update

Authelia/Nginx/docker-compose.yaml

@@ -1,31 +0,0 @@
-version: "3.9"
-services:
-  web:
-    image: nginx
-    container_name: nginx
-    volumes:
-     - /home/ubuntu/docker/nginx:/etc/nginx/templates
-    environment:
-     - NGINX_HOST=nginx.jimsgarage.co.uk
-     - NGINX_PORT=80
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.nginx.entrypoints=http"
-      - "traefik.http.routers.nginx.rule=Host(`nginx.jimsgarage.co.uk`)"
-      - "traefik.http.middlewares.nginx-https-redirect.redirectscheme.scheme=https"
-      - "traefik.http.routers.nginx.middlewares=nginx-https-redirect"
-      - "traefik.http.routers.nginx-secure.entrypoints=https"
-      - "traefik.http.routers.nginx-secure.rule=Host(`nginx.jimsgarage.co.uk`)"
-      - "traefik.http.routers.nginx-secure.tls=true"
-      - "traefik.http.routers.nginx-secure.service=nginx"
-      - "traefik.http.services.nginx.loadbalancer.server.port=80"
-      - "traefik.http.routers.nginx-secure.middlewares=authelia@docker"
-      - "traefik.docker.network=proxy"
-    networks:
-      proxy:
-    security_opt:
-      - no-new-privileges:true
-
-networks:
-  proxy:
-    external: true

Authelia/README.md

@@ -0,0 +1,26 @@
+![authelia](./img/logo-authelia.png)
+
+# authelia
+
+Authelia est un serveur et un portail d'authentification et d'autorisation open source répondant au rôle de la sécurité de l'information (IAM) dans la fourniture d'une authentification multifactorielle et d'une connexion unique (SSO) pour vos applications via un portail web. Il agit comme un compagnon pour les proxys inverses communs.
+
+# Installation
+
+Pour utiliser Adminer tout seul
+```bash
+docker compose up -d
+```
+
+Pour utiliser Adminer avec Traefik
+```bash
+docker compose -f docker-compose-traefik.yml up -d
+```
+
+Pour utiliser Adminer avec Nginx
+```bash
+docker compose -f docker-compose-nginx.yml up -d
+```
+# Utilisation
+
+## Accueil
+![authelia-accueil](./img/authelia-000.png)

Authelia/Traefik/docker-compose.yaml

@@ -1,46 +0,0 @@
-version: '3.5'
-
-services:
-  traefik:
-    image: traefik:latest
-    container_name: traefik
-    restart: unless-stopped
-    security_opt:
-      - no-new-privileges:true
-    networks:
-      proxy:
-    ports:
-      - 80:80
-      - 443:443
-    environment:
-      - CF_API_EMAIL=your@email.com
-      - CF_DNS_API_TOKEN=your-api-key
-      # - CF_API_KEY=YOU_API_KEY
-    volumes:
-      - /etc/localtime:/etc/localtime:ro
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /home/ubuntu/docker/traefik/traefik.yml:/traefik.yml:ro
-      - /home/ubuntu/docker/traefik/acme.json:/acme.json
-      - /home/ubuntu/docker/traefik/config.yml:/config.yml:ro
-      - /home/ubuntu/docker/traefik/logs:/var/log/traefik
-    labels:
-      - "traefik.enable=true"
-      - "traefik.http.routers.traefik.entrypoints=http"
-      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.yourdomain.co.uk`)"
-      - "traefik.http.middlewares.traefik-auth.basicauth.users=YOUR_USERNAME_PASSWORD"
-      - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
-      - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
-      - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
-      - "traefik.http.routers.traefik-secure.entrypoints=https"
-      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.yourdomain.co.uk`)"
-      - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
-      - "traefik.http.routers.traefik-secure.tls=true"
-      - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
-      - "traefik.http.routers.traefik-secure.tls.domains[0].main=yourdomain.co.uk"
-      - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.yourdomain.co.uk"
-      - "traefik.http.routers.traefik-secure.service=api@internal"
-      - "traefik.http.routers.api.middlewares=authelia@docker"
-
-networks:
-  proxy:
-    name: proxy

Authelia/docker-compose-traefik.yml

@@ -0,0 +1,56 @@
+#### NETWORKS
+networks:
+  docker-traefik_front_network:
+    external: true
+  back_network:
+    driver: bridge
+    attachable: true
+    
+#### SERVICES
+services:
+
+### Authelia
+  authelia:
+    container_name: authelia-app
+    hostname: authelia-app
+    image: authelia/authelia
+    volumes:
+      - /home/ubuntu/docker/authelia/config:/config
+    networks:
+      - back_network
+      - docker-traefik_front_network
+    security_opt:
+      - no-new-privileges:true
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.authelia.rule=Host(`auth.jimsgarage.co.uk`)'
+      - 'traefik.http.routers.authelia.entrypoints=https'
+      - 'traefik.http.routers.authelia.tls=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/verify?rd=https://auth.jimsgarage.co.uk'
+      - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.address=http://authelia:9091/api/verify?auth=basic'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.services.authelia.loadbalancer.server.port=9091'
+    ports:
+      - 9091:9091
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/Paris
+    healthcheck:
+      disable: true
+
+  redis:
+    container_name: authelia-redis
+    hostname: authelia-redis
+    image: redis:alpine
+    volumes:
+      - ./redis:/data
+    networks:
+      - back_network
+    expose:
+      - 6379
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/Paris

Authentik/docker-compose-traefik.yml

@@ -30,6 +30,7 @@ services:
       POSTGRES_PASSWORD: 'P@ssword!Here!123456'
       POSTGRES_USER: authentik_user
       POSTGRES_DB: authentik_db
+      TZ: Europe/Paris
     env_file:
       - .env
 
@@ -50,6 +51,8 @@ services:
       timeout: 3s
     volumes:
       - ./redis:/data
+    environment:
+      - TZ=Europe/London
 
 ### authentik-server
   server: