1 files changed, 38 insertions, 25 deletions

diff --git a/stacks/iam/compose.yml b/stacks/iam/compose.yml
index af25bb9..3e516ca 100644
--- a/stacks/iam/compose.yml
+++ b/stacks/iam/compose.yml
@@ -1,54 +1,67 @@
-name: ${_STACK_0}
+name: ${STACK}
 
 networks:
-  net_0:
-    name: ${_NET_0}
+  edge-net:
+    name: ${EDGE_NET}
     external: true
-  net_1:
-    name: ${_NET_1}
+  db-net:
+    name: ${DB_NET}
+    external: true
+  cache-net:
 
 volumes:
-  volume_0:
-    name: ${_VOLUME_0}
+  config:
+    name: ${IAM_CONFIG_VOLUME}
     external: true
 
 secrets:
   JWT_SECRET:
-    file: '/srv/secrets/auth/JWT_SECRET'
+    file: './srv/secrets/auth/JWT_SECRET'
   SESSION_SECRET:
-    file: '/srv/secrets/auth/SESSION_SECRET'
+    file: './srv/secrets/auth/SESSION_SECRET'
   STORAGE_ENCRYPTION:
-    file: '/srv/secrets/auth/STORAGE_ENCRYPTION'
+    file: './srv/secrets/auth/STORAGE_ENCRYPTION'
   OIDC_HMAC_SECRET:
-    file: '/srv/secrets/auth/OIDC_HMAC_SECRET'
+    file: './srv/secrets/auth/OIDC_HMAC_SECRET'
+  POSTGRES_PASSWORD:
+    file: './srv/secrets/auth/POSTGRES_PASSWORD'
 
 services:
-  auth:
-    container_name: ${_CONTAINER_0}
+  auth-test:
+    container_name: ${IAM_CONTAINER}
     image: authelia/authelia:latest
     restart: unless-stopped
-    secrets: ['JWT_SECRET', 'SESSION_SECRET', 'STORAGE_ENCRYPTION', 'OIDC_HMAC_SECRET']
+    secrets: ['JWT_SECRET', 'SESSION_SECRET', 'STORAGE_ENCRYPTION', 'OIDC_HMAC_SECRET', 'POSTGRES_PASSWORD']
+    environment:
+      AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT_SECRET'
+      AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION_SECRET'
+      AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE_ENCRYPTION'
+      AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: '/run/secrets/OIDC_HMAC_SECRET'
+      AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/POSTGRES_PASSWORD'
+      X_AUTHELIA_CONFIG_FILTERS: 'template'
     env_file:
-      - .auth.env # Runtime Vars
+      - .run.env # Runtime Vars
       - .env # Stack Vars
+    user: "${UID}:${GID}"
     volumes:
-      - volume_0:/config/db
-      - /srv/secrets/auth/configuration.yml:/config/configuration.yml
-      - /srv/secrets/auth/users.yml:/config/users.yml
-      - /srv/secrets/auth/jwks/oidc-jwk.pem:/config/jwks/oidc-jwk.pem
-      - /srv/secrets/auth/jwks/oidc-jwk-pub.pem:/config/jwks/oidc-jwk-pub.pem
+      - config:/config
+      - ${CONFIG_FILE}:/config/configuration.yml
+      - ${USERS_FILE}:/config/users.yml
+      - ${JWK_PRIV_KEY}:/config/jwks/oidc-jwk.pem
+      - ${JWK_PUBL_KEY}:/config/jwks/oidc-jwk-pub.pem
     networks:
-      - net_0
-      - net_1
+      - edge-net
+      - db-net
+      - cache-net
     expose:
       - 9091
-  auth-cache:
-    container_name: ${_CONTAINER_1}
+  auth-cache-test:
+    container_name: ${IAM_CACHE_CONTAINER}
     image: redis:latest
     restart: unless-stopped
     env_file:
       - .env
     networks:
-      - net_1
+      - cache-net
     expose:
       - 6379