website/docs: add air-gapped docs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
e73606b54d
commit
34fbf3941b
40
website/docs/installation/air-gapped.md
Normal file
40
website/docs/installation/air-gapped.md
Normal file
|
@ -0,0 +1,40 @@
|
|||
---
|
||||
title: Air-gapped environments
|
||||
---
|
||||
|
||||
## Outbound connections
|
||||
|
||||
By default, authentik creates outbound connections to the following URLs:
|
||||
|
||||
- https://version.goauthentik.io: Periodic update check
|
||||
- https://goauthentik.io: Anonymous analytics on startup
|
||||
- https://secure.gravatar.com: Avatars for users
|
||||
- https://sentry.beryju.org: Error reporting
|
||||
|
||||
To disable these outbound connections, set the following in your `.env` file:
|
||||
|
||||
```
|
||||
AUTHENTIK_DISABLE_UPDATE_CHECK=true
|
||||
AUTHENTIK_ERROR_REPORTING__ENABLED=false
|
||||
AUTHENTIK_DISABLE_STARTUP_ANALYTICS=true
|
||||
AUTHENTIK_AVATARS=none
|
||||
```
|
||||
|
||||
For a Helm-based install, set the following in your values.yaml file:
|
||||
|
||||
```yaml
|
||||
authentik:
|
||||
avatars: none
|
||||
error_reporting:
|
||||
enabled: false
|
||||
disable_update_check: true
|
||||
disable_startup_analytics: true
|
||||
```
|
||||
|
||||
## Container images
|
||||
|
||||
Container images can be pulled from the following URLs:
|
||||
|
||||
- goauthentik.io/server (https://goauthentik.io)
|
||||
- ghcr.io/goauthentik/server (https://ghcr.io)
|
||||
- beryju/authentik (https://index.docker.io)
|
|
@ -88,10 +88,6 @@ Disable the inbuilt update-checker. Defaults to `false`.
|
|||
|
||||
Whether or not to send personal data, like usernames. Defaults to `false`.
|
||||
|
||||
### AUTHENTIK_DISABLE_UPDATE_CHECK
|
||||
|
||||
Optionally disable the update check. Defaults to `false`.
|
||||
|
||||
### AUTHENTIK_EMAIL
|
||||
|
||||
- `AUTHENTIK_EMAIL__HOST`
|
||||
|
@ -144,7 +140,7 @@ Optionally disable the update check. Defaults to `false`.
|
|||
Configure how authentik should show avatars for users. Following values can be set:
|
||||
|
||||
- `none`: Disables per-user avatars and just shows a 1x1 pixel transparent picture
|
||||
- `gravatar`: Uses gravatar with the user's email address
|
||||
- `gravatar`: Uses gravatar with the user's email address (default)
|
||||
- Any URL: If you want to use images hosted on another server, you can set any URL.
|
||||
|
||||
Additionally, these placeholders can be used:
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
title: authentik behind a reverse-proxy
|
||||
title: Reverse-proxy
|
||||
---
|
||||
|
||||
If you want to access authentik behind a reverse-proxy, use a config like this. It is important that Websocket is enabled, so that Outposts can connect.
|
||||
|
|
|
@ -26,6 +26,7 @@ module.exports = {
|
|||
"installation/configuration",
|
||||
"installation/reverse-proxy",
|
||||
"installation/automated-install",
|
||||
"installation/air-gapped",
|
||||
],
|
||||
},
|
||||
{
|
||||
|
|
Reference in a new issue