diff options
| author | RATDAD <lambda@disroot.org> | 2026-03-14 19:09:51 -0400 |
|---|---|---|
| committer | RATDAD <lambda@disroot.org> | 2026-03-14 19:09:51 -0400 |
| commit | c4370a17dec7c1090c92efc195f6bd1188ba9bde (patch) | |
| tree | 9e421f1f16ea409865a371adb4902e604ec5f299 /stacks/iam/compose.yml | |
| parent | 2578d12ea47d10130472a845244e4aaac48897cb (diff) | |
| download | rd-cloud-dev.tar.gz rd-cloud-dev.tar.bz2 rd-cloud-dev.zip | |
refactor: alter the position of environment files and container routingdev
Diffstat (limited to 'stacks/iam/compose.yml')
| -rw-r--r-- | stacks/iam/compose.yml | 65 |
1 files changed, 29 insertions, 36 deletions
diff --git a/stacks/iam/compose.yml b/stacks/iam/compose.yml index 3e516ca..398302d 100644 --- a/stacks/iam/compose.yml +++ b/stacks/iam/compose.yml @@ -1,62 +1,55 @@ -name: ${STACK} - networks: - edge-net: + edge_net: name: ${EDGE_NET} external: true - db-net: + db_net: name: ${DB_NET} external: true cache-net: volumes: - config: - name: ${IAM_CONFIG_VOLUME} - external: true + name: ${IAM_DATA} + external: true secrets: - JWT_SECRET: - file: './srv/secrets/auth/JWT_SECRET' - SESSION_SECRET: - file: './srv/secrets/auth/SESSION_SECRET' - STORAGE_ENCRYPTION: - file: './srv/secrets/auth/STORAGE_ENCRYPTION' - OIDC_HMAC_SECRET: - file: './srv/secrets/auth/OIDC_HMAC_SECRET' - POSTGRES_PASSWORD: - file: './srv/secrets/auth/POSTGRES_PASSWORD' + JWT: + file: '${ROOT}/secrets/iam/JWT' + SESSION: + file: '${ROOT}/secrets/iam/SESSION' + STORAGE: + file: '${ROOT}/secrets/iam/STORAGE' + OIDC_HMAC: + file: '${ROOT}/secrets/iam/OIDC_HMAC' + DB: + file: '${ROOT}/secrets/iam/DB' services: - auth-test: - container_name: ${IAM_CONTAINER} + iam: image: authelia/authelia:latest restart: unless-stopped - secrets: ['JWT_SECRET', 'SESSION_SECRET', 'STORAGE_ENCRYPTION', 'OIDC_HMAC_SECRET', 'POSTGRES_PASSWORD'] + secrets: ['JWT', 'SESSION', 'STORAGE', 'OIDC_HMAC', 'POSTGRES'] environment: - AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT_SECRET' - AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION_SECRET' - AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE_ENCRYPTION' - AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: '/run/secrets/OIDC_HMAC_SECRET' - AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/POSTGRES_PASSWORD' + AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT' + AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION' + AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE' + AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: '/run/secrets/OIDC_HMAC' + AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/DB' X_AUTHELIA_CONFIG_FILTERS: 'template' env_file: - - .run.env # Runtime Vars - .env # Stack Vars user: "${UID}:${GID}" volumes: - - config:/config - - ${CONFIG_FILE}:/config/configuration.yml - - ${USERS_FILE}:/config/users.yml - - ${JWK_PRIV_KEY}:/config/jwks/oidc-jwk.pem - - ${JWK_PUBL_KEY}:/config/jwks/oidc-jwk-pub.pem + - ${CONFIG}/iam/configuration.yml:/config/configuration.yml + - ${CONFIG}/iam/users.yml:/config/users.yml + - ${SECRET}/iam/jwk/oidc-jwk.pem:/config/jwks/oidc-jwk.pem + - ${SECRET}/iam/jwk/oidc-jwk-pub.pem:/config/jwks/oidc-jwk-pub.pem networks: - - edge-net - - db-net - - cache-net + - edge_net + - db_net + - cache_net expose: - 9091 - auth-cache-test: - container_name: ${IAM_CACHE_CONTAINER} + iam-cache: image: redis:latest restart: unless-stopped env_file: |