refactor: use .env for Authelia password hash

- Rename users_database.yml to users_database.template.yml
- Use envsubst to substitute AUTHELIA_USER_PASSWORD_HASH from .env
- Update configuration.yml to use /config/users_database.yml
- Add AUTHELIA_USER_PASSWORD_HASH environment variable to compose
- Password hash now stored securely in .env instead of git

net/authelia/configuration.yml

@@ -41,7 +41,7 @@ authentication_backend:
     disable: false
   refresh_interval: 5m
   file:
-    path: /etc/authelia/users_database.yml
+    path: /config/users_database.yml
     password:
       algorithm: argon2
       argon2:

net/authelia/users_database.template.yml

@@ -9,7 +9,7 @@
 users:
   valknar:
     displayname: "Valknar"
-    password: "$argon2id$v=19$m=65536,t=3,p=4$c2FsdHNhbHRzYWx0$4oCb4oCh4oCd4oCi4oCl4oCm"  # CHANGE THIS - use: docker run --rm authelia/authelia:latest authelia crypto hash generate argon2 --password 'yourpassword'
+    password: "${AUTHELIA_USER_PASSWORD_HASH}"
     email: valknar@pivoine.art
     groups:
       - admins