Configuration cleanup
This commit is contained in:
17
README.md
Normal file
17
README.md
Normal file
@@ -0,0 +1,17 @@
|
||||
# Server
|
||||
|
||||
Configuration for traefik 2 and authelia
|
||||
|
||||
|
||||
### Authelia preprocessor
|
||||
The authelia configuration contains some sensitive values, but authelia cannot read them from env variables like traefic can.
|
||||
Instead, a special service - `authelia-config` runs before authelia start, and preprocesses the configuration file.
|
||||
|
||||
- Local file `./authelia/configuration.yaml` is mapped to `/data/input` in `authelia-config`
|
||||
- Volume `authelia-config` is mapped to `/data/output` in `authelia-config`
|
||||
- `authelia-config` runs `gomplate` on `/data/input` and saves to `data/output/configuration.yaml`
|
||||
- `Volume `authelia-config` is mapped to `/etc/authelia` in `authelia`, where it reads its configuration
|
||||
|
||||
## Lessons learned
|
||||
|
||||
- Authelia will ONLY work with https. Both the authelia url itself and the one being authenticated must be https.
|
||||
Reference in New Issue
Block a user