![]() ![]() Let's break it down and look at some of the important lines and their meaning: path: "authelia" Jwt_secret: somethingsomethingrandomsecretĮncryption_key: somethingsomethingreallylongandsecret Inside the host folder /home/user/authelia, we will place the following Authelia config files, configuration.yml and users_database.yml: configuration.yml server: A simple mkdir -p /home/user/authelia/logs with our linux user (in this case uid 1000) should suffice, and both the config folder and the logs folder will be created. Let's first create the Authelia folders with our user because Authelia does not do chown on its config folder like linuxserver containers do, and we are running it with user: "1000:1000". On the host, that folder is mapped to /home/user/authelia. However, Authelia allows various other methods like LDAP, TOTP, etc.Īs of Authelia v4.20.0, the default location for all Authelia config is /config inside the container, so we will refer to that location in the config files. We will go ahead and set up 2 factor authentication utilizing Duo Mobile as the push provider and for brevity, we will use a yaml file to contain the first factor user/pass info. Setting up Authelia with a users file and 2 factor auth via Duo Mobile If you're using docker cli or a gui application to create the containers, you will have to manually create a user defined bridge network and attach both containers to that network. See our previous blog article for more info on this. Since docker-compose automatically creates a user defined bridge network and puts all containers into that network by default, our containers will be able to reach each other using their container names as DNS hostnames. This yaml will create two containers, one for SWAG and one for Authelia. If you wish to use a newer version, please refer to their configuration migration guide and release info and adjust your config as appropriate. Note that the following assumes you are using Authelia 4.34.6. Keep in mind your local mount paths will be different so adjust accordingly. Following is the compose yaml used to create the SWAG and Authelia containers referenced in this article. This article assumes that you already have a functional SWAG setup. This article will detail how SSO via Authelia can be easily set up using SWAG's preset Authelia confs. Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. SWAG - Secure Web Application Gateway (formerly known as letsencrypt) is a full fledged web server and reverse proxy with Nginx, Php7, Certbot (Let's Encrypt™ client) and Fail2ban built in. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |