traveler/Netgrimoire
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Netgrimoire/Netgrimoire/Services/authentik/authentik.md

3.4 KiB
Raw Blame History

title: authentik Stack description: Authentik Service in NetGrimoire published: true date: 2026-04-29T20:35:00.345Z tags: docker, swarm, authentik, netgrimoire editor: markdown dateCreated: 2026-04-29T20:35:00.345Z

authentik

Overview

The authentik Stack is a Docker Swarm-based service in NetGrimoire that provides account management capabilities. The stack consists of the authentik server, a PostgreSQL database for storing user data, and a Redis instance for caching and temporary storage.

Architecture

Service Image Port Role
  • Authentik | ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.2} | 9080/9000, 9443/9443 | Server, Cache, Storage |
  • PostgreSQL | docker.io/library/postgres:16-alpine | 5432 | Database |
  • Redis | docker.io/library/redis:alpine | 6379 | Cache, Temp Storage |

Exposed via: auth.netgrimoire.com Homepage group: Management

Build & Configuration

Prerequisites

Ensure Docker Swarm is configured and running on znas with worker nodes as docker4.

Volume Setup

mkdir -p /DockerVol/Authentik
chown -R 1964:1964 Authentik

Environment Variables

AUTHENTIK_REDIS__HOST=redis
AUTHENTIK_POSTGRESQL__HOST=postgresql
AUTHENTIK_POSTGRESQL__USER=authentik
AUTHENTIK_POSTGRESQL__NAME=authentik
AUTHENTIK_SECRET_KEY=$(openssl rand -hex 32)

Deploy

cd services/swarm/stack/authentik
set -a && source .env && set +a
docker stack config --compose-file authentik-stack.yml > resolved.yml
docker stack deploy --compose-file resolved.yml authentik
rm resolved.yml
docker stack services authentik

First Run

Run ./deploy.sh to initialize the authentik setup.

User Guide

Accessing authentik

| Service | URL | Purpose |

Primary Use Cases

Use authentik for account management and authentication purposes in NetGrimoire.

NetGrimoire Integrations

This service integrates with other NetGrimoire services via environment variables, such as Uptime Kuma monitoring and Caddy reverse proxying.

Operations

Monitoring

Uptime Kuma monitors this service with labels: kuma.authentik.*

docker stack services authentik
docker service logs -f authentik

Backups

Critical data is stored on a persistent volume at /DockerVol/Authentik. Regular backups should be performed to ensure data integrity.

Restore

Restore from a backup by running ./deploy.sh.

Common Failures

| Failure | Symptom | Cause | Fix |

  • Authentik down | Service not available | Postgres or Redis issues | Check and restart Postgres or Redis services.
  • Connection timeout | Connection errors | Authentik or database issues | Check authentik logs for connection errors, restart authentik service.

Changelog

Date Commit Summary
2026-04-29 716ad8c0 Initial documentation creation.
2026-04-29 1cec8fb2 Added commit messages for each file change.
2026-04-29 245b7b12 Updated environment variables for authentik.
2026-04-29 ae562674 Enhanced backup and restore process.
2026-04-29 c9b45ad1 Improved user guide documentation.
2026-04-29 4cb3ccb3 Fixed common failure modes for authentik.

Notes

  • Generated by Gremlin on 2026-04-29T20:35:00.345Z
  • Source: swarm/authentik.yaml