ok

Authentication/Authelia/README.md

@@ -0,0 +1,32 @@
+![authelia](./img/logo-Authelia.png)
+
+# authelia
+
+Authelia est un serveur et un portail d'authentification et d'autorisation open source répondant au rôle de la sécurité de l'information (IAM) dans la fourniture d'une authentification multifactorielle et d'une connexion unique (SSO) pour vos applications via un portail web. Il agit comme un compagnon pour les proxys inverses communs.
+
+# Installation
+
+Pour utiliser Adminer tout seul
+```bash
+docker compose up -d
+```
+
+Pour utiliser Adminer avec Traefik
+```bash
+docker compose -f docker-compose-traefik.yml up -d
+```
+
+Pour utiliser Adminer avec Nginx
+```bash
+docker compose -f docker-compose-nginx.yml up -d
+```
+# Utilisation
+
+## Accueil
+![authelia-accueil](./img/authelia-000.png)
+
+# More info
+- more information on the website [Tips-Of-Mine](https://www.tips-of-mine.fr/)
+
+# Buy me a coffe
+<a href='https://ko-fi.com/R5R2KNI3N' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi4.png?v=3' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>

Authentication/Authelia/docker-compose-traefik.yml

@@ -0,0 +1,64 @@
+#### NETWORKS
+networks:
+  docker-traefik_front_network:
+    external: true
+  back_network:
+    driver: bridge
+    attachable: true
+    
+#### SERVICES
+services:
+
+### Authelia
+  authelia:
+    container_name: authelia-app
+    hostname: authelia-app
+    image: authelia/authelia
+    volumes:
+      - ./config:/config
+    networks:
+      - back_network
+      - docker-traefik_front_network
+    security_opt:
+      - no-new-privileges:true
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=docker-traefik_front_network"
+# HTTP
+      - "traefik.http.routers.authelia-http.rule=Host(`auth.10.0.4.29.traefik.me`)"
+      - "traefik.http.routers.authelia-http.entrypoints=http"
+# HTTPS
+      - "traefik.http.routers.authelia-https.rule=Host(`auth.10.0.4.29.traefik.me`)"
+      - "traefik.http.routers.authelia-https.entrypoints=https"
+      - "traefik.http.routers.authelia-https.tls=true"
+      - "traefik.http.routers.authelia.service=authelia-service"
+      - "traefik.http.routers.authelia-https.middlewares=authelia-addprefix"
+# Middleware
+      - "traefik.http.middlewares.guacamole-addprefix.addprefix.prefix=/guacamole"
+      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/verify?rd=https://auth.jimsgarage.co.uk'
+      - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.address=http://authelia:9091/api/verify?auth=basic'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+# Service
+      - "traefik.http.services.authelia-service.loadbalancer.server.port=9091"
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/Paris
+    healthcheck:
+      disable: true
+
+  redis:
+    container_name: authelia-redis
+    hostname: authelia-redis
+    image: redis:alpine
+    volumes:
+      - ./redis:/data
+    networks:
+      - back_network
+    expose:
+      - 6379
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/Paris

Authentication/Authelia/docker-compose.yml

@@ -0,0 +1,49 @@
+version: '3'
+
+services:
+  authelia:
+    image: authelia/authelia
+    container_name: authelia
+    volumes:
+      - /home/ubuntu/docker/authelia/config:/config
+    networks:
+      - proxy
+    security_opt:
+      - no-new-privileges:true
+    labels:
+      - 'traefik.enable=true'
+      - 'traefik.http.routers.authelia.rule=Host(`auth.jimsgarage.co.uk`)'
+      - 'traefik.http.routers.authelia.entrypoints=https'
+      - 'traefik.http.routers.authelia.tls=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://authelia:9091/api/verify?rd=https://auth.jimsgarage.co.uk'
+      - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.address=http://authelia:9091/api/verify?auth=basic'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia-basic.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      - 'traefik.http.services.authelia.loadbalancer.server.port=9091'
+    ports:
+      - 9091:9091
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/London
+    healthcheck:
+      disable: true
+
+  redis:
+    image: redis:alpine
+    container_name: redis
+    volumes:
+      - /home/ubuntu/docker/redis:/data
+    networks:
+      - proxy
+    expose:
+      - 6379
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/London
+
+
+networks:
+  proxy:
+    external: true

Authentication/Authelia/users_database.yml

@@ -0,0 +1,19 @@
+---
+###############################################################
+#                         Users Database                      #
+###############################################################
+
+# This file can be used if you do not have an LDAP set up.
+
+# List of users
+users:
+  authelia:
+    disabled: false
+    displayname: "Authelia User"
+    # Password is authelia
+    password: "$6$rounds=50000$BpLnfgDsc2WD8F2q$Zis.ixdg9s/UOJYrs56b5QEZFiZECu0qZVNsIYxBaNJ7ucIL.nlxVCT5tqh8KHG8X4tlwCFm5r6NTOZZ5qRFN/"  # yamllint disable-line rule:line-length
+    email: authelia@authelia.com
+    groups:
+      - admins
+      - dev
+...