website/docs: update info about docker socket mount (#18344)

* Update info about docker socket mounting * Apply suggestions from code review Co-authored-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens L. <jens@goauthentik.io> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> * Update website/docs/install-config/install/docker-compose.mdx Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Dewi Roberts <dewi@goauthentik.io> --------- Signed-off-by: Dewi Roberts <dewi@goauthentik.io> Co-authored-by: Dominic R <dominic@sdko.org> Co-authored-by: Jens L. <jens@goauthentik.io> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
2026-04-26 01:25:02 +02:00 · 2025-11-25 12:10:27 +00:00
parent 1c1e9af22b
commit 5b9f97deb4
2 changed files with 19 additions and 3 deletions
--- a/website/docs/install-config/install/docker-compose.mdx
+++ b/website/docs/install-config/install/docker-compose.mdx
@@ -105,3 +105,17 @@ COMPOSE_PORT_HTTPS=443
 ```

 See [Configuration](../configuration/configuration.mdx) to change the internal ports. Be sure to run `docker compose up -d` to rebuild with the new port numbers.
+
+## Docker socket
+
+By default, the authentik Docker Compose file mounts the Docker socket to the authentik worker container:
+
+```yaml
+- /var/run/docker.sock:/var/run/docker.sock
+```
+
+This is used for [automatic deployment and management of authentik Outposts](../../add-secure-apps/outposts/integrations/docker.md).
+
+Mounting the Docker socket to a container comes with some inherent security risks. To reduce these risks, you can utilize a [Docker Socket Proxy](../../add-secure-apps/outposts/integrations/docker.md#docker-socket-proxy) as an additional layer of protection.
+
+Alternatively, you can remove this mount and instead [manually deploy and manage outposts](../../add-secure-apps/outposts/manual-deploy-docker-compose.md).