starcat-infra/auth-server
starcat-infra/auth-server
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set up PocketID login

Browse source
This commit is contained in:
thhsh-local 2025-07-03 16:24:03 -04:00
parent c518a377fd
commit 1c34e0cb07
Signed by: thhsh-local
SSH key fingerprint: SHA256:bLOq3d7dN1v5+W5U6pQekP0rBm0YUtC9qvh3TDYyAsg
7 changed files with 75 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

21
README.md
View file

@ -1,22 +1,31 @@
# auth-server
The configs, tweaks, and pieces that make up the `login.starcat.systems` Authentik server.
The configs, tweaks, and pieces that make up the `id.starcat.systems` accounts server.
[![Forgejo Last Commit (main)](https://img.shields.io/gitea/last-commit/starcat-infra/auth-server/main?gitea_url=https%3A%2F%2Fgit.starcat.systems&style=flat&logo=git&logoColor=fff&logoSize=auto&label=last%20commit%20(main))](https://git.starcat.systems/starcat-infra/auth-server/src/branch/main)
## Contents
- `pockey-id`:
- `docker-compose.yml`: the Docker Compose file that runs Pocket ID
- `.env`: environment variables to configure Pocket ID
- `caddy`:
- `Caddyfile`: the Caddy server configuration (reverse proxies Pocket ID)
## More Information
For more information on this repo, please see [Pocket ID in the handbook](https://about.starcat.systems/handbook/infrastructure/security/pocket-id/).
## Repo Mirrors
Repo contents are automatically pushed to the following mirrors:
[![Main Forge Badge](https://img.shields.io/badge/git.starcat.systems-main-4BC61D?style=flat&logo=forgejo&logoColor=fff&logoSize=auto)](https://git.starcat.systems/starcat-infra/git-server)
[![Main Forge Badge](https://img.shields.io/badge/git.starcat.systems-main-4BC61D?style=flat&logo=forgejo&logoColor=fff&logoSize=auto)](https://git.starcat.systems/starcat-infra/auth-server)
[![SourceHut Badge](https://img.shields.io/badge/sourcehut-mirror-blue?style=flat&logo=sourcehut&logoColor=fff&logoSize=auto)](https://git.sr.ht/~starcatsys/git-server)
[![SourceHut Badge](https://img.shields.io/badge/sourcehut-mirror-blue?style=flat&logo=sourcehut&logoColor=fff&logoSize=auto)](https://git.sr.ht/~starcatsys/auth-server)
[![GitLab Badge](https://img.shields.io/badge/GitLab-mirror-blue?style=flat&logo=gitlab&logoColor=fff&logoSize=auto)](https://gitlab.com/starcatsys-mirror/starcat-infra/git-server)
[![GitLab Badge](https://img.shields.io/badge/GitLab-mirror-blue?style=flat&logo=gitlab&logoColor=fff&logoSize=auto)](https://gitlab.com/starcatsys-mirror/starcat-infra/auth-server)
⚠️ **These mirrors are not routinely monitored.** All issues and pull requests should be directed to the [main forge](https://git.starcat.systems/starcat-infra/git-server).
⚠️ **These mirrors are not routinely monitored.** All issues and pull requests should be directed to the [main forge](https://git.starcat.systems/starcat-infra/auth-server).
*[Why do we mirror some repos?](https://about.starcat.systems/handbook/infrastructure/code/mirroring/)*
# Licensing Note
The changes and customizations to configurations, projects, and files in this repo are released under the MIT license. Other files, including those from Authentik, Caddy, and images/logos may be released under different licenses.
The changes and customizations to configurations, projects, and files in this repo are released under the MIT license. Other files, including those from Pocket ID, Caddy, and images/logos may be released under different licenses.

10
caddy/Caddyfile Normal file
View file

@ -0,0 +1,10 @@
##############################################################################
# Caddyfile for PocketID
# /etc/caddy/Caddyfile
# After modifying, gracefully reload Caddy with `sudo systemctl reload caddy`
##############################################################################
# Reverse proxy for PocketID
id.starcat.systems {
reverse_proxy 127.0.0.1:1411
}

BIN
goauthentik.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 1.4 KiB

BIN
pocket-id.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 4.4 KiB

11
pocket-id/.env Normal file
View file

@ -0,0 +1,11 @@
# Pocket ID .env app configuration
# Configures the Pocket ID application
# File location: /srv/pocket-id/.env
# More information - git repo: https://git.starcat.systems/starcat-infra/auth-server
# More information - handbook: https://about.starcat.systems/handbook/infrastructure/security/pocket-id/
# See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables
APP_URL=https://id.starcat.systems
TRUST_PROXY=true
MAXMIND_LICENSE_KEY=*REDACTED*
PUID=1000
PGID=1000

20
pocket-id/README.md Normal file
View file

@ -0,0 +1,20 @@
# Pocket ID README
## what
The Docker Compose and `.env` files that run Pocket ID
## where
```
/srv/pocket-id/docker-compose.yml
/srv/pocket-id/.env
```
## redacted values
For security, secrets have been redacted from this file. StarCat team members can find these values in [1Password](https://start.1password.com/open/i?a=B5NVCNGFJBCCLCDCN5FKFPGVBI&v=35hhast2kp5lgw3iud374426oa&i=ahsb5ohjmkyvfuoudj564xucgy&h=starcatsys.1password.com). Soon, these values will be autofilled from Vault when the container starts.
## making changes
If you make changes to `.env` or need to upgrade Pocket ID, just pull the latest image and restart the service:
```
docker compose pull
docker compose up -d
```

19
pocket-id/docker-compose.yml Normal file
View file

@ -0,0 +1,19 @@
# Docker Compose file for PocketID
# Location: /srv/pocket-id/docker-compose.yml
services:
pocket-id:
image: ghcr.io/pocket-id/pocket-id:v1
restart: unless-stopped
env_file: .env
ports:
- 1411:1411
volumes:
- "./data:/app/data"
# Optional healthcheck
healthcheck:
test: "curl -f http://localhost:1411/healthz"
interval: 1m30s
timeout: 5s
retries: 2
start_period: 10s