1 files changed, 54 insertions, 0 deletions

diff --git a/stacks/iam/compose.yml b/stacks/iam/compose.yml
new file mode 100644
index 0000000..af25bb9
--- /dev/null
+++ b/stacks/iam/compose.yml
@@ -0,0 +1,54 @@
+name: ${_STACK_0}
+
+networks:
+  net_0:
+    name: ${_NET_0}
+    external: true
+  net_1:
+    name: ${_NET_1}
+
+volumes:
+  volume_0:
+    name: ${_VOLUME_0}
+    external: true
+
+secrets:
+  JWT_SECRET:
+    file: '/srv/secrets/auth/JWT_SECRET'
+  SESSION_SECRET:
+    file: '/srv/secrets/auth/SESSION_SECRET'
+  STORAGE_ENCRYPTION:
+    file: '/srv/secrets/auth/STORAGE_ENCRYPTION'
+  OIDC_HMAC_SECRET:
+    file: '/srv/secrets/auth/OIDC_HMAC_SECRET'
+
+services:
+  auth:
+    container_name: ${_CONTAINER_0}
+    image: authelia/authelia:latest
+    restart: unless-stopped
+    secrets: ['JWT_SECRET', 'SESSION_SECRET', 'STORAGE_ENCRYPTION', 'OIDC_HMAC_SECRET']
+    env_file:
+      - .auth.env # Runtime Vars
+      - .env # Stack Vars
+    volumes:
+      - volume_0:/config/db
+      - /srv/secrets/auth/configuration.yml:/config/configuration.yml
+      - /srv/secrets/auth/users.yml:/config/users.yml
+      - /srv/secrets/auth/jwks/oidc-jwk.pem:/config/jwks/oidc-jwk.pem
+      - /srv/secrets/auth/jwks/oidc-jwk-pub.pem:/config/jwks/oidc-jwk-pub.pem
+    networks:
+      - net_0
+      - net_1
+    expose:
+      - 9091
+  auth-cache:
+    container_name: ${_CONTAINER_1}
+    image: redis:latest
+    restart: unless-stopped
+    env_file:
+      - .env
+    networks:
+      - net_1
+    expose:
+      - 6379