From 1f8d14af02f3b182ad334b43e27a5b22aeb02881 Mon Sep 17 00:00:00 2001
From: hcornet <hcornet@tips-of-mine.fr>
Date: Mon, 1 Apr 2024 14:58:39 +0200
Subject: [PATCH] update

---
 Authelia/Nginx/docker-compose.yaml            |  31 ----------
 Authelia/README.md                            |  26 ++++++++
 Authelia/Traefik/docker-compose.yaml          |  46 --------------
 Authelia/{Authelia => }/configuration.yml     |   0
 Authelia/docker-compose-traefik.yml           |  56 ++++++++++++++++++
 ...docker-compose.yaml => docker-compose.yml} |   0
 Authelia/img/logo-Authelia.png                | Bin 0 -> 2885 bytes
 Authelia/{Authelia => }/users_database.yml    |   0
 Authentik/docker-compose-traefik.yml          |   3 +
 9 files changed, 85 insertions(+), 77 deletions(-)
 delete mode 100644 Authelia/Nginx/docker-compose.yaml
 create mode 100644 Authelia/README.md
 delete mode 100644 Authelia/Traefik/docker-compose.yaml
 rename Authelia/{Authelia => }/configuration.yml (100%)
 create mode 100644 Authelia/docker-compose-traefik.yml
 rename Authelia/{Authelia/docker-compose.yaml => docker-compose.yml} (100%)
 create mode 100644 Authelia/img/logo-Authelia.png
 rename Authelia/{Authelia => }/users_database.yml (100%)

diff --git a/Authelia/Nginx/docker-compose.yaml b/Authelia/Nginx/docker-compose.yaml
deleted file mode 100644
index 44967b26..00000000
--- a/Authelia/Nginx/docker-compose.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-version: "3.9"
-services:
-  web:
-    image: nginx
-    container_name: nginx
-    volumes:
-     - /home/ubuntu/docker/nginx:/etc/nginx/templates
-    environment:
-     - NGINX_HOST=nginx.jimsgarage.co.uk
-     - NGINX_PORT=80
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.nginx.entrypoints=http"
-      - "traefik.http.routers.nginx.rule=Host(`nginx.jimsgarage.co.uk`)"
-      - "traefik.http.middlewares.nginx-https-redirect.redirectscheme.scheme=https"
-      - "traefik.http.routers.nginx.middlewares=nginx-https-redirect"
-      - "traefik.http.routers.nginx-secure.entrypoints=https"
-      - "traefik.http.routers.nginx-secure.rule=Host(`nginx.jimsgarage.co.uk`)"
-      - "traefik.http.routers.nginx-secure.tls=true"
-      - "traefik.http.routers.nginx-secure.service=nginx"
-      - "traefik.http.services.nginx.loadbalancer.server.port=80"
-      - "traefik.http.routers.nginx-secure.middlewares=authelia@docker"
-      - "traefik.docker.network=proxy"
-    networks:
-      proxy:
-    security_opt:
-      - no-new-privileges:true
-
-networks:
-  proxy:
-    external: true
diff --git a/Authelia/README.md b/Authelia/README.md
new file mode 100644
index 00000000..63bc9bc5
--- /dev/null
+++ b/Authelia/README.md
@@ -0,0 +1,26 @@
+![authelia](./img/logo-authelia.png)
+
+# authelia
+
+Authelia est un serveur et un portail d'authentification et d'autorisation open source répondant au rôle de la sécurité de l'information (IAM) dans la fourniture d'une authentification multifactorielle et d'une connexion unique (SSO) pour vos applications via un portail web. Il agit comme un compagnon pour les proxys inverses communs.
+
+# Installation
+
+Pour utiliser Adminer tout seul
+```bash
+docker compose up -d
+```
+
+Pour utiliser Adminer avec Traefik
+```bash
+docker compose -f docker-compose-traefik.yml up -d
+```
+
+Pour utiliser Adminer avec Nginx
+```bash
+docker compose -f docker-compose-nginx.yml up -d
+```
+# Utilisation
+
+## Accueil
+![authelia-accueil](./img/authelia-000.png)
\ No newline at end of file
diff --git a/Authelia/Traefik/docker-compose.yaml b/Authelia/Traefik/docker-compose.yaml
deleted file mode 100644
index a434e9e6..00000000
--- a/Authelia/Traefik/docker-compose.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-version: '3.5'
-
-services:
-  traefik:
-    image: traefik:latest
-    container_name: traefik
-    restart: unless-stopped
-    security_opt:
-      - no-new-privileges:true
-    networks:
-      proxy:
-    ports:
-      - 80:80
-      - 443:443
-    environment:
-      - CF_API_EMAIL=your@email.com
-      - CF_DNS_API_TOKEN=your-api-key
-      # - CF_API_KEY=YOU_API_KEY
-    volumes:
-      - /etc/localtime:/etc/localtime:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /home/ubuntu/docker/traefik/traefik.yml:/traefik.yml:ro
-      - /home/ubuntu/docker/traefik/acme.json:/acme.json
-      - /home/ubuntu/docker/traefik/config.yml:/config.yml:ro
-      - /home/ubuntu/docker/traefik/logs:/var/log/traefik
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.traefik.entrypoints=http"
-      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.yourdomain.co.uk`)"
-      - "traefik.http.middlewares.traefik-auth.basicauth.users=YOUR_USERNAME_PASSWORD"
-      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
-      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
-      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
-      - "traefik.http.routers.traefik-secure.entrypoints=https"
-      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.yourdomain.co.uk`)"
-      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
-      - "traefik.http.routers.traefik-secure.tls=true"
-      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
-      - "traefik.http.routers.traefik-secure.tls.domains[0].main=yourdomain.co.uk"
-      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.yourdomain.co.uk"
-      - "traefik.http.routers.traefik-secure.service=api@internal"
-      - "traefik.http.routers.api.middlewares=authelia@docker"
-
-networks:
-  proxy:
-    name: proxy
diff --git a/Authelia/Authelia/configuration.yml b/Authelia/configuration.yml
similarity index 100%
rename from Authelia/Authelia/configuration.yml
rename to Authelia/configuration.yml
diff --git a/Authelia/docker-compose-traefik.yml b/Authelia/docker-compose-traefik.yml
new file mode 100644
index 00000000..48d00703
--- /dev/null
+++ b/Authelia/docker-compose-traefik.yml
@@ -0,0 +1,56 @@
+#### NETWORKS
+networks:
+  docker-traefik_front_network:
+    external: true
+  back_network:
+    driver: bridge
+    attachable: true
+    
+#### SERVICES
+services:
+
+### Authelia
+  authelia:
+    container_name: authelia-app
+    hostname: authelia-app
+    image: authelia/authelia
+    volumes:
+      - /home/ubuntu/docker/authelia/config:/config
+    networks:
+      - back_network
+      - docker-traefik_front_network
+    security_opt:
+      - no-new-privileges:true
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.authelia.rule=Host(`auth.jimsgarage.co.uk`)'
+      - 'traefik.http.routers.authelia.entrypoints=https'
+      - 'traefik.http.routers.authelia.tls=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/verify?rd=https://auth.jimsgarage.co.uk'
+      - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.address=http://authelia:9091/api/verify?auth=basic'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.services.authelia.loadbalancer.server.port=9091'
+    ports:
+      - 9091:9091
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/Paris
+    healthcheck:
+      disable: true
+
+  redis:
+    container_name: authelia-redis
+    hostname: authelia-redis
+    image: redis:alpine
+    volumes:
+      - ./redis:/data
+    networks:
+      - back_network
+    expose:
+      - 6379
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/Paris
diff --git a/Authelia/Authelia/docker-compose.yaml b/Authelia/docker-compose.yml
similarity index 100%
rename from Authelia/Authelia/docker-compose.yaml
rename to Authelia/docker-compose.yml
diff --git a/Authelia/img/logo-Authelia.png b/Authelia/img/logo-Authelia.png
new file mode 100644
index 0000000000000000000000000000000000000000..3447da29dc6c4dfd07d659584ee6919a182a19d9
GIT binary patch
literal 2885
zcmcgu`9IT-A0H*MayH6cG;)Ske4@feVdJf>a+YIOb02dbU9L2`BqASEHp{h;Bge-b
zLd7twrDC}@vsfrT`uq>y?+>r*`Fg${uOD8I$LsY<b41zf6;}`kfk1oDorODrKtd+l
zK2A({TPwcmdAV(b!kla@LFEHVv)jQ=oCVSX1fpeve|d^*$Gd~iI){Nk677FPs5^+_
zvkl6GBQAxX5AqF<^bEy<Y(lZvz_6=9;T{;V?Go|Eb8riEl*eK|*J0n9a`(pNJV{Q$
zC6xu)xX-ek>AT0COzygRhlngfm!;4;t8Rb&n2Ra@WN|;r{qV(o_3bhWdg-)<5<M|8
zcsE$y{hN4XDx9+X^65gW#)P}CoG*LB+xLbu+jt{^y>f<O&^|EGIAhGu=f(*%xeGD!
zpwGc-+Mu1+DIh5jN%#yXRU9Pr{{r+9wy;rJ@1_foFS@!0UR2XYe{K%NtrgM?&k6(A
zLa-VK-@be%yPcYb2cu#q?5%T&L<<@Dw1zFmb3%NpS|NbHPmt=u++dYts3)s7NTlYH
z>kz}gFPmXx(vnhO`Ucc!J-jD29(PsC>@S7gk}IN56RQUOu737%JA@~2+tx2!AeE);
zF{n>(gseEmvwl%WG?cN}(iKYg*vI@jOLR>hH6$A7cL16&tqh`GUe1_fyHIfxIOG;(
zHk8`MM8FIXdUZyJ-XF`FEpJa=4ZPh<*{HbNQG+b*?EjNAXYg%f?>~KuwTeAq>4E+P
z)pSCGKgDk0Ak$`dB8`bKHEqSzxwx@VYBC&va1(DzWNAbnp*Bn2+*<-+8C4@7K|$gO
z2x+;^H8QAwNBoJ~r)c+mBL#dvM>z}{Mc2Je-Mg5-3qGCH!V$q1NR}PN5*9lbjqA+6
zhHEIsn)eRL;UXuk&>kK0oRxe(Nd!(V`>|a1jAp@)V;GL-c%9rUlAPPRwG)bN(nzuV
z!+SRB2w4ecSHJeehC~2Kl*Th?{bPulKaBc63^i@}2P79AGG56IeNfv#Dhq4@lx3fX
zW$00l-)Ug8YZeQae%e!62yf_L`{qhn99hj03x#e!#R?JOr^iNA3<OQt81DRpG(q6d
zH#n@x3Z9czV&=&d4*1;w)2BN#IJqQE{PAft@-bp%j0Fwfh=gWt`dn>nePLtoP299o
z>`!1C7RFvP)o&oSC=9_|bHAIsrtJ&^>`rl_n{^MURvs5<EcNNy+=^Poz(m>~@(sW8
zb=I|bCmv35im6R<a?ffgZJ8Ihrh<7KbEiny+6+tV^dhme%l8l}J|-iV@*wmt<pa`8
z$RL$+2b}L;?Ggs}YlGLa<KOFfRGWk`HBUTNlc&4Vc?C~a6P+J1o@x7)$HZ+8i1Fic
z%wF;x%AaZZ$i2|?1CmrLHrsoA1P1ttbxrxv>g184QZvc*cnL*@wf%6rG7FrMUh?XQ
z{%hWS-#$cEDTUB4t@D_gw)c1aS=VB*3T{>FXfgKeJ-U2h!>weIK(AVgP4oId<8@p0
z#I5?2M-&lxQFtuL#rW_o%Q8WY6ohbX^#uWW-ub)v8`>qgAo`*_1L6ejoo|h4Z4Qh@
zn8*3yV@Xi&-;L^`jxrcGl<ZLcoc}qG7Dw!MdkTetn{Bn3?Nm6@Q*2^KdiQBcMRoD?
