openssl rand -base64 64 | sudo tee session_secret >/dev/null
openssl rand -base64 64 | sudo tee encryption_key > /dev/null
openssl rand -base64 64 | sudo tee jwt_secert > /dev/null
openssl rand -base64 32 | sudo tee postgres_passwd > /dev/null用上面的命令生成secert和password文件
services:
authelia:
container_name: authelia
image: authelia/authelia:latest
restart: unless-stopped
hostname: authelia
networks:
- default
ports:
- 9091:9091
volumes:
- $PWD/config:/config
- $PWD/secrets:/secrets
environment:
- AUTHELIA_SESSION_SECRET=/secrets/session_secret
- AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE=/secrets/ldap_passwd
- AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE=/secrets/postgres_passwd
- AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE=/secrets/encryption_key
- AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET_FILE=/secrets/jwt_secret
postgres:
container_name: authelia_db
image: postgres:15
restart: unless-stopped
hostname: authelia_pgdb
volumes:
- pgdb_vol:/var/lib/postgresql/data
- $PWD/secrets/postgres_passwd:/secrets/postgres_passwd:ro
networks:
- default
environment:
- POSTGRES_DB=authelia
- POSTGRES_USER=authelia
- POSTGRES_PASSWORD_FILE=/secrets/postgres_passwd
networks:
default:
name: caddy_default
external: true
volumes:
pgdb_vol:
name: authelia_pgdata
configuration.yaml模板:https://github.com/authelia/authelia/blob/v4.37.5/config.template.yml