1
Step 1Open the server Apps tab
Select your VPS, open the Apps tab, and start a new app deployment. Keep sensitive server details hidden before capturing or sharing screenshots.
Back to all templates
Authentik
Development1024MB+ RAM
Modern identity provider with advanced features
authidentityssomodern
Deploy Authentik in 3 Steps
1
Connect Your VPS
Add your server credentials to Server Compass
2
Select Authentik
Choose from our template library
3
Deploy & Configure
Fill in settings and click Deploy
No Docker knowledge required
Step-by-step deployment guide
Deploy Authentik on a VPS with Server Compass
Use the Authentik template in Server Compass to deploy a self-hosted identity and access management server with Postgres on your VPS, then verify the Authentik web UI in a browser.
About 7 minutesBrowser verified
2
Step 2Choose an app template
Click New App and choose the template deployment path so Server Compass can load the built-in catalog.
3
Step 3Search for Authentik
Use the template picker search to find Authentik in the Server Compass template catalog.
4
Step 4Select the Authentik template
Choose the Authentik template. Server Compass fills the Authentik web service, HTTPS port, secret key, and Postgres password.
5
Step 5Review the Authentik settings
Confirm the app name and compose services. In this run, the app was named authentik-demo and used host port 9000.
6
Step 6Deploy Authentik
Review the generated environment values, confirm the port is available, and click Deploy Now.
7
Step 7Watch the deployment progress
Keep the deployment modal open while Server Compass uploads the compose file, pulls the Authentik image, starts the container, and verifies the stack.
8
Step 8Confirm Authentik is running
After deployment finishes, return to the Apps tab and confirm the Authentik app is marked Running with its application URL available.
9
Step 9Open Authentik in the browser
Open the application URL in a browser. The Authentik web UI confirms the stack is reachable.
After Authentik Opens
- Complete the initial Authentik setup flow before production use.
- Configure HTTPS, applications, providers, outposts, users, groups, SMTP, and production settings before exposing Authentik to users.
- Add a domain and HTTPS before exposing Authentik to users.
- Back up the Authentik Postgres volume before relying on it for production identity data.
Authentik deployment questions
What does the Authentik template deploy?
It deploys Authentik with a Postgres database service.
Which port did the tutorial use?
The tutorial verified Authentik on host port 9000, which maps to the Authentik web service on container port 9000.
Why does the guide stop at the first-run web UI?
The tutorial verifies the clean Authentik initial setup web UI because applications, providers, users, groups, and outposts depend on the production server.
Should this become a blog post?
No. The deployment guide should live on the Authentik template detail page and be linked from the reusable template deployment docs page.
Manual Setup Guide
Set Up Authentik from Terminal
Get your hands dirty: manual Authentik deployment guide for developers.
1
Connect to Your VPS via SSH
Fire up your terminal application and establish a connection to your remote server.
terminal
# Access your VPS
ssh root@YOUR_SERVER_IP
# With SSH key authentication
ssh -i ~/.ssh/your-private-key root@YOUR_SERVER_IPFirst time? Ensure Docker is installed first: curl -fsSL https://get.docker.com | sh
2
Initialize Project Folder
Create a folder to house your Docker Compose configuration.
terminal
# Create and navigate to project directory
mkdir -p ~/apps/authentik
cd ~/apps/authentik3
Create Docker Configuration
Define your services in a docker-compose.yml file:
docker-compose.yml
services:
authentik:
image: ghcr.io/goauthentik/server:latest
ports:
- "9000:9000"
- "9443:9443"
environment:
- AUTHENTIK_SECRET_KEY=<your-secret-key>
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=<your-db-password>
command: server
volumes:
- authentik_media:/media
- authentik_templates:/templates
restart: unless-stopped
depends_on:
- db
- redis
worker:
image: ghcr.io/goauthentik/server:latest
command: worker
environment:
- AUTHENTIK_SECRET_KEY=<your-secret-key>
- AUTHENTIK_REDIS__HOST=redis
- AUTHENTIK_POSTGRESQL__HOST=db
- AUTHENTIK_POSTGRESQL__USER=authentik
- AUTHENTIK_POSTGRESQL__NAME=authentik
- AUTHENTIK_POSTGRESQL__PASSWORD=<your-db-password>
volumes:
- authentik_media:/media
- authentik_templates:/templates
restart: unless-stopped
depends_on:
- db
- redis
db:
image: postgres:16-alpine
environment:
- POSTGRES_USER=authentik
- POSTGRES_PASSWORD=<your-db-password>
- POSTGRES_DB=authentik
volumes:
- postgres_data:/var/lib/postgresql/data
restart: unless-stopped
redis:
image: redis:7-alpine
restart: unless-stopped
volumes:
authentik_media:
authentik_templates:
postgres_data:
Environment Variables
PORTHTTP port(default: 9000)HTTPS_PORTHTTPS port(default: 9443)SECRET_KEYSecret keyDB_PASSWORDDB password4
Execute the Deployment
Start your containers and verify they're running correctly.
terminal
# Launch the stack
docker compose up -d
# Verify container status
docker compose ps
# Follow the logs
docker compose logs --follow5
Allow Network Access
Update UFW rules to allow traffic on the application port.
terminal
# Allow the application port through firewall
sudo ufw allow 9000/tcp
sudo ufw reload
# Access your app at:
# http://your-server-ip:9000Skip the Terminal
Don't want to type commands? We've got you.
Why type commands when you can click? Deploy Authentik the easy way with Server Compass.
- No terminal required
- Point-and-click setup
- Auto SSL certificates
- Rolling deployments
- Health monitoring
- Instant rollbacks
Download Server Compass$29 one-time • Lifetime license
After Deployment
After deploying Authentik with Server Compass, complete these steps to finish setup
1
Complete initial setup wizard
2
Create applications and providers
Need help? Check out our documentation for detailed guides.
Authentik FAQ
Common questions about self-hosting Authentik
How do I deploy Authentik with Server Compass?
Simply download Server Compass, connect to your VPS, and select Authentik from the templates list. Fill in the required configuration and click Deploy. The entire process takes under 3 minutes.
What are the system requirements for Authentik?
Authentik requires a minimum of 1024MB RAM. We recommend a VPS with at least 2048MB RAM for optimal performance. Any modern Linux server with Docker support will work.
Can I migrate my existing Authentik data?
Yes! Server Compass provides volume mapping that allows you to import existing data. You can also use standard Authentik backup and restore procedures.
How do I update Authentik to the latest version?
Server Compass makes updates easy. Simply click the Update button in your deployment dashboard, and the latest Authentik image will be pulled and deployed with zero downtime.
Is Authentik free to self-host?
Authentik is open-source software. You only pay for your VPS hosting (typically $5-20/month) and optionally Server Compass ($29 one-time). No subscription fees or per-seat pricing.
Related Templates
View all Development
PocketBase
Open-source backend in a single file with realtime database, auth, and file storage
Appwrite
Open-source backend-as-a-service - self-hosted Firebase alternative
Parse Server
Open-source backend framework with dashboard
Supabase
Full Supabase self-hosted with Kong, GoTrue Auth, Realtime, and Studio
Ready to Self-Host Authentik?
Download Server Compass and deploy Authentik to your VPS in under 3 minutes. No Docker expertise required.
Download Server Compass