Authelia can be run locally while communicating with docker environment.
parent
1bc0029651
commit
eccf08b6b0
|
@ -32,7 +32,7 @@ before_script:
|
|||
script:
|
||||
- "./scripts/travis.sh"
|
||||
after_success:
|
||||
- "./scripts/docker-publish.sh"
|
||||
- "./scripts/authelia-scripts publish-docker"
|
||||
deploy:
|
||||
provider: npm
|
||||
email: clement.michaud34@gmail.com
|
||||
|
|
|
@ -1,18 +0,0 @@
|
|||
FROM node:8.7.0-alpine
|
||||
|
||||
WORKDIR /usr/app
|
||||
|
||||
ADD package.json package.json
|
||||
|
||||
RUN apk --update add --no-cache --virtual \
|
||||
.build-deps make g++ python && \
|
||||
npm install && \
|
||||
apk del .build-deps
|
||||
|
||||
EXPOSE 8080
|
||||
|
||||
VOLUME /usr/app/src
|
||||
VOLUME /etc/authelia
|
||||
VOLUME /var/lib/authelia
|
||||
|
||||
CMD ["./node_modules/.bin/nodemon", "-e", "yml,js,ts,json", "--exec", "./scripts/run-dev-server.sh"]
|
60
Gruntfile.js
60
Gruntfile.js
|
@ -7,22 +7,6 @@ module.exports = function (grunt) {
|
|||
dist: ['dist'],
|
||||
},
|
||||
run: {
|
||||
"compile-server": {
|
||||
cmd: "./node_modules/.bin/tsc",
|
||||
args: ['-p', 'server/tsconfig.json']
|
||||
},
|
||||
"compile-client": {
|
||||
exec: 'cd ./client && npm run build && mv build ../dist/client',
|
||||
},
|
||||
"generate-config-schema": {
|
||||
cmd: "./node_modules/.bin/typescript-json-schema",
|
||||
args: ["-o", schemaDir, "--strictNullChecks",
|
||||
"--required", "server/tsconfig.json", "Configuration"]
|
||||
},
|
||||
"lint-server": {
|
||||
cmd: "./node_modules/.bin/tslint",
|
||||
args: ['-c', 'server/tslint.json', '-p', 'server/tsconfig.json']
|
||||
},
|
||||
"test-server-unit": {
|
||||
cmd: "./node_modules/.bin/mocha",
|
||||
args: ['--colors', '--require', 'ts-node/register', 'server/src/**/*.spec.ts']
|
||||
|
@ -47,57 +31,19 @@ module.exports = function (grunt) {
|
|||
cmd: "./node_modules/.bin/mocha",
|
||||
args: ['--colors', '--require', 'ts-node/register', 'test/inactivity/**/*.ts']
|
||||
},
|
||||
"docker-build": {
|
||||
cmd: "docker",
|
||||
args: ['build', '-t', 'clems4ever/authelia', '.']
|
||||
},
|
||||
"apidoc": {
|
||||
cmd: "./node_modules/.bin/apidoc",
|
||||
args: ["-i", "src/server", "-o", "doc"]
|
||||
},
|
||||
},
|
||||
copy: {
|
||||
backup: {
|
||||
files: [{
|
||||
expand: true,
|
||||
src: ['dist/**'],
|
||||
dest: 'backup'
|
||||
}]
|
||||
},
|
||||
resources: {
|
||||
expand: true,
|
||||
cwd: 'server/src/resources',
|
||||
src: '**',
|
||||
dest: `${buildDir}/server/src/resources/`
|
||||
},
|
||||
schema: {
|
||||
src: schemaDir,
|
||||
dest: `${buildDir}/${schemaDir}`
|
||||
}
|
||||
},
|
||||
});
|
||||
|
||||
grunt.loadNpmTasks('grunt-contrib-copy');
|
||||
grunt.loadNpmTasks('grunt-contrib-clean');
|
||||
grunt.loadNpmTasks('grunt-run');
|
||||
|
||||
grunt.registerTask('compile-server', ['run:lint-server', 'run:compile-server'])
|
||||
grunt.registerTask('compile-client', ['run:lint-client', 'run:compile-client'])
|
||||
|
||||
grunt.registerTask('test-server', ['env:env-test-server-unit', 'run:test-server-unit'])
|
||||
grunt.registerTask('test-shared', ['env:env-test-shared-unit', 'run:test-shared-unit'])
|
||||
grunt.registerTask('test-unit', ['test-server', 'test-client', 'test-shared']);
|
||||
grunt.registerTask('test-server', ['run:test-server-unit'])
|
||||
grunt.registerTask('test-shared', ['run:test-shared-unit'])
|
||||
grunt.registerTask('test-unit', ['test-server', 'test-shared']);
|
||||
grunt.registerTask('test-int', ['run:test-cucumber', 'run:test-minimal-config', 'run:test-complete-config', 'run:test-inactivity']);
|
||||
|
||||
grunt.registerTask('generate-config-schema', ['run:generate-config-schema', 'copy:schema']);
|
||||
|
||||
grunt.registerTask('build-client', ['compile-client', 'browserify']);
|
||||
|
||||
grunt.registerTask('build-server', ['compile-server', 'copy:resources', 'generate-config-schema']);
|
||||
|
||||
grunt.registerTask('build', ['build-client', 'build-server']);
|
||||
grunt.registerTask('build-dist', ['clean:dist', 'build']);
|
||||
grunt.registerTask('schema', ['run:generate-config-schema'])
|
||||
|
||||
grunt.registerTask('docker-build', ['run:docker-build']);
|
||||
};
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
|
||||
REACT_APP_CSP_CONTENT="default-src 'self'; style-src 'self'; script-src 'self';"
|
||||
REACT_APP_CSP_CONTENT="default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:"
