Add: Authelia

authelia/docker-compose.debug.yml

@@ -0,0 +1,6 @@
+
+services:
+  authelia:
+    environment:
+      - AUTHELIA_LOG_LEVEL=debug
+

authelia/docker-compose.expose.yml

@@ -0,0 +1,4 @@
+services:
+  authelia:
+    expose:
+      - ${APP_EXPOSE_IP}:${APP_EXPOSE_PORT:-9091}:9091

authelia/docker-compose.yml

@@ -0,0 +1,61 @@
+
+# See: https://www.reddit.com/r/unRAID/comments/pbic8g/how_to_add_environment_variables_to_authelia/
+
+version: "3.7"
+services:
+  authelia:
+    image: authelia/authelia:4.36
+      #container_name: authelia
+    command:
+      - authelia
+      - "--config=/config/configuration.yml"
+      - "--config=/config/configuration.${APP_AUTHELIA_BACKEND:-ldap}.yml"
+
+    volumes:
+      - ./config:/config
+    #networks:
+    #  - default
+    labels:
+      #- 'traefik.enable=true'
+      #- 'traefik.http.routers.authelia.rule=Host(`authelia.example.com`)'
+      #- 'traefik.http.routers.authelia.entrypoints=https'
+      #- 'traefik.http.routers.authelia.tls=true'
+      #- 'traefik.http.routers.authelia.tls.certresolver=letsencrypt'
+      #- 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://authelia.example.com'  # yamllint disable-line rule:line-length
+      #
+      - 'traefik.http.middlewares.${TRAEFIK_SVC_AUTH:-authelia}.forwardauth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.${TRAEFIK_SVC_AUTH:-authelia}.forwardauth.address=http://authelia:9091/api/verify?rd=https://${APP_DOMAIN}'
+      - 'traefik.http.middlewares.${TRAEFIK_SVC_AUTH:-authelia}.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'  # yamllint disable-line rule:line-length
+    healthcheck:
+      disable: true
+    environment:
+
+
+      # Direct password insertion
+      - AUTHELIA_JWT_SECRET=jwt_54648798798sdfgksdfjgklsdfjglksdfjg
+      - AUTHELIA_SESSION_SECRET=session_4565798dfghsdfkgjhsdfjkghsdkfjghdf
+      - AUTHELIA_STORAGE_ENCRYPTION_KEY=sto_789453645867asdjhgfiuklasdhgukasdfhgiuadfhgiluadfrhg
+
+
+      # MISC
+      #- AUTHELIA_DEFAULT_REDICTION_URL=${APP_DOMAIN}
+      - AUTHELIA_DEFAULT_REDIRECTION_URL=https://${APP_DOMAIN}
+      - AUTHELIA_SESSION_DOMAIN=${APP_TOP_DOMAIN}
+      #- AUTHELIA_AUTHENTIFICATION_BACKEND_PASSWORD_RESET_CUSTOM_URL=https://users.auth.${APP_TOP_DOMAIN}
+
+      # LDAP configuration
+      # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP=true
+      # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_URL=ldap://ldap
+      # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_BASE_DN=DC=barbu-it,DC=com
+      # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_USER=CN=admin,DC=barbu-it,DC=com
+      # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_PASSWORD=JarWucact1DoocAcKods
+
+
+      # # Secret management
+      # - AUTHELIA_JWT_SECRET_FILE=/config/secret_jwt
+      # - AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE=/config/secret_storage
+      # - AUTHELIA_SESSION_SECRET_FILE=/config/secret_session
+      # - AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE=/config/secret_ldap
+      # - AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE=/config/secret_mysql
+      # - AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE=/config/secret_postgresql
+      # - AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE=/config/secret_smtp