Yay SSO
This commit is contained in:
parent
067b0e3cef
commit
1bf3249d49
|
|
@ -101,7 +101,7 @@ ancestry.woozle.org {
|
||||||
|
|
||||||
handle_path /sucker/* {
|
handle_path /sucker/* {
|
||||||
import restricted-access
|
import restricted-access
|
||||||
reverse_proxy sucker:8080
|
reverse_proxy 192.168.86.2:5801
|
||||||
}
|
}
|
||||||
|
|
||||||
handle_path /octoprint/* {
|
handle_path /octoprint/* {
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
* Single Sign-On
|
* Single Sign-On
|
||||||
* [x] Replace simpleauth with somebody else's project
|
* [x] Replace simpleauth with somebody else's project
|
||||||
* [ ] Set up Forgejo OIDC to Authelia (there's a guide on Authelia's site)
|
* [x] Set up Forgejo OIDC to Authelia (there's a guide on Authelia's site)
|
||||||
* [x] Persist "remember me" across reboots
|
* [x] Persist "remember me" across reboots
|
||||||
* LDAP restrictions
|
* LDAP restrictions
|
||||||
* [x] People can only r/w their own storage
|
* [x] People can only r/w their own storage
|
||||||
* [x] Public storage
|
* [x] Public storage
|
||||||
* [x] Per-Group storage
|
* [x] Per-Group storage
|
||||||
* [ ] Media-Sucker secure setup (bind to 0.0.0.0 opens to internet)
|
* [x] Media-Sucker secure setup (bind to 0.0.0.0 opens to internet)
|
||||||
|
|
|
||||||
|
|
@ -52,9 +52,14 @@ services:
|
||||||
- session.secret
|
- session.secret
|
||||||
- storage.secret
|
- storage.secret
|
||||||
- users.yaml
|
- users.yaml
|
||||||
|
- authelia.oidc.yaml
|
||||||
configs:
|
configs:
|
||||||
- source: authelia.yaml
|
- source: authelia.yaml
|
||||||
target: /config/configuration.yml
|
target: /authelia.yaml
|
||||||
|
command:
|
||||||
|
- authelia
|
||||||
|
- --config=/authelia.yaml
|
||||||
|
- --config=/run/secrets/authelia.oidc.yaml
|
||||||
volumes:
|
volumes:
|
||||||
- type: bind
|
- type: bind
|
||||||
source: /srv/sys/authelia
|
source: /srv/sys/authelia
|
||||||
|
|
@ -302,7 +307,7 @@ configs:
|
||||||
name: Corefile-v4
|
name: Corefile-v4
|
||||||
Caddyfile:
|
Caddyfile:
|
||||||
file: Caddyfile
|
file: Caddyfile
|
||||||
name: Caddyfile-v101
|
name: Caddyfile-v103
|
||||||
index.html:
|
index.html:
|
||||||
file: www/index.html
|
file: www/index.html
|
||||||
name: index.html-v36
|
name: index.html-v36
|
||||||
|
|
@ -320,7 +325,7 @@ configs:
|
||||||
name: deergrove.png-v1
|
name: deergrove.png-v1
|
||||||
authelia.yaml:
|
authelia.yaml:
|
||||||
file: authelia.yaml
|
file: authelia.yaml
|
||||||
name: authelia.yaml-v16
|
name: authelia.yaml-v18
|
||||||
|
|
||||||
secrets:
|
secrets:
|
||||||
passwd:
|
passwd:
|
||||||
|
|
@ -337,7 +342,7 @@ secrets:
|
||||||
name: known_hosts-v1
|
name: known_hosts-v1
|
||||||
forgejo.ini:
|
forgejo.ini:
|
||||||
file: secrets/forgejo.ini
|
file: secrets/forgejo.ini
|
||||||
name: forgejo.ini-v1
|
name: forgejo.ini-v4
|
||||||
jwt.secret:
|
jwt.secret:
|
||||||
file: secrets/jwt.secret
|
file: secrets/jwt.secret
|
||||||
name: jwt.secret-v1
|
name: jwt.secret-v1
|
||||||
|
|
@ -350,6 +355,9 @@ secrets:
|
||||||
users.yaml:
|
users.yaml:
|
||||||
file: secrets/users.yaml
|
file: secrets/users.yaml
|
||||||
name: users.yaml-v6
|
name: users.yaml-v6
|
||||||
|
authelia.oidc.yaml:
|
||||||
|
file: secrets/authelia.oidc.yaml
|
||||||
|
name: authelia.oidc.yaml-v2
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
hostnet:
|
hostnet:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue