colin/nas-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
acf7c91a92e926ab25035a41ca2575233a7620bf
nas-compose/authentication/docker-compose.yml
Colin Hebert acf7c91a92 Remove OIDC secret from authelia image
2024-08-26 10:39:52 +10:00

60 lines
2.6 KiB
YAML
Raw Blame History

name: authentication
services:
authelia:
hostname: authelia
image: authelia/authelia
command: --config /etc/authelia/configuration.yml,/etc/authelia/access.yml,/etc/authelia/authentication.yml
environment:
PUID: ${NASCOMPOSE_UID?}
PGID: ${NASCOMPOSE_GID?}
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: /run/secrets/jwt_secret
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: /run/secrets/storage_key
AUTHELIA_NOTIFIER_SMTP_ADDRESS: ${NASCOMPOSE_AUTHELIA_SMTP_ADDRESS?}
AUTHELIA_NOTIFIER_SMTP_USERNAME: ${NASCOMPOSE_AUTHELIA_SMTP_USERNAME?}
AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE: /run/secrets/smtp_password
AUTHELIA_NOTIFIER_SMTP_SENDER: "authelia@${NASCOMPOSE_DOMAIN?}"
X_AUTHELIA_CONFIG_FILTERS: template
TEMPLATE_NASCOMPOSE_DOMAIN: ${NASCOMPOSE_DOMAIN?}
networks:
- reverse-proxy
- default
volumes:
- ${NASCOMPOSE_SERVICES?}/authentication/volumes/authelia_config/:/config/
# Configuration
- ${NASCOMPOSE_SERVICES?}/authentication/configs/authelia_configuration.yml:/etc/authelia/configuration.yml:ro
- ${NASCOMPOSE_SERVICES?}/authentication/configs/authelia_access.yml:/etc/authelia/access.yml:ro
- ${NASCOMPOSE_SERVICES?}/authentication/configs/authelia_authentication.yml:/etc/authelia/authentication.yml:ro
# Secrets
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/authelia_jwt_secret:/run/secrets/jwt_secret:ro
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/authelia_storage_key:/run/secrets/storage_key:ro
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/authelia_smtp_password:/run/secrets/smtp_password:ro
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/authelia_oidcsecret:/run/secrets/oidcsecret:ro
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/authelia_oidc.pem:/run/secrets/oidc.pem:ro
restart: unless-stopped
labels:
traefik.enable: true
lldap:
image: lldap/lldap
environment:
UID: ${NASCOMPOSE_UID?}
GID: ${NASCOMPOSE_GID?}
LLDAP_JWT_SECRET_FILE: /run/secrets/jwt_secret
LLDAP_KEY_SEED_FILE: /run/secrets/key_seed
networks:
- reverse-proxy
- default
volumes:
- ${NASCOMPOSE_SERVICES?}/authentication/volumes/lldap_data:/data
# Secrets
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/lldap_jwt_secret:/run/secrets/jwt_secret:ro
- ${NASCOMPOSE_SERVICES?}/authentication/secrets/lldap_key_seed:/run/secrets/key_seed:ro
labels:
traefik.enable: true
traefik.http.services.lldap.loadbalancer.server.port: 17170
networks:
reverse-proxy:
external: true
Reference in New Issue View Git Blame Copy Permalink