116 lines
3.3 KiB
YAML
116 lines
3.3 KiB
YAML
services:
|
|
authelia:
|
|
image: authelia/authelia
|
|
container_name: authelia
|
|
volumes:
|
|
- ./authelia:/config
|
|
networks:
|
|
- default
|
|
labels:
|
|
traefik.enable: true
|
|
traefik.http.routers.authelia.rule: Host(`auth.domain.tld`)
|
|
traefik.http.routers.authelia.entrypoints: https
|
|
traefik.http.routers.authelia.tls: true
|
|
#traefik.http.routers.authelia.middlewares: security@file
|
|
traefik.http.services.authelia.loadbalancer.server.port: 9091
|
|
expose:
|
|
- 9091
|
|
depends_on:
|
|
- openldap
|
|
- postgres
|
|
- redis
|
|
restart: always
|
|
environment:
|
|
- TZ=Europe/Lisbon
|
|
|
|
redis:
|
|
image: redis:alpine
|
|
container_name: redis
|
|
volumes:
|
|
- ./redis:/data
|
|
networks:
|
|
- default
|
|
expose:
|
|
- 6379
|
|
restart: always
|
|
environment:
|
|
- TZ=Europe/Lisbon
|
|
|
|
postgres:
|
|
image: postgres
|
|
container_name: auth_postgres
|
|
restart: always
|
|
environment:
|
|
- POSTGRES_USER=authelia
|
|
- POSTGRES_PASSWORD=authelia
|
|
- POSTGRES_DB=authelia
|
|
networks:
|
|
- default
|
|
volumes:
|
|
- ./postgres:/var/lib/postgresql/data
|
|
|
|
openldap:
|
|
image: osixia/openldap:latest
|
|
container_name: openldap
|
|
volumes:
|
|
- ./ldap/db:/var/lib/ldap
|
|
- ./ldap/conf:/etc/ldap/slapd.d
|
|
networks:
|
|
- default
|
|
expose:
|
|
- 389
|
|
- 636
|
|
restart: always
|
|
environment:
|
|
TZ: "Europe/Lisbon"
|
|
LDAP_ORGANISATION: "" # Org name
|
|
LDAP_DOMAIN: "" # domain.tld
|
|
LDAP_BASE_DN: "dc=domain,dc=tld" # edit domain tld
|
|
LDAP_ADMIN_PASSWORD: "" # password for admin@domain.tld
|
|
LDAP_CONFIG_PASSWORD: "" # password for config (not sure what this does)
|
|
LDAP_READONLY_USER: "false"
|
|
LDAP_READONLY_USER_USERNAME: "readonly"
|
|
LDAP_READONLY_USER_PASSWORD: "readonly"
|
|
LDAP_RFC2307BIS_SCHEMA: "true"
|
|
LDAP_BACKEND: "mdb"
|
|
LDAP_REPLICATION: "false"
|
|
KEEP_EXISTING_CONFIG: "false"
|
|
LDAP_REMOVE_CONFIG_AFTER_SETUP: "true"
|
|
|
|
ldap-user-manager:
|
|
image: wheelybird/ldap-user-manager:v1.4
|
|
container_name: ldap-user-manager
|
|
networks:
|
|
- default
|
|
expose:
|
|
- 80
|
|
- 443
|
|
restart: always
|
|
depends_on:
|
|
- openldap
|
|
environment:
|
|
TZ: "Europe/Lisbon"
|
|
SERVER_HOSTNAME: "ldap.domain.tld" # url for webui
|
|
ORGANISATION_NAME: "" # Org name
|
|
LDAP_URI: "ldap://openldap"
|
|
LDAP_BASE_DN: "dc=domain,dc=tld" # edit domain tld same as above
|
|
LDAP_REQUIRE_STARTTLS: "FALSE"
|
|
LDAP_ADMINS_GROUP: "admins" # admin group
|
|
LDAP_ADMIN_BIND_DN: "cn=admin,dc=domain,dc=tld" # edit domain tld
|
|
LDAP_ADMIN_BIND_PWD: "" # admin password set above
|
|
LDAP_USES_NIS_SCHEMA: "false"
|
|
EMAIL_DOMAIN: "gmail.com" # email @this.part.here
|
|
NO_HTTPS: "true"
|
|
SMTP_HOSTNAME: "" # email SMTP
|
|
SMTP_HOST_PORT: 465
|
|
SMTP_USERNAME: "" # email username (usually your email)
|
|
SMTP_PASSWORD: "" #email password
|
|
SMTP_USE_TLS: "true"
|
|
EMAIL_FROM_ADDRESS: "" # your email address
|
|
labels:
|
|
traefik.enable: true
|
|
traefik.http.routers.ldap-user-manager.rule: Host(`ldap.domain.tld`)
|
|
traefik.http.routers.ldap-user-manager.entrypoints: https
|
|
traefik.http.routers.ldap-user-manager.tls: true
|
|
#traefik.http.routers.ldap-user-manager.middlewares: security@file
|
|
traefik.http.services.ldap-user-manager.loadbalancer.server.port: 80 |