valknar/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: valknar:f9c953ecbca2dae8d312180aeaa694079d3fc2df
Branches Tags
valknar:main
...
compare: valknar:94e6656f31293041154aa2e9162fc18dbf7ffeee
Branches Tags
valknar:main

2 Commits
f9c953ecbc ... 94e6656f31

Author SHA1 Message Date
Sebastian Krüger
94e6656f31 refactor: make Authelia user management scalable 
- Remove envsubst complexity for password hashes
- Keep users_database.yml only on server (not in git)
- Add users_database.yml to .gitignore
- Update users_database.template.yml with multi-user examples
- Configure Authelia to watch users_database.yml for changes
- Users can now be added/removed by editing the file on server
- Supports unlimited users without code changes
 2025-11-15 19:59:17 +01:00
Sebastian Krüger
37f1edbd01 refactor: use .env for Authelia password hash 
- Rename users_database.yml to users_database.template.yml
- Use envsubst to substitute AUTHELIA_USER_PASSWORD_HASH from .env
- Update configuration.yml to use /config/users_database.yml
- Add AUTHELIA_USER_PASSWORD_HASH environment variable to compose
- Password hash now stored securely in .env instead of git
 2025-11-15 19:56:56 +01:00
4 changed files with 31 additions and 16 deletions
Expand all files Collapse all files

1
net/authelia/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
net/authelia/users_database.yml

1
net/authelia/configuration.yml
View File

@@ -42,6 +42,7 @@ authentication_backend:
refresh_interval: 5m refresh_interval: 5m
file: file:
path: /etc/authelia/users_database.yml path: /etc/authelia/users_database.yml
watch: true
password: password:
algorithm: argon2 algorithm: argon2
argon2: argon2:

29
net/authelia/users_database.template.yml Normal file
View File

@@ -0,0 +1,29 @@
---
###############################################################
# Users Database Template #
###############################################################
# This is a template file - copy to users_database.yml and edit
# The actual users_database.yml is not tracked in git for security
# Generate password hashes using:
# docker run --rm authelia/authelia:latest authelia crypto hash generate argon2 --password 'yourpassword'
# List of users
users:
# Example user - replace with actual users
valknar:
displayname: "Valknar"
password: "$argon2id$v=19$m=65536,t=3,p=4$REPLACE_WITH_ACTUAL_HASH"
email: valknar@pivoine.art
groups:
- admins
- dev
# Add more users as needed:
# username:
# displayname: "Full Name"
# password: "$argon2id$v=19$m=65536,t=3,p=4$HASH_HERE"
# email: user@pivoine.art
# groups:
# - users

16
net/authelia/users_database.yml
View File

@@ -1,16 +0,0 @@
---
###############################################################
# Users Database #
###############################################################
# This file can be used if you do not have an LDAP set up.
# List of users
users:
valknar:
displayname: "Valknar"
password: "$argon2id$v=19$m=65536,t=3,p=4$c2FsdHNhbHRzYWx0$4oCb4oCh4oCd4oCi4oCl4oCm" # CHANGE THIS - use: docker run --rm authelia/authelia:latest authelia crypto hash generate argon2 --password 'yourpassword'
email: valknar@pivoine.art
groups:
- admins
- dev