From 7dbd8fad213d8cbcb9bd827bbb26ad4d7cd674fd Mon Sep 17 00:00:00 2001
From: Romain ROCHAS <romainrochas69@gmail.com>
Date: Sun, 19 Oct 2025 21:34:26 +0200
Subject: [PATCH] Add Pocket ID with PostgreSQL template

Add variant of Pocket ID template with PostgreSQL database support for better scalability and production use.
---
 .../compose/pocket-id-with-postgresql.yaml    | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 templates/compose/pocket-id-with-postgresql.yaml

diff --git a/templates/compose/pocket-id-with-postgresql.yaml b/templates/compose/pocket-id-with-postgresql.yaml
new file mode 100644
index 000000000..46760d124
--- /dev/null
+++ b/templates/compose/pocket-id-with-postgresql.yaml
@@ -0,0 +1,45 @@
+# documentation: https://pocket-id.org/docs/setup/installation
+# slogan: A simple and secure OIDC provider with passkey authentication
+# category: auth
+# tags: identity,oidc,oauth,passkey,webauthn,authentication,sso,openid,postgresql
+# logo: svgs/pocketid-logo.png
+# port: 1411
+
+services:
+  pocket-id:
+    image: ghcr.io/pocket-id/pocket-id:v1.13
+    environment:
+      - SERVICE_URL_POCKETID_1411
+      - APP_URL=${SERVICE_URL_POCKETID}
+      - TRUST_PROXY=${TRUST_PROXY:-true}
+      - DB_PROVIDER=postgres
+      - DB_CONNECTION_STRING=postgresql://${SERVICE_USER_POSTGRESQL}:${SERVICE_PASSWORD_POSTGRESQL}@postgresql:5432/${POSTGRES_DB:-pocketid}
+      - ENCRYPTION_KEY=${SERVICE_PASSWORD_64_POCKETID}
+      - KEYS_STORAGE=${KEYS_STORAGE:-database}
+      - MAXMIND_LICENSE_KEY=${MAXMIND_LICENSE_KEY}
+      - PUID=${PUID:-1000}
+      - PGID=${PGID:-1000}
+    volumes:
+      - pocket-id-data:/app/data
+    healthcheck:
+      test: ["CMD", "/app/pocket-id", "healthcheck"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 10s
+    depends_on:
+      postgresql:
+        condition: service_healthy
+  postgresql:
+    image: postgres:16-alpine
+    volumes:
+      - pocket-id-postgresql-data:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_USER=${SERVICE_USER_POSTGRESQL}
+      - POSTGRES_PASSWORD=${SERVICE_PASSWORD_POSTGRESQL}
+      - POSTGRES_DB=${POSTGRES_DB:-pocketid}
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
+      interval: 5s
+      timeout: 20s
+      retries: 10