website: add docs for compose configuration options

This commit is contained in:
Jens Langhammer 2021-03-12 16:43:31 +01:00
parent b63b789f77
commit e67f235a9f
4 changed files with 135 additions and 53 deletions

View file

@ -13,6 +13,7 @@ redis:
ws_db: 2 ws_db: 2
debug: false debug: false
log_level: info log_level: info
# Error reporting, sends stacktrace to sentry.beryju.org # Error reporting, sends stacktrace to sentry.beryju.org

View file

@ -0,0 +1,84 @@
---
title: docker-compose configuration
---
These are all the configuration options you can set via docker-compose. These don't apply to Kubernetes, as those settings are configured via helm.
Append any of the following keys to your `.env` file, and run `docker-compose up -d` to apply them.
## AUTHENTIK_LOG_LEVEL
Log level for the server and worker containers. Possible values: debug, info, warning, error
Defaults to `info`.
## AUTHENTIK_ERROR_REPORTING
- AUTHENTIK_ERROR_REPORTING__ENABLED
Enable error reporting. Defaults to `false`.
Error reports are sent to https://sentry.beryju.org, and are used for debugging and general feedback. Anonymous performance data is also sent.
- AUTHENTIK_ERROR_REPORTING__ENVIRONMENT
Unique environment that is attached to your error reports, should be set to your email address for example. Defaults to `customer`.
- AUTHENTIK_ERROR_REPORTING__SEND_PII
Whether or not to send personal data, like usernames. Defaults to `false`.
## AUTHENTIK_EMAIL
- AUTHENTIK_EMAIL__HOST
Default: `localhost`
- AUTHENTIK_EMAIL__PORT
Default: `25`
- AUTHENTIK_EMAIL__USERNAME
Default: `""`
- AUTHENTIK_EMAIL__PASSWORD
Default: `""`
- AUTHENTIK_EMAIL__USE_TLS
Default: `false`
- AUTHENTIK_EMAIL__USE_SSL
Default: `false`
- AUTHENTIK_EMAIL__TIMEOUT
Default: `10`
- AUTHENTIK_EMAIL__FROM
Default: `authentik@localhost`
Email address authentik will send from, should have a correct @domain
## AUTHENTIK_OUTPOSTS
- AUTHENTIK_OUTPOSTS__DOCKER_IMAGE_BASE
This is the prefix used for authentik-managed outposts. Default: `beryju/authentik`.
## AUTHENTIK_AUTHENTIK
- AUTHENTIK_AUTHENTIK__AVATARS
Controls which avatars are shown. Defaults to `gravatar`. Can be set to `none` to disable avatars.
- AUTHENTIK_AUTHENTIK__BRANDING__TITLE
Branding title used throughout the UI. Defaults to `authentik`.
- AUTHENTIK_AUTHENTIK__BRANDING__LOGO
Logo shown in the sidebar and flow executions. Defaults to `/static/dist/assets/icons/icon_left_brand.svg`

View file

@ -21,10 +21,10 @@ It is also recommended to configure global email credentials. These are used by
# Values directly affecting authentik # Values directly affecting authentik
################################### ###################################
image: image:
name: beryju/authentik name: beryju/authentik
name_static: beryju/authentik-static name_static: beryju/authentik-static
name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended name_outposts: beryju/authentik # Prefix used for Outpost deployments, Outpost type and version is appended
tag: 2021.3.3 tag: 2021.3.3
serverReplicas: 1 serverReplicas: 1
workerReplicas: 1 workerReplicas: 1
@ -33,31 +33,38 @@ workerReplicas: 1
kubernetesIntegration: true kubernetesIntegration: true
config: config:
# Optionally specify fixed secret_key, otherwise generated automatically # Optionally specify fixed secret_key, otherwise generated automatically
# secretKey: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o # secretKey: _k*@6h2u2@q-dku57hhgzb7tnx*ba9wodcb^s9g0j59@=y(@_o
# Enable error reporting # Enable error reporting
errorReporting: errorReporting:
enabled: false enabled: false
environment: customer environment: customer
sendPii: false sendPii: false
# Log level used by web and worker # Log level used by web and worker
# Can be either debug, info, warning, error # Can be either debug, info, warning, error
logLevel: warning logLevel: warning
# Global Email settings # Global Email settings
email: email:
# SMTP Host Emails are sent to # SMTP Host Emails are sent to
host: localhost host: localhost
port: 25 port: 25
# Optionally authenticate # Optionally authenticate
username: "" username: ""
password: "" password: ""
# Use StartTLS # Use StartTLS
useTls: false useTls: false
# Use SSL # Use SSL
useSsl: false useSsl: false
timeout: 10 timeout: 10
# Email address authentik will send from, should have a correct @domain # Email address authentik will send from, should have a correct @domain
from: authentik@localhost from: authentik@localhost
# Enable MaxMind GeoIP
# geoip:
# enabled: false
# accountId: ""
# licenseKey: ""
# image: maxmindinc/geoipupdate:latest
# Enable Database Backups to S3 # Enable Database Backups to S3
# backup: # backup:
@ -68,33 +75,22 @@ config:
# host: s3-host # host: s3-host
ingress: ingress:
annotations: annotations:
{} {}
# kubernetes.io/ingress.class: nginx # kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true" # kubernetes.io/tls-acme: "true"
hosts: hosts:
- authentik.k8s.local - authentik.k8s.local
tls: [] tls: []
# - secretName: chart-example-tls # - secretName: chart-example-tls
# hosts: # hosts:
# - authentik.k8s.local # - authentik.k8s.local
################################### ###################################
# Values controlling dependencies # Values controlling dependencies
################################### ###################################
install: install:
postgresql: true postgresql: true
redis: true redis: true
# These values influence the bundled postgresql and redis charts, but are also used by authentik to connect
postgresql:
postgresqlDatabase: authentik
redis:
cluster:
enabled: false
master:
persistence:
enabled: false
``` ```

View file

@ -14,8 +14,9 @@ module.exports = {
items: [ items: [
"installation/index", "installation/index",
"installation/docker-compose", "installation/docker-compose",
"installation/kubernetes", "installation/docker-compose-config",
"installation/reverse-proxy", "installation/reverse-proxy",
"installation/kubernetes",
], ],
}, },
{ {