62 lines
1.6 KiB
HCL
62 lines
1.6 KiB
HCL
module "authelia" {
|
|
source = "./service"
|
|
|
|
name = "authelia"
|
|
image = "authelia/authelia:latest"
|
|
ingress = true
|
|
service_port = 9091
|
|
ports = [
|
|
{
|
|
name = "metrics"
|
|
}
|
|
]
|
|
metrics_port_name = "metrics"
|
|
|
|
templates = [
|
|
{
|
|
data = file("${path.module}/authelia.yml")
|
|
dest_prefix = "local/"
|
|
dest = "/config/configuration.yml"
|
|
},
|
|
]
|
|
|
|
service_tags = [
|
|
"traefik.http.routers.authelia-internal.entryPoints=auth",
|
|
"traefik.http.routers.authelia-internal.rule=Path(`/api/verify`)",
|
|
"traefik.http.middlewares.authelia.forwardAuth.address=http://localhost:8999/api/verify?rd=https%3A%2F%2Fauthelia.thefij.rocks%2F",
|
|
"traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true",
|
|
"traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email",
|
|
"traefik.http.middlewares.authelia-basic.forwardAuth.address=http://localhost:8999/api/verify?auth=basic",
|
|
"traefik.http.middlewares.authelia-basic.forwardAuth.trustForwardHeader=true",
|
|
"traefik.http.middlewares.authelia-basic.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email",
|
|
]
|
|
|
|
use_vault = true
|
|
use_ldap = true
|
|
use_redis = true
|
|
use_mysql = true
|
|
|
|
mysql_bootstrap = {
|
|
vault_key = "kv/data/authelia"
|
|
}
|
|
}
|
|
|
|
# locals {
|
|
# authelia_config = templatefile(
|
|
# "${path.module}/authelia.yml",
|
|
# {
|
|
# }
|
|
# )
|
|
# }
|
|
|
|
# resource "nomad_job" "authelia" {
|
|
# hcl2 {
|
|
# enabled = true
|
|
# vars = {
|
|
# config_data = "${local.authelia_config}",
|
|
# }
|
|
# }
|
|
#
|
|
# jobspec = file("${path.module}/authelia.nomad")
|
|
# }
|