local-containers
/
auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

archive

master
bel 2021-09-14 06:32:49 -06:00
commit 734c1e025a
10 changed files with 297 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
authelia/.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
/authelia
/authelia.tar
**/*.sw*

13
authelia/Dockerfile Normal file
View File

@ -0,0 +1,13 @@
FROM golang:1.16.2 as builder
WORKDIR /go/src/github.com/authelia/authelia
COPY ./authelia/ ./
RUN cd cmd/authelia && go build -o /authelia -a -installsuffix cgo -ldflags "-s -w" && /authelia -h
FROM frolvlad/alpine-glibc:glibc-2.29
WORKDIR /opt
COPY --from=builder /authelia ./
RUN ls && ./authelia -h && du -sh ./authelia
CMD ["./authelia"]
ENTRYPOINT []

30
authelia/autheliaserver.crt Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN CERTIFICATE-----
MIIFHDCCAwSgAwIBAgIJAPYvXJ4jh54bMA0GCSqGSIb3DQEBCwUAMDwxCzAJBgNV
BAYTAlVTMQswCQYDVQQIDAJVVDEOMAwGA1UECgwFYnJlZWwxEDAOBgNVBAMMB2Jl
bC5sYW4wHhcNMjEwMzIxMDU1MTEwWhcNNDEwMzE2MDU1MTEwWjA8MQswCQYDVQQG
EwJVUzELMAkGA1UECAwCVVQxDjAMBgNVBAoMBWJyZWVsMRAwDgYDVQQDDAdiZWwu
bGFuMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzdEjyzdYedzUcYy4
/325S2HaLDa2XKjmmHR0X1zPCdsXC33U7GqNiUTdyzl9FRojUYZ7xrMtGKTnzRUk
Jh6e59Ei0mhn75zxsRzCz6y3JJ5sYfQUMYjr9KnWY5r5x00Rb+FcpMzybWhwR4Wk
4GRCoukU+bn0Lv3efTUPVjUjjCjMpbvD1x/8cLjZ/nBdWWNbI+t+j3jHxA2Z1vOw
ZKCpJjbiQREimFpobzvGUatBPDp0i95pXIMRHTGfH5ykJjJe9zawZJYTsI4pXfOA
0Gt8DhPltXR4jON1M8E+BvjCmgvvQX+x/GH8lVP9aJ5PnFbFLfZKEnvt6RKwsEun
kcD6T1YmTP73lHWk4NLIniP90z65WVtW3MU91oXJbGM0gbuSqVT9TtVwXYyIqlAu
9cr/GPZYrS8vKlIkjU0IW4d33B/0eRcYfzawtf0TsxluwqtBu6gwn8cpuLDONvYW
K8ALBgG3kcjKa5hZ4Zxgj78Sl3lXhtuFLlYzl80tegDhHo55UU+abBW6VZU4+j+n
GcdMKIoiSvJ9N6F+GaKtYSSDLwv//zcd2DsqeBUgIQsDIhD3Ve9C/m4zKAcWGeeq
CxBh3AsJ1j9vY17IMp0xk5AFumL8wFhptVpUshLWhwNez2vFNHKWUJSPHefmEGiU
W/A+BcfqyuaOHiCeQZS+Wi7//QECAwEAAaMhMB8wHQYDVR0RBBYwFIIHYmVsLmxh
boIJKi5iZWwubGFuMA0GCSqGSIb3DQEBCwUAA4ICAQC4kJrJ8J1XnEYlS9xi8xC8
qgEL1iiXv9hc7lP8rwo6OstXZPN5+0dxhdXho2dWjgd1MGfsMi/NOcQ8J6kp99YZ
8ASpcTK9uAxfy5al34tmWJnrBiOfh+CATdlzBMvnirVAyvi9Zpb9otLNmXUOsmjL
IHlrxck4EZhLEVEk6Cjvt1hh/2nWZ5M2Oa/dcuXU6WHFALXRuQzEd7m71W0ekoA7
f+jqADMX2PCCyRtRXu7ex3NvgbK2pfvOZK2hPvNmDNsCgoMZAZnPizJfss2nELv1
gRMJq2R6mn+E2nQQofUbkE83IUiG/qnQq1ATn+I/h/36E7J+LpuJmTrO+gEtUrTW
rL7Ja7TA1o5vzn/lsgA1aWfG6PUKu5Ux5KPeAdER1p+09YSVxJpGMsNWnFkj+s1M
Yb62Igm7D9e8e0Ehmh+sQiPT1VUSSaADpQcBc4NJt7HGsaTLcGqGcg5v6FInb0bm
UwEGUsmX3EKzHIboc3KernVuvkPS1r5JeHWTFx6HCOMeUXiBiQbWCIdOxrxAEUN2
/cmHfs1kQ7LtKoS/EqkUpx94X5rRvnt0LhNa6iGz2pMxCC6ctayxOeJjOuXMMgqM
I/L8Ioku4mng+yTA06lS7sfIY1CG+EO3b8UGVMFrQm0SvYU/UaWBH55cNF6QvIg2
/gEEz+x4DRV6Sb7a9hMOhA==
-----END CERTIFICATE-----