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,20 +0,0 @@
|
|||
version: '2'
|
||||
services:
|
||||
authelia-dev:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile.dev
|
||||
restart: always
|
||||
volumes:
|
||||
- ./scripts:/usr/app/scripts
|
||||
- ./server:/usr/app/server
|
||||
- ./shared:/usr/app/shared
|
||||
- ./config.template.yml:/usr/app/config.yml:ro
|
||||
environment:
|
||||
- NODE_TLS_REJECT_UNAUTHORIZED=0
|
||||
depends_on:
|
||||
- redis
|
||||
networks:
|
||||
example-network:
|
||||
aliases:
|
||||
- authelia
|
|
@ -10,4 +10,4 @@ services:
|
|||
depends_on:
|
||||
- redis
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
|
@ -1,20 +0,0 @@
|
|||
version: '2'
|
||||
services:
|
||||
authelia:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile.dev
|
||||
restart: always
|
||||
volumes:
|
||||
- ./package.json:/usr/app/package.json
|
||||
- ./server:/usr/app/server
|
||||
- ./shared:/usr/app/shared
|
||||
- ./config.template.yml:/usr/app/config.yml:ro
|
||||
- /tmp/authelia:/tmp/authelia
|
||||
- ./users_database.yml:/etc/authelia/users_database.yml
|
||||
environment:
|
||||
- NODE_TLS_REJECT_UNAUTHORIZED=0
|
||||
depends_on:
|
||||
- redis
|
||||
networks:
|
||||
- example-network
|
|
@ -1,13 +0,0 @@
|
|||
version: '2'
|
||||
services:
|
||||
authelia:
|
||||
build: .
|
||||
restart: always
|
||||
volumes:
|
||||
- ./config.minimal.yml:/etc/authelia/config.yml:ro
|
||||
- ./users_database.test.yml:/etc/authelia/users_database.yml:rw
|
||||
- /tmp/authelia:/tmp/authelia
|
||||
environment:
|
||||
- NODE_TLS_REJECT_UNAUTHORIZED=0
|
||||
networks:
|
||||
- example-network
|
|
@ -1,13 +0,0 @@
|
|||
version: '2'
|
||||
services:
|
||||
authelia:
|
||||
build: .
|
||||
restart: always
|
||||
volumes:
|
||||
- ./config.test.yml:/etc/authelia/config.yml:ro
|
||||
- ./users_database.test.yml:/etc/authelia/users_database.yml:rw
|
||||
- /tmp/authelia:/tmp/authelia
|
||||
environment:
|
||||
- NODE_TLS_REJECT_UNAUTHORIZED=0
|
||||
networks:
|
||||
- example-network
|
|
@ -1,14 +1,5 @@
|
|||
version: '2'
|
||||
services:
|
||||
authelia:
|
||||
build: .
|
||||
restart: always
|
||||
volumes:
|
||||
- ./config.template.yml:/etc/authelia/config.yml:ro
|
||||
environment:
|
||||
- NODE_TLS_REJECT_UNAUTHORIZED=0
|
||||
depends_on:
|
||||
- redis
|
||||
- mongo
|
||||
networks:
|
||||
- example-network
|
||||
services: {}
|
||||
networks:
|
||||
authelianet:
|
||||
external: true
|
||||
|
|
|
@ -6,4 +6,4 @@ services:
|
|||
- ./dist/server:/usr/src/server
|
||||
- ./dist/shared:/usr/src/shared
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -2,5 +2,3 @@ version: '2'
|
|||
networks:
|
||||
authelianet:
|
||||
external: true
|
||||
example-network:
|
||||
driver: bridge
|
||||
|
|
|
@ -3,4 +3,4 @@ services:
|
|||
httpbin:
|
||||
image: citizenstig/httpbin
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -8,4 +8,4 @@ services:
|
|||
- PHPLDAPADMIN_LDAP_HOSTS=openldap
|
||||
- PHPLDAPADMIN_HTTPS=false
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -13,6 +13,8 @@ services:
|
|||
volumes:
|
||||
- ./example/compose/ldap/base.ldif:/etc/ldap.dist/prepopulate/base.ldif
|
||||
- ./example/compose/ldap/access.rules:/etc/ldap.dist/prepopulate/access.rules
|
||||
ports:
|
||||
- "389:389"
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
||||
|
|
|
@ -9,4 +9,4 @@ services:
|
|||
ports:
|
||||
- "27017:27017"
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -6,4 +6,4 @@ services:
|
|||
- ./example/compose/nginx/backend/html:/usr/share/nginx/html
|
||||
- ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -9,4 +9,4 @@ services:
|
|||
ports:
|
||||
- "8080:443"
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -8,4 +8,4 @@ services:
|
|||
ports:
|
||||
- "8080:443"
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -6,22 +6,22 @@ events {
|
|||
|
||||
http {
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name _;
|
||||
listen 443 ssl;
|
||||
server_name _;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
return 301 https://home.example.com:8080/;
|
||||
return 301 https://home.example.com:8080/;
|
||||
}
|
||||
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name login.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $frontend_endpoint http://authelia-frontend:3000;
|
||||
set $backend_endpoint http://authelia:8080;
|
||||
set $backend_endpoint http://192.168.240.1:9091;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
@ -31,12 +31,11 @@ http {
|
|||
|
||||
# Serves the portal application.
|
||||
location / {
|
||||
# Allow websockets for webpack to auto-reload.
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_pass $backend_endpoint/index.html;
|
||||
}
|
||||
|
||||
proxy_pass $frontend_endpoint;
|
||||
location /static {
|
||||
proxy_pass $backend_endpoint;
|
||||
}
|
||||
|
||||
# Serve the backend API for the portal.
|
||||
|
@ -51,6 +50,7 @@ http {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name home.example.com;
|
||||
|
|
|
@ -0,0 +1,417 @@
|
|||
worker_processes 1;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name _;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
return 301 https://home.example.com:8080/;
|
||||
}
|
||||
|
||||
<% if (production) { %>
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name login.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $backend_endpoint http://192.168.240.1:9091;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
# Serves the portal application.
|
||||
location / {
|
||||
proxy_pass $backend_endpoint/index.html;
|
||||
}
|
||||
|
||||
location /static {
|
||||
proxy_pass $backend_endpoint;
|
||||
}
|
||||
|
||||
# Serve the backend API for the portal.
|
||||
location /api {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_intercept_errors on;
|
||||
|
||||
proxy_pass $backend_endpoint;
|
||||
}
|
||||
}
|
||||
<% } else { %>
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name login.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $frontend_endpoint http://192.168.240.1:3000;
|
||||
set $backend_endpoint http://192.168.240.1:9091;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
# Serves the portal application.
|
||||
location / {
|
||||
# Allow websockets for webpack to auto-reload.
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
|
||||
proxy_pass $frontend_endpoint;
|
||||
}
|
||||
|
||||
# Serve the backend API for the portal.
|
||||
location /api {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_intercept_errors on;
|
||||
|
||||
proxy_pass $backend_endpoint;
|
||||
}
|
||||
}
|
||||
<% } %>
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name home.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_endpoint http://nginx-backend;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location / {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name public.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_verify http://authelia:8080/api/verify;
|
||||
set $upstream_endpoint http://nginx-backend;
|
||||
set $upstream_headers http://httpbin:8000/headers;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location /auth_verify {
|
||||
internal;
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
|
||||
proxy_pass $upstream_verify;
|
||||
}
|
||||
|
||||
location / {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header X-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Remote-Groups $groups;
|
||||
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
|
||||
location /headers {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header Custom-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Custom-Forwarded-Groups $groups;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_headers;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name admin.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_verify http://authelia:8080/api/verify;
|
||||
set $upstream_endpoint http://nginx-backend;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location /auth_verify {
|
||||
internal;
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
|
||||
proxy_pass $upstream_verify;
|
||||
}
|
||||
|
||||
location / {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header X-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Remote-Groups $groups;
|
||||
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name dev.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_verify http://authelia:8080/api/verify;
|
||||
set $upstream_endpoint http://nginx-backend;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location /auth_verify {
|
||||
internal;
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
|
||||
proxy_pass $upstream_verify;
|
||||
}
|
||||
|
||||
location / {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header X-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Remote-Groups $groups;
|
||||
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name mx1.mail.example.com mx2.mail.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_verify http://authelia:8080/api/verify;
|
||||
set $upstream_endpoint http://nginx-backend;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location /auth_verify {
|
||||
internal;
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
|
||||
proxy_pass $upstream_verify;
|
||||
}
|
||||
|
||||
location / {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header X-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Remote-Groups $groups;
|
||||
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name single_factor.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_verify http://authelia:8080/api/verify;
|
||||
set $upstream_endpoint http://nginx-backend;
|
||||
set $upstream_headers http://httpbin:8000/headers;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location /auth_verify {
|
||||
internal;
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
proxy_set_header X-Original-URI $request_uri;
|
||||
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
# This header is required for basic authentication.
|
||||
proxy_set_header Proxy-Authorization $http_authorization;
|
||||
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
|
||||
proxy_pass $upstream_verify;
|
||||
}
|
||||
|
||||
location / {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header X-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Remote-Groups $groups;
|
||||
|
||||
proxy_set_header Host $http_host;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
|
||||
location /headers {
|
||||
auth_request /auth_verify;
|
||||
|
||||
auth_request_set $redirect $upstream_http_redirect;
|
||||
|
||||
auth_request_set $user $upstream_http_remote_user;
|
||||
proxy_set_header Custom-Forwarded-User $user;
|
||||
|
||||
auth_request_set $groups $upstream_http_remote_groups;
|
||||
proxy_set_header Custom-Forwarded-Groups $groups;
|
||||
|
||||
error_page 401 =302 https://login.example.com:8080?rd=$redirect;
|
||||
error_page 403 = https://login.example.com:8080/error/403;
|
||||
|
||||
proxy_pass $upstream_headers;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name authelia.example.com;
|
||||
|
||||
resolver 127.0.0.11 ipv6=off;
|
||||
set $upstream_endpoint http://authelia:8080;
|
||||
|
||||
ssl_certificate /etc/ssl/server.crt;
|
||||
ssl_certificate_key /etc/ssl/server.key;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
|
||||
location / {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_pass $upstream_endpoint;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
#!/usr/bin/env node
|
||||
|
||||
const ejs = require('ejs');
|
||||
const fs = require('fs');
|
||||
const program = require('commander');
|
||||
|
||||
program
|
||||
.version('0.1.0')
|
||||
.option('-p, --production', 'Render template for production.')
