Lukáš Kucharczyk
|
1df2e68180
|
nginx: log subrequests
|
2021-06-21 06:14:19 +00:00 |
Lukáš Kucharczyk
|
d72ee10d04
|
README: add authelia
|
2021-06-20 21:58:10 +02:00 |
Lukáš Kucharczyk
|
9cf68c4fda
|
authelia: set everything to bypass for now
|
2021-06-20 21:54:32 +02:00 |
Lukáš Kucharczyk
|
90d1065f53
|
vault: change keycloak admin
|
2021-06-20 21:53:45 +02:00 |
Lukáš Kucharczyk
|
a465111aa7
|
authelia: move proxy config up
|
2021-06-20 21:53:20 +02:00 |
Lukáš Kucharczyk
|
13c9974b4d
|
Fix authelia-*.conf
The example at https://www.authelia.com/docs/deployment/supported-proxies/nginx.html
does not seem to work. Updated with code from:
https://github.com/linuxserver/docker-swag/blob/master/root/defaults/authelia-server.conf
https://github.com/linuxserver/docker-swag/blob/master/root/defaults/authelia-location.conf
|
2021-06-20 20:58:09 +02:00 |
Lukáš Kucharczyk
|
ff90202646
|
provision.sh: add fish hashbang
|
2021-06-20 20:57:30 +02:00 |
Lukáš Kucharczyk
|
171ef655f8
|
general: add provision.sh
|
2021-06-20 20:37:06 +02:00 |
Lukáš Kucharczyk
|
3ee7f94194
|
minor: add missing semicolon
|
2021-06-20 20:35:08 +02:00 |
Lukáš Kucharczyk
|
8658efa4d9
|
minor: add space around variable
|
2021-06-20 19:44:58 +02:00 |
Lukáš Kucharczyk
|
3d353c4b84
|
general: add show-pass.sh
|
2021-06-20 19:43:37 +02:00 |
Lukáš Kucharczyk
|
f73272ac91
|
keycloak: enable authelia interstitial
|
2021-06-20 19:39:46 +02:00 |
Lukáš Kucharczyk
|
3d06cf48b8
|
authelia: add configuration.yml
|
2021-06-20 19:39:31 +02:00 |
Lukáš Kucharczyk
|
851f5ac25e
|
authelia: add more nginx configuration
|
2021-06-20 19:38:53 +02:00 |
Lukáš Kucharczyk
|
c45df9911f
|
authelia: add the nginx configuration
|
2021-06-20 19:38:28 +02:00 |
Lukáš Kucharczyk
|
c19bd16a41
|
authelia: add the main task
|
2021-06-20 19:38:06 +02:00 |
Lukáš Kucharczyk
|
763b6993fc
|
Add authelia role to playbook
|
2021-06-20 19:37:45 +02:00 |
Lukáš Kucharczyk
|
b7c3a3af8a
|
openldap: disable debug logging
|
2021-06-20 18:19:18 +02:00 |
Lukáš Kucharczyk
|
da527acb17
|
openldap: remove more cruft
|
2021-06-20 18:18:44 +02:00 |
Lukáš Kucharczyk
|
d38701a0e9
|
openldap: remove cruft
|
2021-06-20 18:18:21 +02:00 |
Lukáš Kucharczyk
|
6fca397d25
|
openldap: move admin password to vault
|
2021-06-20 18:16:10 +02:00 |
Lukáš Kucharczyk
|
592273fc5b
|
List OpenLDAP in README
|
2021-05-18 23:18:11 +02:00 |
Lukáš Kucharczyk
|
e986991466
|
Add Keycloak (#1)
|
2021-05-18 23:10:37 +02:00 |
Lukáš Kucharczyk
|
6dcb21fe75
|
Add PostgreSQL (#14)
|
2021-05-18 23:09:37 +02:00 |
Lukáš Kucharczyk
|
5b5f53564f
|
nginx: add more snippets, some placeholders
|
2021-05-18 19:40:58 +02:00 |
Lukáš Kucharczyk
|
c79009e541
|
Add hostname to OpenLDAP, remove bridge network
|
2021-05-18 19:37:43 +02:00 |
Lukáš Kucharczyk
|
8d193080dc
|
Allow outside access to LDAP
|
2021-05-16 23:47:07 +02:00 |
Lukáš Kucharczyk
|
c93f579af9
|
Make loading of custom ldifs work
|
2021-05-16 23:46:45 +02:00 |
Lukáš Kucharczyk
|
8f4cf4883e
|
Add minimum viable role.
|
2021-05-16 23:02:01 +02:00 |
Lukáš Kucharczyk
|
2fe28931e7
|
Move ovh.ini to Ansible Vault for now
|
2021-05-15 00:15:11 +02:00 |
Lukáš Kucharczyk
|
87853b9fde
|
Fix nginx template snippets not being copied
|
2021-05-15 00:01:23 +02:00 |
Lukáš Kucharczyk
|
60cb099b4b
|
Add ANSIBLE_ARGS to Vagrantfile
|
2021-05-15 00:00:54 +02:00 |
Lukáš Kucharczyk
|
5dfca40517
|
Remove docker-data from .gitignore
|
2021-05-15 00:00:32 +02:00 |
Lukáš Kucharczyk
|
a19ebceece
|
Add .editorconfig
|
2021-05-15 00:00:06 +02:00 |
Lukáš Kucharczyk
|
89c7618c4c
|
Merge pull request 'Improve SSL handling' (#25) from feat/better-ssl into main
Reviewed-on: homelab/next#25
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
af5e7c153f
|
Move certificates to Ansible Vault (#27)
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
bd6f1b2371
|
Put cert generation behind variable
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
9cd4aa1ad3
|
Add nginx snippets from Nginx Proxy Manager
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
2412c87fbb
|
Change certificate paths in nginx.conf
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
cd7b9918a1
|
Change how certificates are installed
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
69ce5dc3a9
|
Move certificates to roles/nginx/files for now
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
dadfb98455
|
Add new certs
|
2021-05-14 21:58:11 +00:00 |
Lukáš Kucharczyk
|
11a7231f61
|
Add back hosts file, update README
|
2021-05-14 00:11:05 +02:00 |
Lukáš Kucharczyk
|
f458dc9229
|
Move from localhost to vagrant
|
2021-05-13 23:47:34 +02:00 |
Lukáš Kucharczyk
|
5986bdeed8
|
Remove redundant hosts file
|
2021-05-13 23:46:02 +02:00 |
Lukáš Kucharczyk
|
b33ca21149
|
Add certs directory
|
2021-05-13 21:35:22 +02:00 |
Lukáš Kucharczyk
|
c158a21dfc
|
nginx: separate self-signed certs
|
2021-05-05 20:41:28 +02:00 |
Lukáš Kucharczyk
|
d0d33b47b9
|
nginx: join the default bridge network for ext access
|
2021-05-05 19:35:55 +02:00 |
Lukáš Kucharczyk
|
54de631d29
|
Improve routing between containers
Create user network nginx-internal
and use Docker's internal DNS server
to resolve containers by hostname.
|
2021-04-27 23:09:21 +02:00 |
Lukáš Kucharczyk
|
d9bd3ac145
|
Improve certificate generation
1. Generate root CA
2. Generate wildcard CSR
3. Sign wildcard CSR with root CA
4. Install root CA system-wide
|
2021-04-27 22:29:52 +02:00 |