# documentation: https://pocket-id.org/docs/setup/installation
# slogan: A simple and secure OIDC provider with passkey authentication
# category: auth
# tags: identity,oidc,oauth,passkey,webauthn,authentication,sso,openid
# logo: svgs/pocketid-logo.png
# port: 1411

services:
  pocket-id:
    image: ghcr.io/pocket-id/pocket-id:v1.13
    environment:
      - SERVICE_URL_POCKETID_1411
      - APP_URL=${SERVICE_URL_POCKETID}
      - TRUST_PROXY=${TRUST_PROXY:-true}
      - MAXMIND_LICENSE_KEY=${MAXMIND_LICENSE_KEY}
      - SMTP_HOST=${SMTP_HOST}
      - SMTP_PORT=${SMTP_PORT:-587}
      - SMTP_FROM=${SMTP_FROM}
      - SMTP_USER=${SMTP_USER}
      - SMTP_PASSWORD=${SMTP_PASSWORD}
      - SMTP_TLS=${SMTP_TLS:-starttls}
      - SMTP_SKIP_CERT_VERIFY=${SMTP_SKIP_CERT_VERIFY:-false}
      - EMAIL_LOGIN_NOTIFICATION_ENABLED=${EMAIL_LOGIN_NOTIFICATION_ENABLED:-false}
      - EMAIL_ONE_TIME_ACCESS_AS_ADMIN_ENABLED=${EMAIL_ONE_TIME_ACCESS_AS_ADMIN_ENABLED:-false}
      - EMAIL_API_KEY_EXPIRATION_ENABLED=${EMAIL_API_KEY_EXPIRATION_ENABLED:-false}
      - PUID=${PUID:-1000}
      - PGID=${PGID:-1000}
    volumes:
      - pocket-id-data:/app/data
    healthcheck:
      test: ["CMD", "/app/pocket-id", "healthcheck"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 10s