|
||||
.parse(process.argv)
|
||||
|
||||
const options = {
|
||||
production: false,
|
||||
}
|
||||
|
||||
if (program.production) {
|
||||
options['production'] = true;
|
||||
}
|
||||
|
||||
html = ejs.renderFile(__dirname + '/nginx.conf.ejs', options, (err, conf) => {
|
||||
fs.writeFileSync(__dirname + '/nginx.conf', conf);
|
||||
});
|
|
@ -3,5 +3,7 @@ services:
|
|||
redis:
|
||||
image: redis:4.0-alpine
|
||||
command: redis-server --requirepass authelia
|
||||
ports:
|
||||
- "6379:6379"
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -3,6 +3,7 @@ services:
|
|||
smtp:
|
||||
image: schickling/mailcatcher
|
||||
ports:
|
||||
- "1025:1025"
|
||||
- "8085:1080"
|
||||
networks:
|
||||
- example-network
|
||||
- authelianet
|
||||
|
|
|
@ -1376,6 +1376,285 @@
|
|||
"resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
|
||||
"integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s="
|
||||
},
|
||||
"concurrently": {
|
||||
"version": "4.1.0",
|
||||
"resolved": "https://registry.npmjs.org/concurrently/-/concurrently-4.1.0.tgz",
|
||||
"integrity": "sha512-pwzXCE7qtOB346LyO9eFWpkFJVO3JQZ/qU/feGeaAHiX1M3Rw3zgXKc5cZ8vSH5DGygkjzLFDzA/pwoQDkRNGg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"chalk": "^2.4.1",
|
||||
"date-fns": "^1.23.0",
|
||||
"lodash": "^4.17.10",
|
||||
"read-pkg": "^4.0.1",
|
||||
"rxjs": "^6.3.3",
|
||||
"spawn-command": "^0.0.2-1",
|
||||
"supports-color": "^4.5.0",
|
||||
"tree-kill": "^1.1.0",
|
||||
"yargs": "^12.0.1"
|
||||
},
|
||||
"dependencies": {
|
||||
"ansi-regex": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz",
|
||||
"integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=",
|
||||
"dev": true
|
||||
},
|
||||
"ansi-styles": {
|
||||
"version": "3.2.1",
|
||||
"resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
|
||||
"integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"color-convert": "^1.9.0"
|
||||
}
|
||||
},
|
||||
"camelcase": {
|
||||
"version": "5.0.0",
|
||||
"resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.0.0.tgz",
|
||||
"integrity": "sha512-faqwZqnWxbxn+F1d399ygeamQNy3lPp/H9H6rNrqYh4FSVCtcY+3cub1MxA8o9mDd55mM8Aghuu/kuyYA6VTsA==",
|
||||
"dev": true
|
||||
},
|
||||
"chalk": {
|
||||
"version": "2.4.2",
|
||||
"resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
|
||||
"integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"ansi-styles": "^3.2.1",
|
||||
"escape-string-regexp": "^1.0.5",
|
||||
"supports-color": "^5.3.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"supports-color": {
|
||||
"version": "5.5.0",
|
||||
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
|
||||
"integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"has-flag": "^3.0.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"cliui": {
|
||||
"version": "4.1.0",
|
||||
"resolved": "https://registry.npmjs.org/cliui/-/cliui-4.1.0.tgz",
|
||||
"integrity": "sha512-4FG+RSG9DL7uEwRUZXZn3SS34DiDPfzP0VOiEwtUWlE+AR2EIg+hSyvrIgUUfhdgR/UkAeW2QHgeP+hWrXs7jQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"string-width": "^2.1.1",
|
||||
"strip-ansi": "^4.0.0",
|
||||
"wrap-ansi": "^2.0.0"
|
||||
}
|
||||
},
|
||||
"cross-spawn": {
|
||||
"version": "6.0.5",
|
||||
"resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz",
|
||||
"integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"nice-try": "^1.0.4",
|
||||
"path-key": "^2.0.1",
|
||||
"semver": "^5.5.0",
|
||||
"shebang-command": "^1.2.0",
|
||||
"which": "^1.2.9"
|
||||
}
|
||||
},
|
||||
"execa": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz",
|
||||
"integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"cross-spawn": "^6.0.0",
|
||||
"get-stream": "^4.0.0",
|
||||
"is-stream": "^1.1.0",
|
||||
"npm-run-path": "^2.0.0",
|
||||
"p-finally": "^1.0.0",
|
||||
"signal-exit": "^3.0.0",
|
||||
"strip-eof": "^1.0.0"
|
||||
}
|
||||
},
|
||||
"find-up": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/find-up/-/find-up-3.0.0.tgz",
|
||||
"integrity": "sha512-1yD6RmLI1XBfxugvORwlck6f75tYL+iR0jqwsOrOxMZyGYqUuDhJ0l4AXdO1iX/FTs9cBAMEk1gWSEx1kSbylg==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"locate-path": "^3.0.0"
|
||||
}
|
||||
},
|
||||
"get-stream": {
|
||||
"version": "4.1.0",
|
||||
"resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz",
|
||||
"integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"pump": "^3.0.0"
|
||||
}
|
||||
},
|
||||
"has-flag": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
|
||||
"integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=",
|
||||
"dev": true
|
||||
