Upgrade Authentik

Before updating dependencies or Authentik itself, make a snapshot of the VM "authguard" on Proxmox. The steps should be carefully followed in the order in which they are listed as. The passwords that need to be filled in the commands below are saved in ARDITI collection on Bitwarden

• Run the command docker inspect authentik-authentik-1
• Run the command changing the version to the new one docker pull ghcr.io/goauthentik/server:2025.8.1
• Run the command docker stop authentik-authentik-1
• Run the command docker rm authentik-authentik-1
• With the data received from that command, fill that following command:

docker run -d \ --name authentik-worker-1 \ --network authentik_default \ --restart unless-stopped \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /data/compose/31/media:/media \ -v /data/compose/31/custom-templates:/templates \ -v /data/compose/31/certs:/certs \ -e PG_HOST=194.210.52.10 \ -e AUTHENTIK_EMAIL__PORT=587 \ -e AUTHENTIK_EMAIL__PASSWORD="CHANGE_TO_PASSWORD" \ -e AUTHENTIK_EMAIL__HOST=mail.arditi.pt \ -e AUTHENTIK_POSTGRESQL__USER=authentik \ -e AUTHENTIK_ERROR_REPORTING__ENABLED=true \ -e AUTHENTIK_EMAIL__TIMEOUT=10 \ -e PG_PASS="CHANGE_TO_PASSWORD" \ -e AUTHENTIK_EMAIL__FROM=noreply@arditi.pt \ -e AUTHENTIK_POSTGRESQL__NAME=db_authentik \ -e AUTHENTIK_POSTGRESQL__HOST=194.210.52.10 \ -e AUTHENTIK_EMAIL__USE_SSL=false \ -e AUTHENTIK_REDIS__HOST=redis \ -e PG_DB=db_authentik \ -e AUTHENTIK_EMAIL__USE_TLS=true \ -e AUTHENTIK_EMAIL__USERNAME=noreply@arditi.pt \ -e PG_USER=authentik \ -e AUTHENTIK_SECRET_KEY="CHANGE_TO_PASSWORD" \ -e AUTHENTIK_POSTGRESQL__PASSWORD="CHANGE_TO_PASSWORD" \ --health-cmd "ak healthcheck" \ --health-interval 30s \ --health-timeout 30s \ --health-start-period 60s \ --health-retries 3 \ ghcr.io/goauthentik/server:2025.8.1 \ server

• Do it again, but for the container "authentik-worker-1"
• Check the web admin interface, it should show the updated version and that there is a worker running