master #140
@ -27,57 +27,6 @@ services:
|
||||
parallelism: 1
|
||||
# order: start-first
|
||||
|
||||
zitadel:
|
||||
image: ghcr.io/zitadel/zitadel:latest
|
||||
networks:
|
||||
- common-infra-nginx
|
||||
command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled'
|
||||
environment:
|
||||
ZITADEL_DATABASE_POSTGRES_HOST: pg.sprinthub.ru
|
||||
ZITADEL_DATABASE_POSTGRES_PORT: 5432
|
||||
ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel
|
||||
ZITADEL_DATABASE_POSTGRES_USER_USERNAME: postgres
|
||||
ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: $DB_PASSWORD_PROD
|
||||
ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: disable
|
||||
ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres
|
||||
ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD
|
||||
ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable
|
||||
ZITADEL_EXTERNALSECURE: "false"
|
||||
ZITADEL_EXTERNALDOMAIN: zitadel.chocomarsh.com
|
||||
deploy:
|
||||
mode: replicated
|
||||
replicas: 1
|
||||
restart_policy:
|
||||
condition: any
|
||||
update_config:
|
||||
parallelism: 1
|
||||
|
||||
# authelia:
|
||||
# image: mathwave/sprint-repo:authelia
|
||||
# networks:
|
||||
# - common-infra-nginx
|
||||
# environment:
|
||||
# AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET
|
||||
# AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET
|
||||
# AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY
|
||||
# AUTHELIA_STORAGE_POSTGRES_PORT: "5432"
|
||||
# AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia"
|
||||
# AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres"
|
||||
# AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD
|
||||
# AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor"
|
||||
# AUTHELIA_NOTIFIER_SMTP_ENABLED: "false"
|
||||
# volumes:
|
||||
# - /sprint-data/authelia/data:/var/lib/authelia
|
||||
# deploy:
|
||||
# mode: replicated
|
||||
# replicas: 1
|
||||
# restart_policy:
|
||||
# condition: any
|
||||
# placement:
|
||||
# constraints: [node.labels.stage == production]
|
||||
# update_config:
|
||||
# parallelism: 1
|
||||
|
||||
grafana:
|
||||
image: grafana/grafana
|
||||
networks:
|
||||
|
||||
@ -19,8 +19,6 @@ jobs:
|
||||
ref: dev
|
||||
- name: build nginx dev
|
||||
run: docker build -t mathwave/sprint-repo:sprint-infra-nginx-dev nginx/nginx-dev
|
||||
- name: build gitea runner
|
||||
run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner
|
||||
push:
|
||||
name: Push
|
||||
runs-on: [ prod ]
|
||||
|
||||
@ -21,8 +21,6 @@ jobs:
|
||||
run: docker build -t mathwave/sprint-repo:sprint-infra-nginx-prod nginx/nginx-prod
|
||||
- name: build gitea runner
|
||||
run: docker build -t mathwave/sprint-repo:gitea-runner gitea-runner
|
||||
- name: build authelia
|
||||
run: docker build -t mathwave/sprint-repo:authelia authelia
|
||||
push:
|
||||
name: Push
|
||||
runs-on: [ prod ]
|
||||
@ -32,8 +30,6 @@ jobs:
|
||||
run: docker push mathwave/sprint-repo:sprint-infra-nginx-prod
|
||||
- name: push gitea runner
|
||||
run: docker push mathwave/sprint-repo:gitea-runner
|
||||
- name: push authelia
|
||||
run: docker push mathwave/sprint-repo:authelia
|
||||
prepare:
|
||||
name: prepare
|
||||
runs-on: [prod]
|
||||
@ -58,8 +54,6 @@ jobs:
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
ref: prod
|
||||
- name: deploy swarmpit
|
||||
run: docker stack deploy --with-registry-auth -c ./.deploy-swarmpit/deploy-prod.yaml swarmpit
|
||||
- name: deploy portainer
|
||||
run: docker stack deploy --with-registry-auth -c ./.deploy-portainer/deploy-prod.yaml portainer
|
||||
- name: deploy infra
|
||||
|
||||
@ -1,3 +0,0 @@
|
||||
FROM authelia/authelia
|
||||
COPY configuration.yml /config/configuration.yml
|
||||
COPY users.yml /config/users.yml
|
||||
@ -1,44 +0,0 @@
|
||||
theme: dark
|
||||
|
||||
jwt_secret: secret-jwt-will-be-overridden-by-env
|
||||
|
||||
server:
|
||||
host: 0.0.0.0
|
||||
port: 9091
|
||||
|
||||
log:
|
||||
level: info
|
||||
|
||||
authentication_backend:
|
||||
file:
|
||||
path: /config/users.yml
|
||||
|
||||
access_control:
|
||||
default_policy: one_factor
|
||||
rules:
|
||||
- domain: "*.chocomarsh.com"
|
||||
policy: one_factor
|
||||
|
||||
session:
|
||||
name: authelia_session
|
||||
expiration: 1h
|
||||
inactivity: 5m
|
||||
remember_me_duration: 1w
|
||||
cookies:
|
||||
- domain: chocomarsh.com
|
||||
authelia_url: https://auth.chocomarsh.com
|
||||
default_redirection_url: https://login.chocomarsh.com
|
||||
|
||||
storage:
|
||||
encryption_key: "a_very_long_secret_32_characters_minimum"
|
||||
postgres:
|
||||
host: pg.sprinthub.ru
|
||||
port: 5432
|
||||
database: authelia
|
||||
schema: public
|
||||
username: postgres
|
||||
password: autheliapass # also override with env if preferred
|
||||
|
||||
notifier:
|
||||
filesystem:
|
||||
filename: /config/notification.txt
|
||||
@ -1,5 +0,0 @@
|
||||
users:
|
||||
emmatveev:
|
||||
password: "$argon2id$v=19$m=65536,t=1,p=4$CixMXaAilVof3yk1rtghwg$V/kcl1HNDWeybrV3SrVjjdI00D1lFtuvLldkwAklSOE"
|
||||
displayname: "Egor Matveev"
|
||||
email: emmtvv@gmail.com
|
||||
Loading…
Reference in New Issue
Block a user