zO4c69fkPEHRgc;woO~~haYAL`^fre2B_elk<m$>{mPzHEGvq^4A9~gx4~I^F5Di@(
zuwxi#^BBBfijGuWg!)e{qk1j9M)An5dN;Qsl|~h21c2-i{hi#|eE4mu_7O6#J3Cyk
zOQKrLA+ZdCX(MU(c`s%);GE4*ZN-03f|lHkA26+X7<awLZUPtZPHdvBca{8LT`|#Z
z@K=^wDqf3<C;uQ8kK3-KUFLdRMnq$o^eaB7i03&ivE!9vwL7GN!_$xIN0#H3FGUs5
zZGjqKcnA3uoq1zH!Tn?Ietx@^d)1lt5+Yxugu<hpNgJ_G@h3#Zt}*T{JpytTPxZGD
zrc9aYN7_DI_{uZXB;gSRg1%Si(D%<-(!3kVTM3~OdjUI_Zp51#%Rj)yf@QZZ4ch}W
zM|8kGm@H3KhN~n4Ao8sq7!5G`j5Yu6eQU`zwenW}6vLY`lx_+fvo@6>WRG41e6bqV
zz<k|nGpH2ZNJNz>pDyUv%=3-|`i!S|%xa1ZgfQz#q|v&tQ{2kf=!gsRykj=E3+jy~
z?=eg+l3aXsCJvFMq_#(tq<+Asea~88kR=+;6Vd_$VBw;1JNtyZy4vXD16Fa+!Og<F
z^o9fkwcttb(HUt{puDpw@)vg^aerj?F#$ATSb=um;b_hvsdps)WSZnp<4wm5xSrNV
z<>LJJyA;7my7{KYn3F3_^uJ1G%yR^+01>eN_0$lmv(kDseQqUR(piO8*dc!rj=Lg7
z7k>~~xQK8<^PSN=7k}e=2thO%6R?w%t3EF~9@v3^K<LTeoQ6rso;?9f{~Z95R+dMV
zhS1~WFt0fLsi*cf*Ri<?Pffp%qJZf)M43cm2qS7gAsp}VtFllb6@N2-8cqD0GE+r)
z;K5Q>w#OAwV3JAsgS`t(R>(66!NLY+k<}eSY=HUelks&33{*Svo%@|qL8FGmK1_rv
zVJ(4JXqeLW#mQAgsaALH!$j4%j{Qf6z@;Tg%i*#siKdu#9jXz4I5~f##kxk$|7@DJ
zV$O4TMOd=d+=s3&Wv3xhbNEto{dF1T4R~2}Woc6zoRsHNc96PrD70azB0Wb?A)>U=
z`;C)fMCiMO?h8a-GYD-{wq~2gJ1iVG1hC%mvb+-1)Vm)lm%oD8hGB=B&14r_!kUj2
z(c($#qPNxE#}0NYd`!7`ka~|ale*OIk-1hFFMFQty(7U2Xwv#Lk~gpP5NGo?O*=6L
zTG*(9cOXi=|846TLO36UUaeN-=ew__X*-8{O|b~}NrIokR<Di}t5KzfaIKeWe4ac*
z7$Y#vWN6iE6H{u0qBZV0KfWv_m-4vS#_@~J+z&6`{Nf(n$qK_jgAI6=TL833*FjK2
zS3d7hH!vKzinKe76d^4e8ju%ys7kYH9V`3$SqvSY7!qf4k7Q5(iqTtB*Vn+XKkgw6
z44?LLLG>pO^Y593mv?Ek)K4UL?Ap~;ooH03H7Bu`19*Hg@5|44Zw=`A2OjTjyZOCX
z0zQ4k1%>PyO220wS>AOCZN6#IcNp7rRZO5kB0(7=y0>@#cf2X=o(lkrLHPda+qqz9
z@AA@gW^JWj=$#@s%z&&ug8TihBYZq?=I;3XMqlNui2ZWR3WBTZWbUfJ50=!;<|aT3
zAZf%`zZ%(@rx<CO{UoSlKem9k{x_qedHx&{+>jM;|Gbh0)n6O}`?9^C_;&IrRg5Rr
zjwQJuVB?+L??x0jIH-Mg0x;q_bK~p9_Uv2-q}?!XL3YOL4dsXvi#)EG7mG|Av~GC%
zQ8vj6Eq_nJYb2`b&1v&9;lC$r_49f;6Bi~eJVQEjz@x$^V%CRL5hlL~xPLydm|qwd
zbK?e2+{_$4F{#>^6IaVUxg4vbaRv<%0|7#6Ah^hNkQ4+Y{J#eN;Vr}nwnho;=}y@j
R+b=H&bPj=nms?)B`7cauN&Nr-

literal 0
HcmV?d00001

diff --git a/Authelia/Authelia/users_database.yml b/Authelia/users_database.yml
similarity index 100%
rename from Authelia/Authelia/users_database.yml
rename to Authelia/users_database.yml
diff --git a/Authentik/docker-compose-traefik.yml b/Authentik/docker-compose-traefik.yml
index 1756972b..3ac05dd0 100644
--- a/Authentik/docker-compose-traefik.yml
+++ b/Authentik/docker-compose-traefik.yml
@@ -30,6 +30,7 @@ services:
       POSTGRES_PASSWORD: 'P@ssword!Here!123456'
       POSTGRES_USER: authentik_user
       POSTGRES_DB: authentik_db
+      TZ: Europe/Paris
     env_file:
       - .env
 
@@ -50,6 +51,8 @@ services:
       timeout: 3s
     volumes:
       - ./redis:/data
+    environment:
+      - TZ=Europe/London
 
 ### authentik-server
   server: