Dan dan

0 Followers · 0 Following

• Joined on 2025-12-11

Repositories

1

Projects Packages Public Activity Starred Repositories

authentik (2026.2.2-deb13u2.20260505)

Published 2026-05-05 07:00:47 +00:00 by dan

Installation

Pull the image from the command line:

docker pull gitea.coffee-anon.com/dan/authentik:2026.2.2-deb13u2.20260505

Digest

sha256:25302860e969908d54c96abd3d53a519c10f592a169f6a00a10ad5acd1acfa33

For more information on the Container registry, see the documentation.

About this package

goauthentik.io Main server image, see https://goauthentik.io for more info.

Image Layers

# debian.sh --arch 'amd64' out/ 'trixie' '@1768176000'

RUN /bin/sh -c dpkg -i /output/libssl-dev_* /output/libssl3t64_* /output/openssl_* && apt-mark hold libssl-dev libssl3t64 openssl && /build/fipsinstall.sh && apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends ca-certificates wget curl && apt-get clean && rm -rf /var/lib/apt/lists/* # buildkit

ARG XMLSEC_VERSION=1.3.9

RUN |1 XMLSEC_VERSION=1.3.9 /bin/sh -c cd /scripts && ./xmlsec.sh # buildkit

ARG PYTHON_VERSION=3.14.2

ARG PYTHON_VERSION_TAG=ak-fips-04acc27

ENV PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

RUN |2 PYTHON_VERSION=3.14.2 PYTHON_VERSION_TAG=ak-fips-04acc27 /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates netbase tzdata ; apt-get dist-clean # buildkit

ENV GPG_KEY=7169605F62C751356D054A26A821E680E5FA6305

RUN |2 PYTHON_VERSION=3.14.2 PYTHON_VERSION_TAG=ak-fips-04acc27 /bin/sh -c set -eux; savedAptMark="$(apt-mark showmanual)"; apt-get update; apt-get install -y --no-install-recommends dpkg-dev gcc gnupg libbluetooth-dev libbz2-dev libc6-dev libdb-dev libffi-dev libgdbm-dev liblzma-dev libncursesw5-dev libreadline-dev libsqlite3-dev make tk-dev uuid-dev wget xz-utils zlib1g-dev ; wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; mkdir -p /usr/src/python; tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; rm python.tar.xz; cd /usr/src/python; gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; ./configure --build="$gnuArch" --enable-loadable-sqlite-extensions --enable-optimizations --enable-option-checking=fatal --enable-shared $(test "${gnuArch%%-*}" != 'riscv64' && echo '--with-lto') --with-ensurepip ; sed -i 's/^GITTAG=.*/GITTAG=echo ${PYTHON_VERSION_TAG}/g' Makefile; sed -i 's/^GITBRANCH=.*/GITBRANCH=echo ${PYTHON_VERSION_TAG}/g' Makefile; nproc="$(nproc)"; EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; LDFLAGS="${LDFLAGS:--Wl},--strip-all"; arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; case "$arch" in amd64|arm64) EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; ;; i386) ;; *) EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; ;; esac; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:-}" ; rm python; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" python ; make install; cd /; rm -rf /usr/src/python; find /usr/local -depth \( \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \) -exec rm -rf '{}' + ; ldconfig; apt-mark auto '.*' > /dev/null; apt-mark manual $savedAptMark; find /usr/local -type f -executable -not \( -name '*tkinter*' \) -exec ldd '{}' ';' | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "*%s\n", so }' | sort -u | xargs -rt dpkg-query --search | awk 'sub(":$", "", $1) { print $1 }' | sort -u | xargs -r apt-mark manual ; apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; apt-get dist-clean; export PYTHONDONTWRITEBYTECODE=1; python3 --version; pip3 --version # buildkit

RUN |2 PYTHON_VERSION=3.14.2 PYTHON_VERSION_TAG=ak-fips-04acc27 /bin/sh -c set -eux; for src in idle3 pip3 pydoc3 python3 python3-config; do dst="$(echo "$src" | tr -d 3)"; [ -s "/usr/local/bin/$src" ]; [ ! -e "/usr/local/bin/$dst" ]; ln -svT "$src" "/usr/local/bin/$dst"; done # buildkit

CMD ["python3"]

ENV VENV_PATH=/ak-root/.venv PATH=/lifecycle:/ak-root/.venv/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin UV_COMPILE_BYTECODE=1 UV_LINK_MODE=copy UV_NATIVE_TLS=1 UV_PYTHON_DOWNLOADS=0