51
authelia/autheliaserver.key Normal file
View File

@ -0,0 +1,51 @@
-----BEGIN RSA PRIVATE KEY-----
MIIJKQIBAAKCAgEAzdEjyzdYedzUcYy4/325S2HaLDa2XKjmmHR0X1zPCdsXC33U
7GqNiUTdyzl9FRojUYZ7xrMtGKTnzRUkJh6e59Ei0mhn75zxsRzCz6y3JJ5sYfQU
MYjr9KnWY5r5x00Rb+FcpMzybWhwR4Wk4GRCoukU+bn0Lv3efTUPVjUjjCjMpbvD
1x/8cLjZ/nBdWWNbI+t+j3jHxA2Z1vOwZKCpJjbiQREimFpobzvGUatBPDp0i95p
XIMRHTGfH5ykJjJe9zawZJYTsI4pXfOA0Gt8DhPltXR4jON1M8E+BvjCmgvvQX+x
/GH8lVP9aJ5PnFbFLfZKEnvt6RKwsEunkcD6T1YmTP73lHWk4NLIniP90z65WVtW
3MU91oXJbGM0gbuSqVT9TtVwXYyIqlAu9cr/GPZYrS8vKlIkjU0IW4d33B/0eRcY
fzawtf0TsxluwqtBu6gwn8cpuLDONvYWK8ALBgG3kcjKa5hZ4Zxgj78Sl3lXhtuF
LlYzl80tegDhHo55UU+abBW6VZU4+j+nGcdMKIoiSvJ9N6F+GaKtYSSDLwv//zcd
2DsqeBUgIQsDIhD3Ve9C/m4zKAcWGeeqCxBh3AsJ1j9vY17IMp0xk5AFumL8wFhp
tVpUshLWhwNez2vFNHKWUJSPHefmEGiUW/A+BcfqyuaOHiCeQZS+Wi7//QECAwEA
AQKCAgEAiqoPDYj6SRAo6V+//BI+VrVUgllSP9djlO9QwDcNHjzHp+xdGfMn7IXD
UHoo9aCojvKmTdbF2UaxDZDiy/PxZ4mVhmDlNaBtjcAs2DIrKba6mrwRJtZy8mHC
mVT+V/JqfxA8lKOn6WJl0yoNTUj/RDb49M793vMXhQ/Mh25BxtpuFnMMnNFmCKPh
6vTVT7YK34Z3vD3JiSMItLN18jX0AFUV1nSu9CplFhwVn0xcJTHU968fGT8MtriJ
1oh4Z2ukY7Yq3XnnRhphcHTwIntoFyv8pWYVGgbdHcNiANx0b8j+pwhbaAi0Xf86
SdPvGwuyySaX/SAVx+PZus0d1qtHeBptTD9y8JlgveMWS9v1jgggCAOBMx7svatq
5fvvIYD2WAYRKhC5Jc5q1OZzAi0TIBBzeyzy+UIu4rFRIsGvJ3TuXdbRBZiLm9JK
g9/cxVVaRsUTHvSyWxM8q+fmQ+DGdxNqF+eeuqQZgMXrj3yqKVgbtybmMOrQ1ND/
J621uT0JxxYsvBJC3ACs0dFHPYA9et2qY2ESOCIjh/prvPJzHpQGThlmkKNr/kQB
1jdJVQYui07QnSXHVRAHyf8TY9S6oQa/4mebmXXE4Eg9Jtq/G0RnOyT1TMpHz3vl
dDn75Wi2RcgcLuI03WbAvQPyerlnB0MwGNAX1YlJgNnPNu1bPekCggEBAPLirga7
0yW8/Tm0VuDA1pRf2M2blTcUktEIYdn1l63mpgQZjgDVj6o46Z8vlouPUONaM137
0FlXBDB309p52jAnPQrWrFyF8LeFYhgEtp/7NziDnABHuYRN/Y9gXtQsVNaK99G/
g/wAlJQm5oclh9cUWKVOocQ00YtVwwquoQv6+3SW7qkiWO2IyvSOyoUyXCIh19bQ
BUAJphaP5QrhYd0dwMxWqsHrf/OVBsE9htleq8rUpBlezMR9ea/GGE8svKdyNPSO
waSK3KUZhO6Wia3Q6gjDeGS7jliy6FUV8Tx9ZTTNcf99OFotfbR23PjwalvB/67r
2mDliTMEFU8flV8CggEBANjuEzOP58j7LVYltoLVN2Zf8tglb2u+55CqKokfkvrs
JLuNZhIr11ZM53LbNnn/10RiEvu7qJuVZTW6eLNqsySWMk/p2w2Ndct5PvXWgcxn
yO+uqULkXRcklncyx/PMpl+pWk5MEk008W3HdSbws7xYxrFUSxg9sf0gT9vPBxzH
8dSjEdI5rUvVUrq+nJrlQ19PKtWyx2tNON96l0eQAfLquDiKkPcpLr9Ev/NW7zVN
id0GU8z4ePLzkkZyWctLDTjYUPLC2Pwr1mXCLx9gVgOgGVtY0IeY38z9CjwilQj1
U25WHKQBuQ0chLcQP+ujpNk+mwA/qALX725PA/JKKZ8CggEAYUFHMccPuzK7qtl9
WC2fPnZKl7nOu+lvCGh01hOzEp0iqM2awNbC2gRD98vUWjmeyAqcOuvT95ISSV4R
5I+aQGHV3XssNTgktTehmcB5aAHtkKGSW8JclI+uEjUig47kwauPo9st/EA3PkN9
V2w9wm+RN1APEkOcDFDg8mwObH+pJHwzQGJSfXqi2d47Va5emgQ3KvrMv2GdsbcY
nYy15RY+1xN0+IVWDLEFrWb3kh6IZ4VR2B7Pm3YqvalynnFpcRsX/T0UaNB5nVpk
kiyRIJpgu/WZRaycSQQKZ9eLaw9C8Su6k/UOFX3VsedOgBe0Xt2FhgNGxDnlABqI
ddBNvQKCAQEAo7ReVy4FG925Y+aH6gnfielkiQsPH39snvZbrSlfsO5d9g+J9LKT
CbR1gW6+mKiimh9s9f2zCt5eB4LWLYea80RJaZcwUPTs7QVtpvYe89Nqhr4HS8ys
F5fr2L5AuNI6x7w0wxuTQCJxA4he92j0KnHQV+gl14BPfpdQzK9aTbTx4abB/yS5
i53LldPcuOPEyPskdyo4Zdhb0AJigYXCgr/xD/I53dt9RKgsNwXm9RGztVFeEjN8
itOXEoSfENRtgPV1eQ3j08F9RUOabhI0Nv4txIqsq3eJhNd8Ts9GKwF/2acwa/BE
5wkbek7P/hJ7h9o//JsNPkAYluUYNFMVPwKCAQBMT6GyiuiDjneYzk2RGAtzI7/y
eRiwNdx+K1b144p0Vn3Kb2g1afFEVOK+c6LwIkcbBJOctrsT3JnaK1dMuw5UElxq
j9rt6FTs7PlU5BJd3m42xufCHNybm/GeIxGVAtf1hvcQcNRAdTSwS5+x2jPx6AfT
xeJsuAiFaBnBU5+1OW+6/s/aouPuKfsQZUsg5S002Gta3a+AFoq8tk078/5Fb2Qr
spJGjWsZBfVgnmZ6sFIoB/X3+xtOObEu3Tyzfe38nZbkPOU4I2UQLcV29YuWUuWQ
xQiH8ZzhUloecCNpn7ZNK7wT9QZbV5NbA2EMRCm2jq9oKu8DA0JEGZ0vU8xu
-----END RSA PRIVATE KEY-----

