goauthentik-proxy (latest)
Published 2026-02-25 03:43:48 +00:00 by Bryan Mellott
Installation
docker pull gitea.bryanmellott.com/ign-images/goauthentik-proxy:latestsha256:e2e675f1feb0edf3a3b9fb861f69c5e763bfcd1fd0251cd7d6b2c7641569ebee
About this package
goauthentik.io Proxy outpost image, see https://goauthentik.io for more info.
Image Layers
| # debian.sh --arch 'amd64' out/ 'bookworm' '@1742169600' |
| ARG OPENSSL_VERSION=3.0.9 |
| ARG OPENSSL_VERSION_SUFFIX=ak-fips |
| ENV build_root=/build |
| COPY /build/output /build/fake-deb # buildkit |
| RUN |2 OPENSSL_VERSION=3.0.9 OPENSSL_VERSION_SUFFIX=ak-fips /bin/sh -c mkdir -p $build_root && apt-get update && apt-get install -y --no-install-recommends build-essential wget ca-certificates && cd ${build_root} && wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz -O openssl.tgz && tar xvf openssl.tgz && apt-get remove --purge -y wget openssl && cd $build_root/openssl-${OPENSSL_VERSION} && sed -i "s:BUILD_METADATA=:BUILD_METADATA=${OPENSSL_VERSION_SUFFIX}:" VERSION.dat && ./config fips $cryptography_ssl_options && make depend && make -j$(nproc) && make install_sw install_ssldirs install_fips && (cp -r /usr/local/lib64/* /usr/local/lib/ || true) && openssl fipsinstall -out /usr/local/ssl/fipsmodule.cnf -module $(find /usr/local/lib -name fips.so) && sed -i "s:# .include fipsmodule.cnf:.include /usr/local/ssl/fipsmodule.cnf:" /usr/local/ssl/openssl.cnf && sed -i 's:# fips = fips_sect:fips = fips_sect:' /usr/local/ssl/openssl.cnf && sed -i 's:# \[provider_sect\]:\[provider_sect\]:' /usr/local/ssl/openssl.cnf && apt-get remove --purge -y build-essential && apt-get autoremove --purge -y && rm -rf /var/lib/apt/lists/* && dpkg -i ${build_root}/fake-deb/*deb && apt-mark hold libssl-dev libssl3 openssl && rm -rf ${build_root} && ln -s /usr/local/bin/openssl /usr/bin/openssl && sed -i 's:# activate = 1:activate = 1:' /usr/local/ssl/openssl.cnf && echo "\n[algorithm_sect]\ndefault_properties = fips=yes" >> /usr/local/ssl/openssl.cnf # buildkit |
| RUN |2 OPENSSL_VERSION=3.0.9 OPENSSL_VERSION_SUFFIX=ak-fips /bin/sh -c apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends ca-certificates wget && apt-get clean && rm -rf /var/lib/apt/lists/* # buildkit |
| ENV SSL_CERT_DIR=/etc/ssl/certs |
| ARG VERSION=refs/tags/version/2025.2.4 |
| ARG GIT_BUILD_HASH |
| ENV GIT_BUILD_HASH= |
| LABEL org.opencontainers.image.url=https://goauthentik.io |
| LABEL org.opencontainers.image.description=goauthentik.io Proxy outpost image, see https://goauthentik.io for more info. |
| LABEL org.opencontainers.image.source=https://github.com/goauthentik/authentik |
| LABEL org.opencontainers.image.version=refs/tags/version/2025.2.4 |
| LABEL org.opencontainers.image.revision= |
| RUN |2 VERSION=refs/tags/version/2025.2.4 GIT_BUILD_HASH= /bin/sh -c apt-get update && apt-get upgrade -y && apt-get clean && rm -rf /tmp/* /var/lib/apt/lists/* # buildkit |
| COPY /go/proxy / # buildkit |
| COPY /static/robots.txt /web/robots.txt # buildkit |
| COPY /static/security.txt /web/security.txt # buildkit |
| COPY /static/dist/ /web/dist/ # buildkit |
| COPY /static/authentik/ /web/authentik/ # buildkit |
| HEALTHCHECK &{["CMD" "/proxy" "healthcheck"] "5s" "0s" "3s" "0s" '\x14'} |
| EXPOSE map[9000/tcp:{} 9300/tcp:{} 9443/tcp:{}] |
| USER 1000 |
| ENV GOFIPS=1 |
| ENTRYPOINT ["/proxy"] |
Labels
| Key | Value |
|---|---|
| org.opencontainers.image.description | goauthentik.io Proxy outpost image, see https://goauthentik.io for more info. |
| org.opencontainers.image.revision | |
| org.opencontainers.image.source | https://github.com/goauthentik/authentik |
| org.opencontainers.image.url | https://goauthentik.io |
| org.opencontainers.image.version | refs/tags/version/2025.2.4 |