You should define at least `authentik_volume_base` to point to your desired location. You may want specific volumes pointing to different places, in which case you need to override (some of) the above variables.
### Authentik
You can select the docker image version.
```yml
authentik_image_version: "2022.8.2"
```
Authentik uses a secret key, which you **must** set. You can also set the error reporting flag (see Authentik documentation)
```yml
authentik_secret_key: "changeme"
authentik_error_reporting: "false"
```
You should also define the exported authentik ports (ports mapped from docker):
```yml
authentik_port_http: 80
authentik_port_https: 443
```
You also can define a custom location for the GeoIP database:
Authentik depends on PostgreSQL. All parameters (host, port, database, credentials) are defined below and van be changed:
```yml
authentik_db_host: "postgresql"
authentik_db: "authentik"
authentik_db_user: "authentik"
authentik_db_password: "changeme"
authentik_db_port: "5432"
```
Because of a PostgreSQL limitation, only passwords up to 99 chars are supported. See [this link](https://www.postgresql.org/message-id/09512C4F-8CB9-4021-B455-EF4C4F0D55A0@amazon.com) for details.
### SMTP configuration
Authentik needs a SMTP relay to send various emails. Please change the following parameters:
```yml
authentik_email_host: "localhost"
authentik_email_port: "25"
# Optionally authenticate (don't add quotation marks to you password)
authentik_email_username:
authentik_email_password:
# Use StartTLS
authentik_email_use_tls: "false"
# Use SSL
authentik_email_use_ssl: "false"
authentik_email_timeout: "10"
# Email address authentik will send from, should have a correct @domain
authentik_email_from: "authentik@localhost"
```
### GeoIP
By default, the role installs a GeoIP container, where you require credentials. You can disable this via `authentik_geoip_container`.