micro
/
woodbine.nyc
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '964c06895b'
${ noResults }
woodbine.nyc/services/authelia.yaml

100 lines
3.0 KiB
Raw Blame History

version: "3.8"
secrets:
JWT_SECRET:
file: ../secrets/authelia/JWT_SECRET
SESSION_SECRET:
file: ../secrets/authelia/SESSION_SECRET
STORAGE_PASSWORD:
file: ../secrets/authelia/STORAGE_PASSWORD
STORAGE_ENCRYPTION_KEY:
file: ../secrets/authelia/STORAGE_ENCRYPTION_KEY
SMTP_PASSWORD:
file: ../secrets/smtp/SMTP_PASSWORD
services:
authelia:
container_name: authelia
image: docker.io/authelia/authelia:4.37
userns_mode: keep-id
depends_on:
- postgres
- secrets
- caddy
#- smtp
restart: unless-stopped
expose:
- 9091
secrets: [JWT_SECRET, SESSION_SECRET, STORAGE_PASSWORD, STORAGE_ENCRYPTION_KEY, SMTP_PASSWORD]
environment:
AUTHELIA_JWT_SECRET_FILE: /run/secrets/JWT_SECRET
AUTHELIA_SESSION_DOMAIN: ${DOMAIN}
AUTHELIA_SESSION_SECRET_FILE: /run/secrets/SESSION_SECRET
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/STORAGE_ENCRYPTION_KEY
AUTHELIA_STORAGE_POSTGRES_DATABASE: authelia
AUTHELIA_STORAGE_POSTGRES_HOST: postgres
AUTHELIA_STORAGE_POSTGRES_USERNAME: authelia
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: /run/secrets/STORAGE_PASSWORD
AUTHELIA_DEFAULT_REDIRECTION_URL: https://${DOMAIN}
AUTHELIA_TOTP_ISSUER: ${DOMAIN}
AUTHELIA_WEBAUTHN_DISPLAY_NAME: ${DOMAIN}
AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: two_factor
AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /run/secrets/SMTP_PASSWORD
AUTHELIA_NOTIFIER_SMTP_HOST: ${SMTP_HOST}
AUTHELIA_NOTIFIER_SMTP_PORT: ${SMTP_PORT}
AUTHELIA_NOTIFIER_SMTP_USERNAME: ${SMTP_USERNAME}
AUTHELIA_NOTIFIER_SMTP_SENDER: "Woodbine <${SMTP_USERNAME}@${DOMAIN}>"
volumes:
- ../data/authelia/config:/config
postgres:
image: postgres:16.0-alpine
depends_on:
- secrets
- caddy
secrets: [STORAGE_PASSWORD]
restart: unless-stopped
environment:
POSTGRES_PASSWORD_FILE: /run/secrets/STORAGE_PASSWORD
POSTGRES_DB: authelia
POSTGRES_USER: authelia
volumes:
- postgres-data:/var/lib/postgresql/data
# setup a reverse proxy for caddy
caddy:
volumes:
- ./authelia/Proxyfile:/etc/caddy.d/authelia:ro
# backup the authelia config
backup:
volumes:
- ../data/authelia/config:/mnt/backup/src/authelia/config:ro
# backup the postgres database
#backup-postgres:
# volumes:
# - ../secrets/authelia/STORAGE_PASSWORD:/run/secrets/AUTHELIA_PGPASSWORD
# environment:
# - AUTHELIA_PGHOST: authelia
# - AUTHELIA_PGUSER: authelia
# - AUTHELIA_DBS_TO_INCLUDE: authelia
# - AUTHELIA_PGPASSWORD_FILE: /run/secrets/AUTHELIA_PGPASSWORD
# generate all these secrets if they are empty on start
secrets:
volumes:
- ../secrets/authelia/JWT_SECRET:/secrets/authelia/JWT_SECRET
- ../secrets/authelia/SESSION_SECRET:/secrets/authelia/SESSION_SECRET
- ../secrets/authelia/STORAGE_PASSWORD:/secrets/authelia/STORAGE_PASSWORD
- ../secrets/authelia/STORAGE_ENCRYPTION_KEY:/secrets/authelia/STORAGE_ENCRYPTION_KEY
volumes:
postgres-data:
authelia-config:
Reference in new issue View Git Blame Copy Permalink