wnstify · Teeko7 · Feb 15, 2026 · Feb 15, 2026
diff --git a/authentik/docker-compose.yml b/authentik/docker-compose.yml
@@ -3,74 +3,54 @@ services:
     image: docker.io/library/postgres:16-alpine
     restart: unless-stopped
     user: "1000:1000"
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
-      start_period: 20s
-      interval: 30s
-      retries: 5
-      timeout: 5s
-    volumes:
-      - ${PWD}/database:/var/lib/postgresql/data
+    env_file:
+      - .env
     environment:
+      POSTGRES_DB: ${PG_DB:-authentik}
       POSTGRES_PASSWORD: ${PG_PASS:?database password required}
       POSTGRES_USER: ${PG_USER:-authentik}
-      POSTGRES_DB: ${PG_DB:-authentik}
-    env_file:
-      - .env
-    labels:
-      - "com.centurylinklabs.watchtower.enable=true"
-    networks:
-      - your-network # Change Value
-  redis:
-    image: docker.io/library/redis:alpine
-    command: --save 60 1 --loglevel warning
-    restart: unless-stopped
-    user: "1000:1000"
     healthcheck:
-      test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
-      start_period: 20s
       interval: 30s
       retries: 5
-      timeout: 3s
+      start_period: 20s
+      test:
+        - CMD-SHELL
+        - pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}
+      timeout: 5s
     volumes:
-      - ${PWD}/redis:/data
+      - ./postgresql:/var/lib/postgresql/data
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
-    networks:
-      - your-network # Change Value
   server:
-    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.8.1}
+    image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.12.4}
+    depends_on:
+      postgresql:
+        condition: service_healthy
     restart: unless-stopped
     command: server
     environment:
-      AUTHENTIK_REDIS__HOST: redis
       AUTHENTIK_POSTGRESQL__HOST: postgresql
       AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
       AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
       AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+      AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?secret key required}
     volumes:
-      - ${PWD}/media:/media
-      - ${PWD}/custom-templates:/templates
+      - ./data:/data
+      - ./custom-templates:/templates
     env_file:
       - .env
     ports:
       - 127.0.0.1:${COMPOSE_PORT_HTTP:-9000}:9000 #Localhost only with reverse-proxy
       - 127.0.0.1:${COMPOSE_PORT_HTTPS:-9443}:9443 #Localhost only with reverse-proxy
-    depends_on:
-      postgresql:
-        condition: service_healthy
-      redis:
-        condition: service_healthy
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
     networks:
-      - your-network # Change Value
+      - your-network
   worker:
     image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2025.8.1}
     restart: unless-stopped
     command: worker
     environment:
-      AUTHENTIK_REDIS__HOST: redis
       AUTHENTIK_POSTGRESQL__HOST: postgresql
       AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
       AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
@@ -83,20 +63,17 @@ services:
     # (1000:1000 by default)
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock
-      - ${PWD}/media:/media
-      - ${PWD}/certs:/certs
-      - ${PWD}/custom-templates:/templates
+      - ./data:/data
+      - ./certs:/certs
+      - ./custom-templates:/templates
     env_file:
       - .env
     depends_on:
       postgresql:
         condition: service_healthy
-      redis:
-        condition: service_healthy
     labels:
       - "com.centurylinklabs.watchtower.enable=true"
-    networks:
-      - your-network # Change Value
 networks:
-    your-network: # Change Value
-      external: true
+  your-network:
+    external: true
+    name: your-network