From 71a812710511613af56b8ad4c83d3ab42d563dfd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Lov=C3=A9n?= Date: Sat, 21 Aug 2021 23:14:25 +0200 Subject: [PATCH] Update readme --- README.md | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 971207f..7d40e94 100644 --- a/README.md +++ b/README.md @@ -2,15 +2,20 @@ Configuration for traefik 2 and authelia +## Environment variables -### Authelia preprocessor -The authelia configuration contains some sensitive values, but authelia cannot read them from env variables like traefic can. -Instead, a special service - `authelia-config` runs before authelia start, and preprocesses the configuration file. +This setup uses two global environment variables: `PRIVATE_DOMAIN` and `PUBLIC_DOMAIN`. Those are two registered domain names I use for public and private services. -- Local file `./authelia/configuration.yaml` is mapped to `/data/input` in `authelia-config` -- Volume `authelia-config` is mapped to `/data/output` in `authelia-config` -- `authelia-config` runs `gomplate` on `/data/input` and saves to `data/output/configuration.yaml` -- Volume `authelia-config` is mapped to `/etc/authelia` in `authelia`, where it reads its configuration +There is also an `.env` file which defines a few more variables: +``` +AUTHELIA_JWT_SECRET=... +AUTHELIA_SESSION_SECRET=... +AUTHELIA_SESSION_DOMAIN=... +AUTHELIA_TOTP_ISSUER=... +TRAEFIK_CERTIFICATERESOLVERS_LE_ACME_EMAIL=... +``` + +The value of those depend on your setup and can be found in the Traefik and Authelia documentation. ## Lessons learned