Set up PocketID login

2025-07-03 16:24:03 -04:00 · 2025-07-03 16:24:03 -04:00 · 1c34e0cb07
commit 1c34e0cb07
parent c518a377fd
7 changed files with 75 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -1,22 +1,31 @@
 # auth-server
-The configs, tweaks, and pieces that make up the `login.starcat.systems` Authentik server.
+The configs, tweaks, and pieces that make up the `id.starcat.systems` accounts server.
 [![Forgejo Last Commit (main)](https://img.shields.io/gitea/last-commit/starcat-infra/auth-server/main?gitea_url=https%3A%2F%2Fgit.starcat.systems&style=flat&logo=git&logoColor=fff&logoSize=auto&label=last%20commit%20(main))](https://git.starcat.systems/starcat-infra/auth-server/src/branch/main)
 ## Contents
 -   `pockey-id`:
    -   `docker-compose.yml`: the Docker Compose file that runs Pocket ID
    -   `.env`: environment variables to configure Pocket ID
 -   `caddy`:
    -   `Caddyfile`: the Caddy server configuration (reverse proxies Pocket ID)
 ## More Information
 For more information on this repo, please see [Pocket ID in the handbook](https://about.starcat.systems/handbook/infrastructure/security/pocket-id/).
 ## Repo Mirrors
 Repo contents are automatically pushed to the following mirrors:
-[![Main Forge Badge](https://img.shields.io/badge/git.starcat.systems-main-4BC61D?style=flat&logo=forgejo&logoColor=fff&logoSize=auto)](https://git.starcat.systems/starcat-infra/git-server)
+[![Main Forge Badge](https://img.shields.io/badge/git.starcat.systems-main-4BC61D?style=flat&logo=forgejo&logoColor=fff&logoSize=auto)](https://git.starcat.systems/starcat-infra/auth-server)
-[![SourceHut Badge](https://img.shields.io/badge/sourcehut-mirror-blue?style=flat&logo=sourcehut&logoColor=fff&logoSize=auto)](https://git.sr.ht/~starcatsys/git-server)
+[![SourceHut Badge](https://img.shields.io/badge/sourcehut-mirror-blue?style=flat&logo=sourcehut&logoColor=fff&logoSize=auto)](https://git.sr.ht/~starcatsys/auth-server)
-[![GitLab Badge](https://img.shields.io/badge/GitLab-mirror-blue?style=flat&logo=gitlab&logoColor=fff&logoSize=auto)](https://gitlab.com/starcatsys-mirror/starcat-infra/git-server)
+[![GitLab Badge](https://img.shields.io/badge/GitLab-mirror-blue?style=flat&logo=gitlab&logoColor=fff&logoSize=auto)](https://gitlab.com/starcatsys-mirror/starcat-infra/auth-server)
-⚠️ **These mirrors are not routinely monitored.** All issues and pull requests should be directed to the [main forge](https://git.starcat.systems/starcat-infra/git-server).
+⚠️ **These mirrors are not routinely monitored.** All issues and pull requests should be directed to the [main forge](https://git.starcat.systems/starcat-infra/auth-server).
 *[Why do we mirror some repos?](https://about.starcat.systems/handbook/infrastructure/code/mirroring/)*
 # Licensing Note
-The changes and customizations to configurations, projects, and files in this repo are released under the MIT license. Other files, including those from Authentik, Caddy, and images/logos may be released under different licenses.
+The changes and customizations to configurations, projects, and files in this repo are released under the MIT license. Other files, including those from Pocket ID, Caddy, and images/logos may be released under different licenses.
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@ -0,0 +1,10 @@
 ##############################################################################
 # Caddyfile for PocketID
 # /etc/caddy/Caddyfile
 # After modifying, gracefully reload Caddy with `sudo systemctl reload caddy`
 ##############################################################################
 # Reverse proxy for PocketID
 id.starcat.systems {
  reverse_proxy 127.0.0.1:1411
 }
--- a/goauthentik.png
+++ b/goauthentik.png
--- a/pocket-id.png
+++ b/pocket-id.png
--- a/pocket-id/.env
+++ b/pocket-id/.env
@ -0,0 +1,11 @@
 # Pocket ID .env app configuration
 # Configures the Pocket ID application
 # File location: /srv/pocket-id/.env
 # More information - git repo: https://git.starcat.systems/starcat-infra/auth-server
 # More information - handbook: https://about.starcat.systems/handbook/infrastructure/security/pocket-id/
 # See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables
 APP_URL=https://id.starcat.systems
 TRUST_PROXY=true
 MAXMIND_LICENSE_KEY=*REDACTED*
 PUID=1000
 PGID=1000
--- a/pocket-id/README.md
+++ b/pocket-id/README.md
@ -0,0 +1,20 @@
 # Pocket ID README
 ## what
 The Docker Compose and `.env` files that run Pocket ID
 ## where
 ```
 /srv/pocket-id/docker-compose.yml
 /srv/pocket-id/.env
 ```
 ## redacted values
 For security, secrets have been redacted from this file. StarCat team members can find these values in [1Password](https://start.1password.com/open/i?a=B5NVCNGFJBCCLCDCN5FKFPGVBI&v=35hhast2kp5lgw3iud374426oa&i=ahsb5ohjmkyvfuoudj564xucgy&h=starcatsys.1password.com). Soon, these values will be autofilled from Vault when the container starts.
 ## making changes
 If you make changes to `.env` or need to upgrade Pocket ID, just pull the latest image and restart the service:
 ```
 docker compose pull
 docker compose up -d
 ```
--- a/pocket-id/docker-compose.yml
+++ b/pocket-id/docker-compose.yml
@ -0,0 +1,19 @@
 # Docker Compose file for PocketID
 # Location: /srv/pocket-id/docker-compose.yml
 services:
  pocket-id:
    image: ghcr.io/pocket-id/pocket-id:v1
    restart: unless-stopped
    env_file: .env
    ports:
      - 1411:1411
    volumes:
      - "./data:/app/data"
    # Optional healthcheck
    healthcheck:
      test: "curl -f http://localhost:1411/healthz"
      interval: 1m30s
      timeout: 5s
      retries: 2
      start_period: 10s