name: Authentication services: authelia: hostname: authelia image: authelia/authelia command: --config /etc/authelia/configuration.yml,/etc/authelia/access.yml,/etc/authelia/authentication.yml environment: PUID: ${NASCOMPOSE_UID?} PGID: ${NASCOMPOSE_GID?} AUTHELIA_SESSION_DOMAIN: ${NASCOMPOSE_AUTHELIA_DOMAIN?} # Will be deprecated with newer versions of Authelia, which will support multiple domains AUTHELIA_DEFAULT_REDIRECTION_URL: "https://heimdall.${NASCOMPOSE_AUTHELIA_DOMAIN?}" AUTHELIA_JWT_SECRET_FILE: /run/secrets/jwt_secret AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/storage_key AUTHELIA_NOTIFIER_SMTP_HOST: ${NASCOMPOSE_AUTHELIA_SMTP_HOST?} AUTHELIA_NOTIFIER_SMTP_PORT: ${NASCOMPOSE_AUTHELIA_SMTP_PORT?} AUTHELIA_NOTIFIER_SMTP_USERNAME: ${NASCOMPOSE_AUTHELIA_SMTP_USERNAME?} AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /run/secrets/smtp_password AUTHELIA_NOTIFIER_SMTP_SENDER: ${NASCOMPOSE_AUTHELIA_SMTP_SENDER?} networks: - reverse-proxy volumes: - config:/config configs: - source: authelia_configuration target: /etc/authelia/configuration.yml - source: authelia_access target: /etc/authelia/access.yml - source: authelia_authentication target: /etc/authelia/authentication.yml secrets: - jwt_secret - storage_key - smtp_password restart: unless-stopped labels: traefik.enable: true networks: reverse-proxy: external: true volumes: config: driver_opts: type: none o: bind device: ${NASCOMPOSE_SERVICES?}/authentication/volumes/authelia_config/ configs: authelia_configuration: file: ${NASCOMPOSE_SERVICES?}/authentication/configs/configuration.yml authelia_access: file: ${NASCOMPOSE_SERVICES?}/authentication/configs/access.yml authelia_authentication: file: ${NASCOMPOSE_SERVICES?}/authentication/configs/authentication.yml secrets: jwt_secret: file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/jwt_secret storage_key: file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/storage_key smtp_password: file: ${NASCOMPOSE_SERVICES?}/authentication/secrets/smtp_password