3.5 KiB
authentik Stack
description: Self-service identity management for NetGrimoire users
title: authentik Stack date: 2026-04-29T19:05:09.746Z tags: docker,swarm,authentik,netgrimoire editor: markdown dateCreated: 2026-04-29T19:05:09.746Z
authentik
Overview
The authentik Stack provides a self-service identity management system for NetGrimoire users. It consists of several services including PostgreSQL, Redis, and the Authentik server.
Architecture
| Service | Image | Port | Role |
|---|---|---|---|
| authentik | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080:9000, 9443:9443 | Server |
| postgresql | docker.io/library/postgres:16-alpine | - | Database |
| redis | docker.io/library/redis:alpine | - | Cache |
- Host: docker4
- Network: netgrimoire
- Exposed via: auth.netgrimoire.com, internal-only
- Homepage group: Management
Build & Configuration
Prerequisites
Docker Swarm manager and worker are required to deploy the stack.
Volume Setup
mkdir -p /DockerVol/Authentik/Postgres:/var/lib/postgresql/data
chown -R 1001:1964 /DockerVol/Authentik/
Environment Variables
# generate: openssl rand -hex 32
AUTHENTIK_PASSWORD=$(openssl rand -hex 32)
AUTHENTIK_SECRET_KEY=$(openssl rand -hex 32)
Deploy
cd services/swarm/stack/authentik
set -a && source .env && set +a
docker stack config --compose-file authentik-stack.yml > resolved.yml
docker stack deploy --compose-file resolved.yml authentik
rm resolved.yml
docker stack services authentik
First Run
After the initial deployment, you need to run ./deploy.sh to complete the setup.
User Guide
Accessing authentik
| Service | URL | Purpose |
|---|---|---|
| Authentik | http://auth.netgrimoire.com | Login and manage your identity |
| PostgreSQL | - | Database for authentik |
Primary Use Cases
To use the authentik Stack, you need to register with the Authentik server. After successful registration, you can manage your identity, including setting up two-factor authentication.
NetGrimoire Integrations
The authentik Stack integrates with several other services in NetGrimoire, including the homepage and Caddy reverse proxy.
Operations
Monitoring
docker stack services authentik
docker service logs -f authentik | grep "error"
Backups
Critical data is stored on the PostgreSQL database. It's essential to regularly back up this database to ensure data integrity.
Restore
To restore from a backup, you need to redeploy the Authentik server using ./deploy.sh.
Common Failures
| Failure Mode | Symptoms | Cause | Fix |
|---|---|---|---|
| PostgreSQL Crash | Service is down | High load or data corruption | Restart PostgreSQL service |
| Redis Connection Lost | Service is down | Network issue or high load | Restart Redis service |
| Authentik Server Not Starting | No login interface | Configuration issue or database connection problem | Check .env and authentik-stack.yml files |
Changelog
| Date | Commit | Summary |
|---|---|---|
| 2026-04-29 | d4fdcd33 | Initial documentation generation |
| 2026-01-20 | 061ab0c2 | Improved environment variable management |
| 2026-01-18 | 563baf2f | Fixed Authentik server startup issue |
| 2026-01-10 | 1a374911 | Updated service labels and documentation |
Notes
- Generated by Gremlin on 2026-04-29T19:05:09.746Z
- Source: swarm/authentik.yaml
- Review User Guide and Changelog sections