},
|
||||
"invert-kv": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/invert-kv/-/invert-kv-2.0.0.tgz",
|
||||
"integrity": "sha512-wPVv/y/QQ/Uiirj/vh3oP+1Ww+AWehmi1g5fFWGPF6IpCBCDVrhgHRMvrLfdYcwDh3QJbGXDW4JAuzxElLSqKA==",
|
||||
"dev": true
|
||||
},
|
||||
"lcid": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/lcid/-/lcid-2.0.0.tgz",
|
||||
"integrity": "sha512-avPEb8P8EGnwXKClwsNUgryVjllcRqtMYa49NTsbQagYuT1DcXnl1915oxWjoyGrXR6zH/Y0Zc96xWsPcoDKeA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"invert-kv": "^2.0.0"
|
||||
}
|
||||
},
|
||||
"locate-path": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/locate-path/-/locate-path-3.0.0.tgz",
|
||||
"integrity": "sha512-7AO748wWnIhNqAuaty2ZWHkQHRSNfPVIsPIfwEOWO22AmaoVrWavlOcMR5nzTLNYvp36X220/maaRsrec1G65A==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"p-locate": "^3.0.0",
|
||||
"path-exists": "^3.0.0"
|
||||
}
|
||||
},
|
||||
"mem": {
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/mem/-/mem-4.0.0.tgz",
|
||||
"integrity": "sha512-WQxG/5xYc3tMbYLXoXPm81ET2WDULiU5FxbuIoNbJqLOOI8zehXFdZuiUEgfdrU2mVB1pxBZUGlYORSrpuJreA==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"map-age-cleaner": "^0.1.1",
|
||||
"mimic-fn": "^1.0.0",
|
||||
"p-is-promise": "^1.1.0"
|
||||
}
|
||||
},
|
||||
"os-locale": {
|
||||
"version": "3.1.0",
|
||||
"resolved": "https://registry.npmjs.org/os-locale/-/os-locale-3.1.0.tgz",
|
||||
"integrity": "sha512-Z8l3R4wYWM40/52Z+S265okfFj8Kt2cC2MKY+xNi3kFs+XGI7WXu/I309QQQYbRW4ijiZ+yxs9pqEhJh0DqW3Q==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"execa": "^1.0.0",
|
||||
"lcid": "^2.0.0",
|
||||
"mem": "^4.0.0"
|
||||
}
|
||||
},
|
||||
"p-limit": {
|
||||
"version": "2.1.0",
|
||||
"resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.1.0.tgz",
|
||||
"integrity": "sha512-NhURkNcrVB+8hNfLuysU8enY5xn2KXphsHBaC2YmRNTZRc7RWusw6apSpdEj3jo4CMb6W9nrF6tTnsJsJeyu6g==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"p-try": "^2.0.0"
|
||||
}
|
||||
},
|
||||
"p-locate": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/p-locate/-/p-locate-3.0.0.tgz",
|
||||
"integrity": "sha512-x+12w/To+4GFfgJhBEpiDcLozRJGegY+Ei7/z0tSLkMmxGZNybVMSfWj9aJn8Z5Fc7dBUNJOOVgPv2H7IwulSQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"p-limit": "^2.0.0"
|
||||
}
|
||||
},
|
||||
"p-try": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/p-try/-/p-try-2.0.0.tgz",
|
||||
"integrity": "sha512-hMp0onDKIajHfIkdRk3P4CdCmErkYAxxDtP3Wx/4nZ3aGlau2VKh3mZpcuFkH27WQkL/3WBCPOktzA9ZOAnMQQ==",
|
||||
"dev": true
|
||||
},
|
||||
"parse-json": {
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/parse-json/-/parse-json-4.0.0.tgz",
|
||||
"integrity": "sha1-vjX1Qlvh9/bHRxhPmKeIy5lHfuA=",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"error-ex": "^1.3.1",
|
||||
"json-parse-better-errors": "^1.0.1"
|
||||
}
|
||||
},
|
||||
"path-exists": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
|
||||
"integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU=",
|
||||
"dev": true
|
||||
},
|
||||
"read-pkg": {
|
||||
"version": "4.0.1",
|
||||
"resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-4.0.1.tgz",
|
||||
"integrity": "sha1-ljYlN48+HE1IyFhytabsfV0JMjc=",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"normalize-package-data": "^2.3.2",
|
||||
"parse-json": "^4.0.0",
|
||||
"pify": "^3.0.0"
|
||||
}
|
||||
},
|
||||
"strip-ansi": {
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz",
|
||||
"integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"ansi-regex": "^3.0.0"
|
||||
}
|
||||
},
|
||||
"supports-color": {
|
||||
"version": "4.5.0",
|
||||
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-4.5.0.tgz",
|
||||
"integrity": "sha1-vnoN5ITexcXN34s9WRJQRJEvY1s=",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"has-flag": "^2.0.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"has-flag": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/has-flag/-/has-flag-2.0.0.tgz",
|
||||
"integrity": "sha1-6CB68cx7MNRGzHC3NLXovhj4jVE=",
|
||||
"dev": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"yargs": {
|
||||
"version": "12.0.5",
|
||||
"resolved": "https://registry.npmjs.org/yargs/-/yargs-12.0.5.tgz",
|
||||
"integrity": "sha512-Lhz8TLaYnxq/2ObqHDql8dX8CJi97oHxrjUcYtzKbbykPtVW9WB+poxI+NM2UIzsMgNCZTIf0AQwsjK5yMAqZw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"cliui": "^4.0.0",
|
||||
"decamelize": "^1.2.0",
|
||||
"find-up": "^3.0.0",
|
||||
"get-caller-file": "^1.0.1",
|
||||
"os-locale": "^3.0.0",
|
||||
"require-directory": "^2.1.1",
|
||||
