.2) +docker_labels: null ######################################## # Kubernetes outpost specific settings ######################################## diff --git a/website/docs/outposts/integrations/docker.md b/website/docs/outposts/integrations/docker.md index fdf9d9c05..e6fdeeae6 100644 --- a/website/docs/outposts/integrations/docker.md +++ b/website/docs/outposts/integrations/docker.md @@ -12,6 +12,7 @@ The following outpost settings are used: - `container_image`: Optionally overwrites the standard container image (see [Configuration](../../installation/configuration.md) to configure the global default) - `docker_network`: The docker network the container should be added to. This needs to be modified if you plan to connect to authentik using the internal hostname. - `docker_map_ports`: Enable/disable the mapping of ports. When using a proxy outpost with traefik for example, you might not want to bind ports as they are routed through traefik. +- `docker_labels`: Optional additional labels that can be applied to the container. The container is created with the following hardcoded properties: