From 4b5dd750dd10ade5e3a74dd110c948da6b82441f Mon Sep 17 00:00:00 2001 From: Egor Matveev Date: Fri, 11 Jul 2025 20:23:46 +0300 Subject: [PATCH] fix --- .deploy-infra/deploy-prod.yaml | 8 +----- .gitea/workflows/deploy-prod.yaml | 4 +++ authelia/Dockerfile | 2 ++ authelia/configuration.yml | 42 +++++++++++++++++++++++++++++++ 4 files changed, 49 insertions(+), 7 deletions(-) create mode 100644 authelia/Dockerfile create mode 100644 authelia/configuration.yml diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml index 1c8a1f6..2f5aa4d 100755 --- a/.deploy-infra/deploy-prod.yaml +++ b/.deploy-infra/deploy-prod.yaml @@ -28,7 +28,7 @@ services: # order: start-first authelia: - image: authelia/authelia + image: mathwave/sprint-repo:authelia networks: - common-infra-nginx environment: @@ -39,13 +39,7 @@ services: AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia" AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres" AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_USERNAME: "emmatveev" - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_PASSWORD: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_DISPLAYNAME: "Egor Matveev" - AUTHELIA_AUTHENTICATION_BACKEND_FILE_USERS_0_EMAIL: "emmtvv@gmail.com" AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor" - AUTHELIA_ACCESS_CONTROL_RULES_0_DOMAIN_0: "*.chocomarsh.com" - AUTHELIA_ACCESS_CONTROL_RULES_0_POLICY: "one_factor" AUTHELIA_NOTIFIER_SMTP_ENABLED: "false" volumes: - /sprint-data/authelia/config:/config diff --git a/.gitea/workflows/deploy-prod.yaml b/.gitea/workflows/deploy-prod.yaml index f218c52..6788402 100644 --- a/.gitea/workflows/deploy-prod.yaml +++ b/.gitea/workflows/deploy-prod.yaml @@ -21,6 +21,8 @@ jobs: run: docker build -t mathwave/sprint-repo:sprint-infra-nginx-prod nginx/nginx-prod - name: build gitea runner run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner + - name: build authelia + run: docker build -t mathwave/sprint-repo:authelia authelia push: name: Push runs-on: [ prod ] @@ -30,6 +32,8 @@ jobs: run: docker push mathwave/sprint-repo:sprint-infra-nginx-prod - name: push gitea runner run: docker push mathwave/sprint-repo:gitea-runner + - name: push authelia + run: docker push mathwave/sprint-repo:authelia prepare: name: prepare runs-on: [prod] diff --git a/authelia/Dockerfile b/authelia/Dockerfile new file mode 100644 index 0000000..2b3a2d3 --- /dev/null +++ b/authelia/Dockerfile @@ -0,0 +1,2 @@ +FROM authelia/authelia +COPY configuration.yml /config/configuration.yml \ No newline at end of file diff --git a/authelia/configuration.yml b/authelia/configuration.yml new file mode 100644 index 0000000..f502de9 --- /dev/null +++ b/authelia/configuration.yml @@ -0,0 +1,42 @@ +theme: dark + +jwt_secret: secret-jwt-will-be-overridden-by-env +default_redirection_url: https://auth.chocomarsh.com + +server: + host: 0.0.0.0 + port: 9091 + +log: + level: info + +authentication_backend: + file: + users: + emmatveev: + password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE" + displayname: "Egor Matveev" + email: emmtvv@gmail.com + +access_control: + default_policy: one_factor + rules: + - domain: "*.chocomarsh.com" + policy: one_factor + +session: + name: authelia_session + expiration: 1h + inactivity: 5m + remember_me_duration: 1w + cookies: + - domain: chocomarsh.com + authelia_url: https://auth.chocomarsh.com + +storage: + postgres: + address: tcp://pg.chocomarsh.com:5432 + database: authelia + schema: public + username: postgres + password: autheliapass # also override with env if preferred