"require-main-filename": "^1.0.1",
|
||||
"set-blocking": "^2.0.0",
|
||||
"string-width": "^2.0.0",
|
||||
"which-module": "^2.0.0",
|
||||
"y18n": "^3.2.1 || ^4.0.0",
|
||||
"yargs-parser": "^11.1.1"
|
||||
}
|
||||
},
|
||||
"yargs-parser": {
|
||||
"version": "11.1.1",
|
||||
"resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-11.1.1.tgz",
|
||||
"integrity": "sha512-C6kB/WJDiaxONLJQnF8ccx9SEeoTTLek8RVbaOIsrAUS8VrBEXfmeSnCZxygc+XC2sNMBIwOOnfcxiynjHsVSQ==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"camelcase": "^5.0.0",
|
||||
"decamelize": "^1.2.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"configstore": {
|
||||
"version": "3.1.2",
|
||||
"resolved": "https://registry.npmjs.org/configstore/-/configstore-3.1.2.tgz",
|
||||
|
@ -1600,6 +1879,12 @@
|
|||
"resolved": "https://registry.npmjs.org/dasherize/-/dasherize-2.0.0.tgz",
|
||||
"integrity": "sha1-bYCcnNDPe7iVLYD8hPoT1H3bEwg="
|
||||
},
|
||||
"date-fns": {
|
||||
"version": "1.30.1",
|
||||
"resolved": "https://registry.npmjs.org/date-fns/-/date-fns-1.30.1.tgz",
|
||||
"integrity": "sha512-hBSVCvSmWC+QypYObzwGOd9wqdDpOt+0wl0KbU+R+uuZBS1jN8VsD1ss3irQDknRj5NvxiTF6oj/nDRnN/UQNw==",
|
||||
"dev": true
|
||||
},
|
||||
"dateformat": {
|
||||
"version": "1.0.12",
|
||||
"resolved": "https://registry.npmjs.org/dateformat/-/dateformat-1.0.12.tgz",
|
||||
|
@ -1805,6 +2090,15 @@
|
|||
"resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz",
|
||||
"integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k="
|
||||
},
|
||||
"end-of-stream": {
|
||||
"version": "1.4.1",
|
||||
"resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.1.tgz",
|
||||
"integrity": "sha512-1MkrZNvWTKCaigbn+W15elq2BB/L22nqrSY5DKlo3X6+vclJm8Bb5djXJBmEX6fS3+zCh/F4VBK5Z2KxJt4s2Q==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"once": "^1.4.0"
|
||||
}
|
||||
},
|
||||
"entities": {
|
||||
"version": "1.1.1",
|
||||
"resolved": "https://registry.npmjs.org/entities/-/entities-1.1.1.tgz",
|
||||
|
@ -3900,6 +4194,12 @@
|
|||
"integrity": "sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA==",
|
||||
"dev": true
|
||||
},
|
||||
"json-parse-better-errors": {
|
||||
"version": "1.0.2",
|
||||
"resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz",
|
||||
"integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==",
|
||||
"dev": true
|
||||
},
|
||||
"json-schema": {
|
||||
"version": "0.2.3",
|
||||
"resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz",
|
||||
|
@ -4251,6 +4551,15 @@
|
|||
"integrity": "sha512-0Dab5btKVPhibSalc9QGXb559ED7G7iLjFXBaj9Wq8O3vorueR5K5jaE3hkG6ZQINyhA/JgG6Qk4qdFQjsYV6g==",
|
||||
"dev": true
|
||||
},
|
||||
"map-age-cleaner": {
|
||||
"version": "0.1.3",
|
||||
"resolved": "https://registry.npmjs.org/map-age-cleaner/-/map-age-cleaner-0.1.3.tgz",
|
||||
"integrity": "sha512-bJzx6nMoP6PDLPBFmg7+xRKeFZvFboMrGlxmNj9ClvX53KrmvM5bXFXEWjbz4cz1AFn+jWJ9z/DJSz7hrs0w3w==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"p-defer": "^1.0.0"
|
||||
}
|
||||
},
|
||||
"map-cache": {
|
||||
"version": "0.2.2",
|
||||
"resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz",
|
||||
|
@ -4606,6 +4915,12 @@
|
|||
"integrity": "sha1-yobR/ogoFpsBICCOPchCS524NCw=",
|
||||
"dev": true
|
||||
},
|
||||
"nice-try": {
|
||||
"version": "1.0.5",
|
||||
"resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz",
|
||||
"integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==",
|
||||
"dev": true
|
||||
},
|
||||
"nise": {
|
||||
"version": "1.3.3",
|
||||
"resolved": "https://registry.npmjs.org/nise/-/nise-1.3.3.tgz",
|
||||
|
@ -6439,12 +6754,24 @@
|
|||
"integrity": "sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ=",
|
||||
"dev": true
|
||||
},
|
||||
"p-defer": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/p-defer/-/p-defer-1.0.0.tgz",
|
||||
"integrity": "sha1-n26xgvbJqozXQwBKfU+WsZaw+ww=",
|
||||
"dev": true
|
||||
},
|
||||
"p-finally": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz",
|
||||
"integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=",
|
||||
"dev": true
|
||||
},
|
||||
"p-is-promise": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz",
|
||||
"integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4=",
|
||||
"dev": true
|
||||
},
|
||||
"p-limit": {
|
||||
"version": "1.2.0",
|
||||
"resolved": "https://registry.npmjs.org/p-limit/-/p-limit-1.2.0.tgz",
|
||||
|
@ -6684,6 +7011,16 @@
|
|||
"integrity": "sha512-NdF35+QsqD7EgNEI5mkI/X+UwaxVEbQaz9f4IooEmMUv6ZPmlTQYGjBPJGgrlzNdjSvIy4MWMg6Q6vCgBO2K+w==",
|
||||
"dev": true
|
||||
},
|
||||
