bkb.arcnode.xyz
AtAuth
1# ATAuth - Self-Hosted AT Protocol Authentication
2#
3# Quick Start:
4# 1. cp gateway/.env.example .env
5# 2. Edit .env -- set your domain and generate secrets
6# 3. docker compose up -d
7# 4. Open https://your-domain/admin/login
8
9services:
10 atauth:
11 build:
12 context: ./gateway
13 dockerfile: Dockerfile
14 image: ghcr.io/cache8063/atauth-gateway:latest
15 container_name: atauth-gateway
16 restart: unless-stopped
17 security_opt:
18 - no-new-privileges:true
19 read_only: true
20 tmpfs:
21 - /tmp
22 deploy:
23 resources:
24 limits:
25 memory: 512M
26 cpus: '1.0'
27 ports:
28 # Bind to localhost only -- use a reverse proxy for external access
29 - "127.0.0.1:3100:3100"
30 env_file: .env
31 environment:
32 # Override DB_PATH for container volume mount
33 - DB_PATH=/app/data/gateway.db
34 volumes:
35 - atauth-data:/app/data
36 healthcheck:
37 test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:3100/health"]
38 interval: 30s
39 timeout: 3s
40 retries: 3
41 start_period: 10s
42 labels:
43 # Traefik labels (uncomment if using Traefik)
44 # - "traefik.enable=true"
45 # - "traefik.http.routers.atauth.rule=Host(`auth.example.com`)"
46 # - "traefik.http.routers.atauth.entrypoints=websecure"
47 # - "traefik.http.routers.atauth.tls.certresolver=letsencrypt"
48 # - "traefik.http.services.atauth.loadbalancer.server.port=3100"
49
50 # Homepage dashboard (optional)
51 - "homepage.group=Authentication"
52 - "homepage.name=ATAuth Gateway"
53 - "homepage.icon=lock"
54 - "homepage.description=AT Protocol SSO Gateway"
55
56volumes:
57 atauth-data:
58 driver: local