Authelia
[SSO] Open-source authentication and authorization
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal.
🏠 Home: https://www.authelia.com/
Introduction:
name: authelia
services:
initContainer:
image: dibi/envsubst:latest # TODO release date: 2020!
environment:
MYDOMAIN: ${MYDOMAIN}
ADMIN_USER: ${ADMIN_USER}
ADMIN_EMAIL: ${ADMIN_EMAIL}
ADMIN_DISPLAYNAME: ${ADMIN_DISPLAYNAME}
AUTHELIA_ADMIN_PASSWORD: ${AUTHELIA_ADMIN_PASSWORD}
container_name: authelia-init
volumes:
- ./authelia:/workdir
- ${DOCKER_VOLUMES}/authelia/config:/processed
network_mode: none
authelia:
container_name: authelia
image: authelia/authelia:4.38
restart: unless-stopped
environment:
TZ: ${TIMEZONE}
# TODO More secure approach is to use file secrets
# https://www.authelia.com/configuration/methods/secrets/
# https://www.authelia.com/integration/deployment/docker/
AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET: ${AUTHELIA_JWT_SECRET}
AUTHELIA_SESSION_SECRET: ${AUTHELIA_SESSION_SECRET}
AUTHELIA_STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
healthcheck:
disable: true
volumes:
- ${DOCKER_VOLUMES}/authelia/config:/config
- ${DOCKER_VOLUMES}/authelia/data:/data
expose:
- 9091
networks:
- proxy
depends_on:
initContainer:
condition: service_completed_successfully
labels:
traefik.enable: true
traefik.http.routers.authelia.entrypoints: websecure
traefik.http.routers.authelia.rule: Host(`auth.${MYDOMAIN}`)
traefik.http.routers.authelia.middlewares: https-local@file
traefik.http.services.authelia.loadbalancer.server.port: 9091
homepage.group: Security
homepage.name: Authelia
homepage.icon: authelia.png
homepage.href: https://auth.${MYDOMAIN}/
homepage.description: "[SSO] Open-source authentication and authorization"
networks:
proxy:
external: true