Commit Graph

63 Commits

Author SHA1 Message Date
Lukáš Kucharczyk 1df2e68180 nginx: log subrequests 2021-06-21 06:14:19 +00:00
Lukáš Kucharczyk d72ee10d04
README: add authelia 2021-06-20 21:58:10 +02:00
Lukáš Kucharczyk 9cf68c4fda
authelia: set everything to bypass for now 2021-06-20 21:54:32 +02:00
Lukáš Kucharczyk 90d1065f53
vault: change keycloak admin 2021-06-20 21:53:45 +02:00
Lukáš Kucharczyk a465111aa7
authelia: move proxy config up 2021-06-20 21:53:20 +02:00
Lukáš Kucharczyk 13c9974b4d
Fix authelia-*.conf
The example at https://www.authelia.com/docs/deployment/supported-proxies/nginx.html
does not seem to work. Updated with code from:
https://github.com/linuxserver/docker-swag/blob/master/root/defaults/authelia-server.conf
https://github.com/linuxserver/docker-swag/blob/master/root/defaults/authelia-location.conf
2021-06-20 20:58:09 +02:00
Lukáš Kucharczyk ff90202646
provision.sh: add fish hashbang 2021-06-20 20:57:30 +02:00
Lukáš Kucharczyk 171ef655f8
general: add provision.sh 2021-06-20 20:37:06 +02:00
Lukáš Kucharczyk 3ee7f94194
minor: add missing semicolon 2021-06-20 20:35:08 +02:00
Lukáš Kucharczyk 8658efa4d9
minor: add space around variable 2021-06-20 19:44:58 +02:00
Lukáš Kucharczyk 3d353c4b84
general: add show-pass.sh 2021-06-20 19:43:37 +02:00
Lukáš Kucharczyk f73272ac91
keycloak: enable authelia interstitial 2021-06-20 19:39:46 +02:00
Lukáš Kucharczyk 3d06cf48b8
authelia: add configuration.yml 2021-06-20 19:39:31 +02:00
Lukáš Kucharczyk 851f5ac25e
authelia: add more nginx configuration 2021-06-20 19:38:53 +02:00
Lukáš Kucharczyk c45df9911f
authelia: add the nginx configuration 2021-06-20 19:38:28 +02:00
Lukáš Kucharczyk c19bd16a41
authelia: add the main task 2021-06-20 19:38:06 +02:00
Lukáš Kucharczyk 763b6993fc
Add authelia role to playbook 2021-06-20 19:37:45 +02:00
Lukáš Kucharczyk b7c3a3af8a
openldap: disable debug logging 2021-06-20 18:19:18 +02:00
Lukáš Kucharczyk da527acb17
openldap: remove more cruft 2021-06-20 18:18:44 +02:00
Lukáš Kucharczyk d38701a0e9
openldap: remove cruft 2021-06-20 18:18:21 +02:00
Lukáš Kucharczyk 6fca397d25
openldap: move admin password to vault 2021-06-20 18:16:10 +02:00
Lukáš Kucharczyk 592273fc5b
List OpenLDAP in README 2021-05-18 23:18:11 +02:00
Lukáš Kucharczyk e986991466
Add Keycloak (#1) 2021-05-18 23:10:37 +02:00
Lukáš Kucharczyk 6dcb21fe75
Add PostgreSQL (#14) 2021-05-18 23:09:37 +02:00
Lukáš Kucharczyk 5b5f53564f
nginx: add more snippets, some placeholders 2021-05-18 19:40:58 +02:00
Lukáš Kucharczyk c79009e541
Add hostname to OpenLDAP, remove bridge network 2021-05-18 19:37:43 +02:00
Lukáš Kucharczyk 8d193080dc
Allow outside access to LDAP 2021-05-16 23:47:07 +02:00
Lukáš Kucharczyk c93f579af9
Make loading of custom ldifs work 2021-05-16 23:46:45 +02:00
Lukáš Kucharczyk 8f4cf4883e
Add minimum viable role. 2021-05-16 23:02:01 +02:00
Lukáš Kucharczyk 2fe28931e7
Move ovh.ini to Ansible Vault for now 2021-05-15 00:15:11 +02:00
Lukáš Kucharczyk 87853b9fde
Fix nginx template snippets not being copied 2021-05-15 00:01:23 +02:00
Lukáš Kucharczyk 60cb099b4b
Add ANSIBLE_ARGS to Vagrantfile 2021-05-15 00:00:54 +02:00
Lukáš Kucharczyk 5dfca40517
Remove docker-data from .gitignore 2021-05-15 00:00:32 +02:00
Lukáš Kucharczyk a19ebceece
Add .editorconfig 2021-05-15 00:00:06 +02:00
Lukáš Kucharczyk 89c7618c4c Merge pull request 'Improve SSL handling' (#25) from feat/better-ssl into main
Reviewed-on: homelab/next#25
2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk af5e7c153f Move certificates to Ansible Vault (#27) 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk bd6f1b2371 Put cert generation behind variable 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk 9cd4aa1ad3 Add nginx snippets from Nginx Proxy Manager 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk 2412c87fbb Change certificate paths in nginx.conf 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk cd7b9918a1 Change how certificates are installed 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk 69ce5dc3a9 Move certificates to roles/nginx/files for now 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk dadfb98455 Add new certs 2021-05-14 21:58:11 +00:00
Lukáš Kucharczyk 11a7231f61
Add back hosts file, update README 2021-05-14 00:11:05 +02:00
Lukáš Kucharczyk f458dc9229
Move from localhost to vagrant 2021-05-13 23:47:34 +02:00
Lukáš Kucharczyk 5986bdeed8
Remove redundant hosts file 2021-05-13 23:46:02 +02:00
Lukáš Kucharczyk b33ca21149
Add certs directory 2021-05-13 21:35:22 +02:00
Lukáš Kucharczyk c158a21dfc
nginx: separate self-signed certs 2021-05-05 20:41:28 +02:00
Lukáš Kucharczyk d0d33b47b9
nginx: join the default bridge network for ext access 2021-05-05 19:35:55 +02:00
Lukáš Kucharczyk 54de631d29
Improve routing between containers
Create user network nginx-internal
and use Docker's internal DNS server
to resolve containers by hostname.
2021-04-27 23:09:21 +02:00
Lukáš Kucharczyk d9bd3ac145
Improve certificate generation
1. Generate root CA
2. Generate wildcard CSR
3. Sign wildcard CSR with root CA
4. Install root CA system-wide
2021-04-27 22:29:52 +02:00