WORKDIR /ak-root/

COPY /uv /uvx /bin/ # buildkit

ARG VERSION=refs/tags/version/2026.2.2

ARG GIT_BUILD_HASH

ENV GIT_BUILD_HASH=

LABEL org.opencontainers.image.authors=Authentik Security Inc. org.opencontainers.image.source=https://github.com/goauthentik/authentik org.opencontainers.image.description=goauthentik.io Main server image, see https://goauthentik.io for more info. org.opencontainers.image.documentation=https://docs.goauthentik.io org.opencontainers.image.licenses=https://github.com/goauthentik/authentik/blob/main/LICENSE org.opencontainers.image.revision= org.opencontainers.image.source=https://github.com/goauthentik/authentik org.opencontainers.image.title=authentik server image org.opencontainers.image.url=https://goauthentik.io org.opencontainers.image.vendor=Authentik Security Inc. org.opencontainers.image.version=refs/tags/version/2026.2.2

WORKDIR /

RUN |2 VERSION=refs/tags/version/2026.2.2 GIT_BUILD_HASH= /bin/sh -c apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends libpq5 libmaxminddb0 ca-certificates krb5-multidev libkrb5-3 libkdb5-10 libkadm5clnt-mit12 heimdal-multidev libkadm5clnt7t64-heimdal libltdl7 libxslt1.1 && apt-get install -y --no-install-recommends runit && pip3 install --no-cache-dir --upgrade pip && apt-get clean && rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/ && adduser --system --no-create-home --uid 1000 --group --home /authentik authentik && mkdir -p /certs /data /media /blueprints && ln -s /media /data/media && mkdir -p /authentik/.ssh && mkdir -p /ak-root && chown authentik:authentik /certs /data /data/media /media /authentik/.ssh /ak-root # buildkit

COPY ./authentik/ /authentik # buildkit

COPY ./pyproject.toml / # buildkit

COPY ./uv.lock / # buildkit

COPY ./schemas /schemas # buildkit

COPY ./locale /locale # buildkit

COPY ./tests /tests # buildkit

COPY ./manage.py / # buildkit

COPY ./blueprints /blueprints # buildkit

COPY ./lifecycle/ /lifecycle # buildkit

COPY ./authentik/sources/kerberos/krb5.conf /etc/krb5.conf # buildkit

COPY /go/authentik /bin/authentik # buildkit

COPY ./packages/ /ak-root/packages # buildkit

RUN |2 VERSION=refs/tags/version/2026.2.2 GIT_BUILD_HASH= /bin/sh -c ln -s /ak-root/packages /packages # buildkit

COPY /ak-root/.venv /ak-root/.venv # buildkit

COPY /work/web/dist/ /web/dist/ # buildkit

COPY /work/web/authentik/ /web/authentik/ # buildkit

COPY /usr/share/GeoIP /geoip # buildkit

USER 1000

ENV TMPDIR=/dev/shm/ PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 GOFIPS=1

HEALTHCHECK &{["CMD" "ak" "healthcheck"] "30s" "30s" "1m0s" "0s" '\x03'}

ENTRYPOINT ["dumb-init" "--" "ak"]

USER 0

RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --only-upgrade --no-install-recommends --allow-change-held-packages openssl libssl3t64 libssl-dev openssl-provider-legacy; rm -rf /var/lib/apt/lists/*; INSTALLED=$(dpkg-query -W -f='${Version}' libssl3t64); case "$INSTALLED" in 3.5.5-1~deb13u2|3.5.5-1~deb13u[3-9]|3.5.[6-9]*|3.[6-9].*|[4-9].*) echo "OK: libssl3t64=$INSTALLED meets fix floor 3.5.5-1~deb13u2";; *) echo "FATAL: libssl3t64=$INSTALLED below fix floor 3.5.5-1~deb13u2"; exit 1;; esac # buildkit

USER 1000

Labels

Key	Value
org.opencontainers.image.authors	Authentik Security Inc.
org.opencontainers.image.description	goauthentik.io Main server image, see https://goauthentik.io for more info.
org.opencontainers.image.documentation	https://docs.goauthentik.io
org.opencontainers.image.licenses	https://github.com/goauthentik/authentik/blob/main/LICENSE
org.opencontainers.image.revision
org.opencontainers.image.source	https://github.com/goauthentik/authentik
org.opencontainers.image.title	authentik server image
org.opencontainers.image.url	https://goauthentik.io
org.opencontainers.image.vendor	Authentik Security Inc.
org.opencontainers.image.version	refs/tags/version/2026.2.2

Details

Container

2026-05-05 07:00:47 +00:00

25

OCI / Docker

linux/amd64

Authentik Security Inc.

https://github.com/goauthentik/authentik/blob/main/LICENSE

Project Site

Repository Site

Documentation Site

344 MiB

Versions (1) View all

2026.2.2-deb13u2.20260505 2026-05-05