blob: 398302de6ab5809218a7bd86ebfe183168cf756e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
networks:
edge_net:
name: ${EDGE_NET}
external: true
db_net:
name: ${DB_NET}
external: true
cache-net:
volumes:
name: ${IAM_DATA}
external: true
secrets:
JWT:
file: '${ROOT}/secrets/iam/JWT'
SESSION:
file: '${ROOT}/secrets/iam/SESSION'
STORAGE:
file: '${ROOT}/secrets/iam/STORAGE'
OIDC_HMAC:
file: '${ROOT}/secrets/iam/OIDC_HMAC'
DB:
file: '${ROOT}/secrets/iam/DB'
services:
iam:
image: authelia/authelia:latest
restart: unless-stopped
secrets: ['JWT', 'SESSION', 'STORAGE', 'OIDC_HMAC', 'POSTGRES']
environment:
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE: '/run/secrets/JWT'
AUTHELIA_SESSION_SECRET_FILE: '/run/secrets/SESSION'
AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE: '/run/secrets/STORAGE'
AUTHELIA_IDENTITY_PROVIDERS_OIDC_HMAC_SECRET_FILE: '/run/secrets/OIDC_HMAC'
AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE: '/run/secrets/DB'
X_AUTHELIA_CONFIG_FILTERS: 'template'
env_file:
- .env # Stack Vars
user: "${UID}:${GID}"
volumes:
- ${CONFIG}/iam/configuration.yml:/config/configuration.yml
- ${CONFIG}/iam/users.yml:/config/users.yml
- ${SECRET}/iam/jwk/oidc-jwk.pem:/config/jwks/oidc-jwk.pem
- ${SECRET}/iam/jwk/oidc-jwk-pub.pem:/config/jwks/oidc-jwk-pub.pem
networks:
- edge_net
- db_net
- cache_net
expose:
- 9091
iam-cache:
image: redis:latest
restart: unless-stopped
env_file:
- .env
networks:
- cache-net
expose:
- 6379
|
