diff --git a/docker-compose.yml b/docker-compose.yml index acc5baf61..d3971f525 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,6 +31,7 @@ services: volumes: - ./media:/media - ./custom-templates:/templates + - geoip:/geoip ports: - 8000 networks: @@ -61,6 +62,7 @@ services: - ./backups:/backups - /var/run/docker.sock:/var/run/docker.sock - ./custom-templates:/templates + - geoip:/geoip env_file: - .env static: @@ -93,10 +95,21 @@ services: - "127.0.0.1:8080:8080" networks: - internal + geoipupdate: + image: "maxmindinc/geoipupdate:latest" + volumes: + - "geoip:/usr/share/GeoIP" + environment: + GEOIPUPDATE_EDITION_IDS: "GeoLite2-City" + GEOIPUPDATE_FREQUENCY: "8" + env_file: + - .env volumes: database: driver: local + geoip: + driver: local networks: internal: {} diff --git a/website/docs/installation/docker-compose.md b/website/docs/installation/docker-compose.md index b0cac81a5..1ffd9483a 100644 --- a/website/docs/installation/docker-compose.md +++ b/website/docs/installation/docker-compose.md @@ -20,7 +20,7 @@ To optionally deploy a different version run `echo AUTHENTIK_TAG=2021.3.3 >> .en If this is a fresh authentik install run the following commands to generate a password: -``` +```shell sudo apt-get install -y pwgen echo "PG_PASS=$(pwgen 40 1)" >> .env echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env @@ -32,7 +32,7 @@ It is also recommended to configure global email credentials. These are used by Append this block to your `.env` file -``` +```shell # SMTP Host Emails are sent to AUTHENTIK_EMAIL__HOST=localhost AUTHENTIK_EMAIL__PORT=25 @@ -48,11 +48,27 @@ AUTHENTIK_EMAIL__TIMEOUT=10 AUTHENTIK_EMAIL__FROM=authentik@localhost ``` +## GeoIP configuration (optional) + +authentik can use a MaxMind-formatted GeoIP Database to extract location data from IPs. You can then use this location data in policies, and location data is saved in events. + +To configure GeoIP, sign up for a free MaxMind account [here](https://www.maxmind.com/en/geolite2/signup). + +After you have your account ID and license key, add the following block to your `.env` file: + +```shell +GEOIPUPDATE_ACCOUNT_ID=*your account ID* +GEOIPUPDATE_LICENSE_KEY=* your license key* +AUTHENTIK_AUTHENTIK__GEOIP=/geoip/GeoLite2-City.mmdb +``` + +The GeoIP database will automatically be updated every 8 hours. + ## Startup Afterwards, run these commands to finish -``` +```shell docker-compose pull docker-compose up -d docker-compose run --rm server migrate