51
authelia/configuration.yml Normal file
View File

@ -0,0 +1,51 @@
host: 0.0.0.0
port: 9491
log_level: trace
# $AUTHELIA_JWT_SECRET_FILE
jwt_secret: secret
default_redirection_url: https://not-found.bel.lan:9500
theme: dark
totp:
issuer: bel.lan
authentication_backend:
file:
path: ./users_database.yml
access_control:
default_policy: deny
rules:
- domain: authelia.bel.lan
policy: bypass
- domain: x.bel.lan
policy: bypass
- domain: y.bel.lan
policy: one_factor
- domain: z.bel.lan
policy: two_factor
session:
name: authelia_session
expiration: 1h # 1 hour
inactivity: 5m # 5 minutes
domain: bel.lan # Should match whatever your root protected domain is
remember_me_duration: 1M
regulation:
max_retries: 3
find_time: 120
ban_time: 300
storage:
local:
path: ./tmp/db.sqlite3
notifier:
disable_startup_check: false
filesystem:
filename: ./tmp/email.txt
#duo_api:
# hostname: x.bel.lan:9500
# integration_key: ABC
# secret_key: DEF

12
authelia/pretend.yaml Normal file
View File

@ -0,0 +1,12 @@
port: 9501
endpoints:
/auth/v2/auth:
body:
response:
result: "allow"
status: "200"
status_msg: "ok"
code: 200
message: "allow"
message_detail: "allow"
stat: "allow"

129
authelia/run.sh Normal file
View File

@ -0,0 +1,129 @@
#! /bin/bash
main() {
set -e
set -o pipefail
set -u
trap cleanup SIGINT ERR EXIT
cd "$(dirname "$BASH_SOURCE")"
mkdir -p "$PWD/tmp"
build_authelia
echo cp $GOPATH/src/github.com/authelia/authelia/compose/lite/authelia/* ./
start_sidecars
}
build_authelia_docker() {
build_authelia
rm -rf ./authelia
cp -r $GOPATH/src/github.com/authelia/authelia ./authelia
pushd authelia
export GOFLAGS=""
export GO111MODULE=""
go mod vendor
export GOFLAGS="-mod=vendor"
export GO111MODULE="off"
popd
docker build -t bel/authelia:v0.0 .
}
build_authelia() {
if which authelia &> /dev/null; then
return
fi
export INLINE_RUNTIME_CHUNK=false
export CGO_ENABLED=1
export GOFLAGS=""
export GO111MODULE=""
repo=github.com/authelia/authelia
pushd $GOPATH/src/$repo
if ! cat internal/server/public_html/index.html | grep -q .; then
pushd web
yarn install
yarn build
popd
rm -rf ./internal/server/public_html
mv web/build ./internal/server/public_html
cp -r api ./internal/server/public_html/
fi
rm -rf web/node_modules
git_commit=$(
(
git rev-list -1 HEAD
if git diff | grep . > /dev/null; then
echo "-dirty"
fi
) 2> /dev/null | tr -d '\n'
)
common=("-a" "-installsuffix" "cgo" "-ldflags" "-s -w -X main.GitCommit=$git_commit")
pushd cmd/authelia
go build -o $GOPATH/bin/authelia "${common[@]}"
popd
popd
export GOFLAGS="-mod=vendor"
export GO111MODULE="off"
}
start_sidecars() {
start_cleanup
start_rproxy3 &
start_pretend &
start_echo &
start_authelia &
wait -n 1
}
start_cleanup() {
trap cleanup SIGINT ERR EXIT
}
start_rproxy3() {
rproxy3 \
-p 9500 \
-proxy authelia,http://localhost:9491$(
start_port=9500
for i in {x..z}; do
((start_port+=1))
printf ",,%s,http://localhost:%d" $i $start_port
done
) \
-crt ./*.crt \
-key ./*.key \
-authelia https://authelia.bel.lan:9500 \
}
start_pretend() {
pretend -config ./pretend.yaml
}
start_echo() {
start_cleanup
for p in {9502..9503}; do
echo-server -p $p &
done
wait -n 1
}
start_authelia() {
#export ENVIRONMENT=dev
authelia --config ./configuration.yml
}
cleanup() {
jobs -p
kill -9 $(jobs -p)
jobs
trap - SIGINT ERR EXIT
}
if [ "$0" == "$BASH_SOURCE" ]; then
main "$@"
fi

BIN
authelia/tmp/db.sqlite3 Normal file
View File

Binary file not shown.

0
authelia/tmp/email.txt Normal file
View File

8
authelia/users_database.yml Normal file
View File

@ -0,0 +1,8 @@
users:
authelia:
displayname: "Authelia User"
password: "$6$rounds=50000$BpLnfgDsc2WD8F2q$Zis.ixdg9s/UOJYrs56b5QEZFiZECu0qZVNsIYxBaNJ7ucIL.nlxVCT5tqh8KHG8X4tlwCFm5r6NTOZZ5qRFN/" # Password is 'authelia'
email: authelia@authelia.com
groups:
- admins
- dev