authelia/docs/getting-started.md

3.3 KiB

Getting Started

Authelia can be tested in a matter of seconds with docker-compose based on the latest image available on Dockerhub or by building the latest version from the sources and use it in docker-compose.

Pre-requisites

In order to test Authelia, we need to make sure that:

  • Docker and docker-compose are installed.
  • Some ports are open for listening on your machine.
  • Some subdomains redirect to your machine to simulate the fact that some applications you want to protect are served by some subdomains of example.com on your machine.

Docker & docker-compose

Make sure you have docker and docker-compose installed on your machine. Here are the versions used for testing in Travis:

docker --version

gave Docker version 17.03.1-ce, build c6d412e.

docker-compose --version

gave docker-compose version 1.14.0, build c7bdf9e.

Available port

Make sure you don't have anything listening on port 8080 and 8085.

The port 8080 will be used by nginx to serve Authelia and the applications we want to protect with Authelia.

The port 8085 is serving a webmail used to receive emails sent by Authelia to validate your identity when registering U2F or TOTP secrets or when resetting your password.

Subdomain aliases

Make sure the following subdomains redirect to your machine by adding the following lines to your /etc/hosts. It will alias the subdomains so that nginx can redirect requests to the correct virtual host.

127.0.0.1       home.example.com
127.0.0.1       public.example.com
127.0.0.1       dev.example.com
127.0.0.1       admin.example.com
127.0.0.1       mx1.mail.example.com
127.0.0.1       mx2.mail.example.com
127.0.0.1       single_factor.example.com
127.0.0.1       login.example.com

From Dockerhub

To deploy Authelia using the latest image from Dockerhub, run the following command:

./scripts/example-dockerhub/deploy-example.sh

From source

To deploy Authelia from source, follow the build manual and run the following commands:

./scripts/example-commit/deploy-example.sh

Test it!

After few seconds the services should be running and you should be able to visit https://home.example.com:8080/.

When accessing the login page, a self-signed certificate exception should appear, it has to be trusted before you can get to the home page. The certificate must also be trusted for each subdomain, therefore it is normal to see this exception several times.

Below is what the login page looks like:

At some point, you'll be required to register a secret for setting up the second factor. Authelia will send an email to the user email address to confirm the user identity. In order to receive it, visit the webmail at http://localhost:8085.

Note: If you cannot deploy the fake webmail for any reason. You can configure Authelia to use the filesystem notifier (option available in config.template.yml) that will send the content of the email in a file instead of sending an email. It is advised to use this option for testing only.

Enjoy!