"pump": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz",
|
||||
"integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"end-of-stream": "^1.1.0",
|
||||
"once": "^1.3.1"
|
||||
}
|
||||
},
|
||||
"punycode": {
|
||||
"version": "2.1.0",
|
||||
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.0.tgz",
|
||||
|
@ -7131,6 +7468,15 @@
|
|||
"glob": "^6.0.1"
|
||||
}
|
||||
},
|
||||
"rxjs": {
|
||||
"version": "6.3.3",
|
||||
"resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.3.3.tgz",
|
||||
"integrity": "sha512-JTWmoY9tWCs7zvIk/CvRjhjGaOd+OVBM987mxFo+OW66cGpdKjZcpmc74ES1sB//7Kl/PAe8+wEakuhG4pcgOw==",
|
||||
"dev": true,
|
||||
"requires": {
|
||||
"tslib": "^1.9.0"
|
||||
}
|
||||
},
|
||||
"safe-buffer": {
|
||||
"version": "5.1.1",
|
||||
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz",
|
||||
|
@ -7586,6 +7932,12 @@
|
|||
"integrity": "sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=",
|
||||
"dev": true
|
||||
},
|
||||
"spawn-command": {
|
||||
"version": "0.0.2-1",
|
||||
"resolved": "https://registry.npmjs.org/spawn-command/-/spawn-command-0.0.2-1.tgz",
|
||||
"integrity": "sha1-YvXpRmmBwbeW3Fkpk34RycaSG9A=",
|
||||
"dev": true
|
||||
},
|
||||
"spdx-correct": {
|
||||
"version": "3.0.2",
|
||||
"resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.0.2.tgz",
|
||||
|
@ -7971,6 +8323,12 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"tree-kill": {
|
||||
"version": "1.2.1",
|
||||
"resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.1.tgz",
|
||||
"integrity": "sha512-4hjqbObwlh2dLyW4tcz0Ymw0ggoaVDMveUB9w8kFSQScdRLo0gxO9J7WFcUBo+W3C1TLdFIEwNOWebgZZ0RH9Q==",
|
||||
"dev": true
|
||||
},
|
||||
"trim-newlines": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz",
|
||||
|
|
10
package.json
10
package.json
|
@ -5,10 +5,13 @@
|
|||
"bin": {
|
||||
"authelia": "./dist/server/src/index.js"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=8.0.0 <10.0.0"
|
||||
},
|
||||
"scripts": {
|
||||
"start": "./scripts/authelia-cli start",
|
||||
"build": "echo build",
|
||||
"test": "./node_modules/.bin/grunt test-unit",
|
||||
"start": "./scripts/authelia-scripts start",
|
||||
"build": "./scripts/authelia-scripts build",
|
||||
"test": "./scripts/authelia-scripts test",
|
||||
"cover": "NODE_ENV=test nyc npm t"
|
||||
},
|
||||
"repository": {
|
||||
|
@ -82,6 +85,7 @@
|
|||
"apidoc": "^0.17.6",
|
||||
"chromedriver": "^2.37.0",
|
||||
"commander": "^2.19.0",
|
||||
"concurrently": "^4.1.0",
|
||||
"cucumber": "^4.0.0",
|
||||
"grunt": "^1.0.3",
|
||||
"grunt-contrib-clean": "^2.0.0",
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
#!/usr/bin/env node
|
||||
|
||||
var program = require('commander');
|
||||
|
||||
program
|
||||
.version('0.1.0')
|
||||
.command('start', 'Start development environment');
|
||||
|
||||
program.parse(process.argv);
|
||||
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
#!/usr/bin/env node
|
||||
|
||||
var program = require('commander');
|
||||
|
||||
program
|
||||
.version('0.0.1')
|
||||
.command('start', 'Start development environment.')
|
||||
.command('build', 'Build production version of Authelia from source.')
|
||||
.command('clean', 'Clean the production version of Authelia.')
|
||||
.command('serve', 'Serve production version of Authelia.')
|
||||
.command('test', 'Run Authelia unit tests.')
|
||||
|
||||
.command('build-docker', 'Build Docker image containing production version of Authelia.')
|
||||
.command('publish-docker', 'Publish Docker image containing production version of Authelia to Dockerhub.')
|
||||
|
||||
program.parse(process.argv);
|
||||
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
set -e
|
||||
|
||||
DIST_DIR=dist
|
||||
|
||||
rm -rf $DIST_DIR
|
||||
|
||||
# Build the server
|
||||
./node_modules/.bin/tslint -c server/tslint.json -p server/tsconfig.json
|
||||
./node_modules/.bin/tsc -p server/tsconfig.json
|
||||
|
||||
mkdir -p $DIST_DIR/server/src/resources
|
||||
cp server/src/resources/** $DIST_DIR/server/src/resources/
|
||||
|
||||
./node_modules/.bin/typescript-json-schema -o server/src/lib/configuration/Configuration.schema.json --strictNullChecks --required server/tsconfig.json Configuration
|
||||
|
||||
# Copy in dist
|
||||
cp server/src/lib/configuration/Configuration.schema.json $DIST_DIR/server/src/lib/configuration
|
||||
|
||||
|
||||
# Build the client
|
||||
pushd client
|
||||
npm run build
|
||||
popd
|
||||
|
||||
mv client/build $DIST_DIR/server/src/public_html
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
docker build -t clems4ever/authelia .
