From 1ca6074b9d080bf6ce2189f69df67394d9c31303 Mon Sep 17 00:00:00 2001 From: mrjk Date: Thu, 28 Jul 2022 17:24:37 -0400 Subject: [PATCH] Add: Authelia --- authelia/docker-compose.debug.yml | 6 +++ authelia/docker-compose.expose.yml | 4 ++ authelia/docker-compose.yml | 61 ++++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+) create mode 100644 authelia/docker-compose.debug.yml create mode 100644 authelia/docker-compose.expose.yml create mode 100644 authelia/docker-compose.yml diff --git a/authelia/docker-compose.debug.yml b/authelia/docker-compose.debug.yml new file mode 100644 index 0000000..57080ce --- /dev/null +++ b/authelia/docker-compose.debug.yml @@ -0,0 +1,6 @@ + +services: + authelia: + environment: + - AUTHELIA_LOG_LEVEL=debug + diff --git a/authelia/docker-compose.expose.yml b/authelia/docker-compose.expose.yml new file mode 100644 index 0000000..78f3c1e --- /dev/null +++ b/authelia/docker-compose.expose.yml @@ -0,0 +1,4 @@ +services: + authelia: + expose: + - ${APP_EXPOSE_IP}:${APP_EXPOSE_PORT:-9091}:9091 diff --git a/authelia/docker-compose.yml b/authelia/docker-compose.yml new file mode 100644 index 0000000..1f63bfa --- /dev/null +++ b/authelia/docker-compose.yml @@ -0,0 +1,61 @@ + +# See: https://www.reddit.com/r/unRAID/comments/pbic8g/how_to_add_environment_variables_to_authelia/ + +version: "3.7" +services: + authelia: + image: authelia/authelia:4.36 + #container_name: authelia + command: + - authelia + - "--config=/config/configuration.yml" + - "--config=/config/configuration.${APP_AUTHELIA_BACKEND:-ldap}.yml" + + volumes: + - ./config:/config + #networks: + # - default + labels: + #- 'traefik.enable=true' + #- 'traefik.http.routers.authelia.rule=Host(`authelia.example.com`)' + #- 'traefik.http.routers.authelia.entrypoints=https' + #- 'traefik.http.routers.authelia.tls=true' + #- 'traefik.http.routers.authelia.tls.certresolver=letsencrypt' + #- 'traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://authelia.example.com' # yamllint disable-line rule:line-length + # + - 'traefik.http.middlewares.${TRAEFIK_SVC_AUTH:-authelia}.forwardauth.trustForwardHeader=true' + - 'traefik.http.middlewares.${TRAEFIK_SVC_AUTH:-authelia}.forwardauth.address=http://authelia:9091/api/verify?rd=https://${APP_DOMAIN}' + - 'traefik.http.middlewares.${TRAEFIK_SVC_AUTH:-authelia}.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' # yamllint disable-line rule:line-length + healthcheck: + disable: true + environment: + + + # Direct password insertion + - AUTHELIA_JWT_SECRET=jwt_54648798798sdfgksdfjgklsdfjglksdfjg + - AUTHELIA_SESSION_SECRET=session_4565798dfghsdfkgjhsdfjkghsdkfjghdf + - AUTHELIA_STORAGE_ENCRYPTION_KEY=sto_789453645867asdjhgfiuklasdhgukasdfhgiuadfhgiluadfrhg + + + # MISC + #- AUTHELIA_DEFAULT_REDICTION_URL=${APP_DOMAIN} + - AUTHELIA_DEFAULT_REDIRECTION_URL=https://${APP_DOMAIN} + - AUTHELIA_SESSION_DOMAIN=${APP_TOP_DOMAIN} + #- AUTHELIA_AUTHENTIFICATION_BACKEND_PASSWORD_RESET_CUSTOM_URL=https://users.auth.${APP_TOP_DOMAIN} + + # LDAP configuration + # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP=true + # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_URL=ldap://ldap + # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_BASE_DN=DC=barbu-it,DC=com + # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_USER=CN=admin,DC=barbu-it,DC=com + # DOES NOT WORK: - AUTHELIA_AUTHENTIFICATION_BACKEND_LDAP_PASSWORD=JarWucact1DoocAcKods + + + # # Secret management + # - AUTHELIA_JWT_SECRET_FILE=/config/secret_jwt + # - AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE=/config/secret_storage + # - AUTHELIA_SESSION_SECRET_FILE=/config/secret_session + # - AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE=/config/secret_ldap + # - AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE=/config/secret_mysql + # - AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE=/config/secret_postgresql + # - AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE=/config/secret_smtp