rick-infra/roles/authentik/templates/authentik-worker.container

[Unit]
Description=Authentik Worker Container  
After=authentik-pod.service
Requires=authentik-pod.service

[Container]
ContainerName={{ authentik_container_worker_name }}
Image={{ authentik_image }}:{{ authentik_version }}
Pod=authentik.pod
EnvironmentFile={{ authentik_home }}/.env
User={{ authentik_uid }}:{{ authentik_gid }}
PodmanArgs=--group-add {{ postgresql_client_group_gid }} --group-add {{ valkey_client_group_gid }}

# Logging configuration
LogDriver=k8s-file
LogOpt=path={{ authentik_home }}/logs/worker.log
Volume={{ authentik_home }}/logs:{{ authentik_home }}/logs

# Volume mounts for data and sockets
Volume={{ authentik_media_dir }}:/media
Volume={{ authentik_data_dir }}:/data
Volume={{ postgresql_unix_socket_directories }}:{{ postgresql_unix_socket_directories }}:Z
Volume={{ valkey_unix_socket_path | dirname }}:{{ valkey_unix_socket_path | dirname }}:Z

Exec=worker

[Service]
Restart=always
TimeoutStartSec=300

[Install]
WantedBy=multi-user.target