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
rm -rf dist
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Render the production version of the nginx portal configuration
|
||||
./example/compose/nginx/portal/render.js --production
|
||||
|
||||
./scripts/utils/prepare-environment.sh
|
||||
|
||||
./node_modules/.bin/nodemon -e yml --exec 'node dist/server/src/index.js config.yml'
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/bash
|
||||
|
||||
./example/compose/nginx/portal/render.js
|
||||
|
||||
./scripts/utils/prepare-environment.sh
|
||||
|
||||
server_watcher="./node_modules/.bin/nodemon -e yml,js,ts,json --exec ./scripts/run-dev-server.sh 2>&1 /tmp/authelia-server.log"
|
||||
client_watcher="cd client && BROWSER=none npm run start > /tmp/authelia-client.log"
|
||||
|
||||
./node_modules/.bin/concurrently "$server_watcher" "$client_watcher"
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
TS_NODE_PROJECT=server/tsconfig.json ./node_modules/.bin/mocha --colors --require ts-node/register server/src/**/*.spec.ts
|
|
@ -3,9 +3,7 @@
|
|||
set -e
|
||||
|
||||
docker-compose \
|
||||
-f docker-compose.dev.yml \
|
||||
-f client/docker-compose.yml \
|
||||
-f example/compose/docker-compose.base.yml \
|
||||
-f docker-compose.yml \
|
||||
-f example/compose/mongo/docker-compose.yml \
|
||||
-f example/compose/redis/docker-compose.yml \
|
||||
-f example/compose/nginx/backend/docker-compose.yml \
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
set -e
|
||||
|
||||
docker-compose \
|
||||
-f docker-compose.yml \
|
||||
-f docker-compose.dockerhub.yml \
|
||||
-f example/compose/docker-compose.base.yml \
|
||||
-f example/compose/mongo/docker-compose.yml \
|
||||
-f example/compose/redis/docker-compose.yml \
|
||||
-f example/compose/nginx/backend/docker-compose.yml \
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
#!/bin/bash
|
||||
|
||||
./node_modules/.bin/mocha --colors --require ts-node/register $*
|
|
@ -2,19 +2,18 @@
|
|||
|
||||
set -e
|
||||
|
||||
export PATH=./scripts:$PATH
|
||||
|
||||
docker --version
|
||||
docker-compose --version
|
||||
echo "node `node -v`"
|
||||
echo "npm `npm -v`"
|
||||
|
||||
# Generate configuration schema
|
||||
grunt schema
|
||||
|
||||
# Run unit tests
|
||||
grunt test-unit
|
||||
authelia-scripts test
|
||||
|
||||
# Build the app from Typescript and package
|
||||
grunt build-dist
|
||||
# Build
|
||||
authelia-scripts build
|
||||
|
||||
# Run integration/example tests
|
||||
./scripts/integration-tests.sh
|
||||
|
|
|
@ -9,5 +9,6 @@ else
|
|||
echo "Bridge authelianet already exist."
|
||||
fi
|
||||
|
||||
./scripts/dc-dev.sh build && ./scripts/dc-dev.sh up -d
|
||||
./scripts/dc-dev.sh up -d
|
||||
|
||||
./scripts/dc-dev.sh kill -s SIGHUP nginx-portal
|
|
@ -1,6 +1,5 @@
|
|||
import BluebirdPromise = require("bluebird");
|
||||
import exceptions = require("../../../Exceptions");
|
||||
import { EventEmitter } from "events";
|
||||
import { ISession } from "./ISession";
|
||||
import { LdapConfiguration } from "../../../configuration/schema/LdapConfiguration";
|
||||
import { Winston } from "../../../../../types/Dependencies";
|
||||
|
|
|
@ -15,16 +15,12 @@ const addRequestId = require("express-request-id")();
|
|||
// Constants
|
||||
const TRUST_PROXY = "trust proxy";
|
||||
const X_POWERED_BY = "x-powered-by";
|
||||
const VIEWS = "views";
|
||||
const VIEW_ENGINE = "view engine";
|
||||
const PUG = "pug";
|
||||
|
||||
export class Configurator {
|
||||
static configure(config: Configuration,
|
||||
app: Express.Application,
|
||||
vars: ServerVariables,
|
||||
deps: GlobalDependencies): void {
|
||||
const viewsDirectory = Path.resolve(__dirname, "../../views");
|
||||
const publicHtmlDirectory = Path.resolve(__dirname, "../../public_html");
|
||||
|
||||
const expressSessionOptions = SessionConfigurationBuilder.build(config, deps);
|
||||
|
@ -39,9 +35,6 @@ export class Configurator {
|
|||
app.enable(TRUST_PROXY);
|
||||
app.use(Helmet());
|
||||
|
||||
app.set(VIEWS, viewsDirectory);
|
||||
app.set(VIEW_ENGINE, PUG);
|
||||
|
||||
RestApi.setup(app, vars);
|
||||
}
|
||||
}
|
|
@ -2,32 +2,14 @@ require("chromedriver");
|
|||
import ChildProcess = require('child_process');
|
||||
import Bluebird = require("bluebird");
|
||||
|
||||
import Environment = require('../environment');
|
||||
|
||||
const execAsync = Bluebird.promisify(ChildProcess.exec);
|
||||
|
||||
const includes = [
|
||||
"docker-compose.minimal.yml",
|
||||
"example/compose/docker-compose.base.yml",
|
||||
"example/compose/nginx/minimal/docker-compose.yml",
|
||||
"example/compose/smtp/docker-compose.yml",
|
||||
]
|
||||
|
||||
|
||||
before(function() {
|
||||
this.timeout(20000);
|
||||
this.environment = new Environment.Environment(includes);
|
||||
|
||||
return execAsync("cp users_database.yml users_database.test.yml")
|
||||
.then(() => this.environment.setup(2000));
|
||||
this.timeout(1000);
|
||||
return execAsync("cp users_database.yml users_database.test.yml");
|
||||
});
|
||||
|
||||
after(function() {
|
||||
this.timeout(30000);
|
||||
return execAsync("rm users_database.test.yml")
|
||||
.then(() => {
|
||||
if(process.env.KEEP_ENV != "true") {
|
||||
return this.environment.cleanup();
|
||||
}
|
||||
});
|
||||
this.timeout(1000);
|
||||
return execAsync("rm users_database.test.yml");
|
||||
});
|
Loading…
Reference in New Issue