Hi everyone,
I'm trying to run Authentik on docker image and run as subdomain with SSL - xxx.domain.com
Below all docker compose file:
---
version: "3.4"
services:
postgresql:
image: docker.io/library/postgres:12-alpine
restart: unless-stopped
# healthcheck:
# test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
# start_period: 20s
# interval: 30s
# retries: 5
# timeout: 5s
volumes:
- database:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${PG_PASS:?database password required}
POSTGRES_USER: ${PG_USER:-authentik}
POSTGRES_DB: ${PG_DB:-authentik}
env_file:
- .env
networks:
- backend
- proxy
redis:
image: docker.io/library/redis:alpine
command: --save 60 1 --loglevel warning
restart: unless-stopped
# healthcheck:
# test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
# start_period: 20s
# interval: 30s
# retries: 5
# timeout: 3s
volumes:
- redis:/data
networks:
- backend
- proxy
server:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.4.2}
restart: unless-stopped
command: server
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
volumes:
- ./media:/media
- ./custom-templates:/templates
env_file:
- .env
ports:
- 9000:9000
- 9443:9443
networks:
- proxy
- backend
depends_on:
- postgresql
- redis
worker:
image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.4.2}
restart: unless-stopped
command: worker
environment:
AUTHENTIK_REDIS__HOST: redis
AUTHENTIK_POSTGRESQL__HOST: postgresql
AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
# `user: root` and the docker socket volume are optional.
# See more for the docker socket integration here:
# https://goauthentik.io/docs/outposts/integrations/docker
# Removing `user: root` also prevents the worker from fixing the permissions
# on the mounted folders, so when removing this make sure the folders have the correct UID/GID
# (1000:1000 by default)
user: root
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./media:/media
- ./certs:/certs
- ./custom-templates:/templates
env_file:
- .env
depends_on:
- postgresql
- redis
networks:
- backend
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.auth.entrypoints=http"
- "traefik.http.routers.auth.rule=Host(`xxx.domain.com`)"
- "traefik.http.middlewares.auth-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.auth.middlewares=auth-https-redirect"
- "traefik.http.routers.auth-secure.entrypoints=https"
- "traefik.http.routers.auth-secure.rule=Host(`xxx.domain.com`)"
- "traefik.http.routers.auth-secure.tls=true"
- "traefik.http.routers.auth-secure.service=auth"
- "traefik.http.services.auth.loadbalancer.server.port=9000"
- "traefik.docker.network=proxy"
volumes:
database:
driver: local
redis:
driver: local
networks:
proxy:
external: true
backend:
external: true
Everything run ok but when i try to open site xxx.domain.com i have error.
2024-05-10T10:27:29+02:00 DBG github.com/traefik/traefik/v3/pkg/server/service/proxy.go:100 > 502 Bad Gateway error="dial tcp 172.18.0.7:9000: connect: connection refused"
Please help I'm trying to resolve this issue for a week 
Best regards
Marcin