diff --git a/.gitignore b/.gitignore index e9fe0ab2..43c1931f 100644 --- a/.gitignore +++ b/.gitignore @@ -13,9 +13,7 @@ src/.baseDir.ts *.swp -*.sh - -config.yml +/config.yml npm-debug.log diff --git a/.travis.yml b/.travis.yml index a0ec104f..b5052c4f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,14 +19,7 @@ addons: before_install: npm install -g npm@'>=2.13.5' script: -- grunt build-dist -- grunt docker-build -- docker-compose build -- docker-compose up -d -- sleep 5 -- ./scripts/check-services.sh -- npm run int-test -- ./scripts/npm-deployment-test.sh + - ./scripts/travis.sh after_success: - ./scripts/docker-publish.sh diff --git a/Dockerfile b/Dockerfile index aec7ddcf..63b6d3eb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ COPY dist/src/server /usr/src ENV PORT=80 EXPOSE 80 -VOLUME /etc/auth-server -VOLUME /var/lib/auth-server +VOLUME /etc/authelia +VOLUME /var/lib/authelia -CMD ["node", "index.js", "/etc/auth-server/config.yml"] +CMD ["node", "index.js", "/etc/authelia/config.yml"] diff --git a/Gruntfile.js b/Gruntfile.js index 654f5f7c..775c85d3 100644 --- a/Gruntfile.js +++ b/Gruntfile.js @@ -5,12 +5,12 @@ module.exports = function (grunt) { run: { options: {}, "build": { - cmd: "npm", - args: ['run', 'build'] + cmd: "./node_modules/.bin/tsc", + args: ['-p', 'tsconfig.json'] }, "tslint": { - cmd: "npm", - args: ['run', 'tslint'] + cmd: "./node_modules/.bin/tslint", + args: ['-c', 'tslint.json', '-p', 'tsconfig.json'] }, "test": { cmd: "npm", diff --git a/config.template.yml b/config.template.yml index 2b234c11..acff1362 100644 --- a/config.template.yml +++ b/config.template.yml @@ -12,7 +12,7 @@ logs_level: info # Example: for user john, the DN will be cn=john,ou=users,dc=example,dc=com ldap: # The url of the ldap server - url: ldap://ldap + url: ldap://openldap-restriction # The base dn for every entries base_dn: dc=example,dc=com @@ -85,7 +85,7 @@ store_directory: /var/lib/authelia/store notifier: # For testing purpose, notifications can be sent in a file filesystem: - filename: /var/lib/auth-server/notifications/notification.txt + filename: /var/lib/authelia/notifications/notification.txt # Use your gmail account to send the notifications. You can use an app password. # gmail: diff --git a/docker-compose.base.yml b/docker-compose.base.yml new file mode 100644 index 00000000..3432395a --- /dev/null +++ b/docker-compose.base.yml @@ -0,0 +1,5 @@ +version: '2' + +networks: + example-network: + driver: bridge diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 765f5014..6f48df1f 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -1,10 +1,10 @@ - version: '2' services: - auth: + authelia: volumes: - ./test:/usr/src/test - ./dist/src/server:/usr/src - ./node_modules:/usr/src/node_modules - - ./config.yml:/etc/auth-server/config.yml:ro - + - ./config.yml:/etc/authelia/config.yml:ro + networks: + - example-network diff --git a/docker-compose.yml b/docker-compose.yml index 7245e3d6..deee95c9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,43 +1,11 @@ version: '2' services: - auth: + authelia: build: . restart: always volumes: - - ./config.template.yml:/etc/auth-server/config.yml:ro - - ./notifications:/var/lib/auth-server/notifications + - ./config.template.yml:/etc/authelia/config.yml:ro + - ./notifications:/var/lib/authelia/notifications + networks: + - example-network - nginx: - image: nginx:alpine - volumes: - - ./example/nginx_conf/nginx.conf:/etc/nginx/nginx.conf - - ./example/nginx_conf/index.html:/usr/share/nginx/html/index.html - - ./example/nginx_conf/secret.html:/usr/share/nginx/html/secret.html - - ./example/nginx_conf/ssl:/etc/ssl - depends_on: - - auth - ports: - - "8080:443" - - openldap: - image: clems4ever/openldap - ports: - - "389:389" - environment: - - SLAPD_ORGANISATION=MyCompany - - SLAPD_DOMAIN=example.com - - SLAPD_PASSWORD=password - - SLAPD_CONFIG_PASSWORD=password - - SLAPD_ADDITIONAL_MODULES=memberof - - SLAPD_ADDITIONAL_SCHEMAS=openldap - - SLAPD_FORCE_RECONFIGURE=true - volumes: - - ./example/ldap:/etc/ldap.dist/prepopulate - - openldap-admin: - image: osixia/phpldapadmin:0.6.11 - ports: - - 9090:80 - environment: - - PHPLDAPADMIN_LDAP_HOSTS=openldap - - PHPLDAPADMIN_HTTPS=false diff --git a/example/ldap/Dockerfile b/example/ldap/Dockerfile new file mode 100644 index 00000000..fbb515eb --- /dev/null +++ b/example/ldap/Dockerfile @@ -0,0 +1,9 @@ +FROM clems4ever/openldap + +ENV SLAPD_ORGANISATION=MyCompany +ENV SLAPD_DOMAIN=example.com +ENV SLAPD_PASSWORD=password +ENV SLAPD_CONFIG_PASSWORD=password +ENV SLAPD_ADDITIONAL_MODULES=memberof +ENV SLAPD_ADDITIONAL_SCHEMAS=openldap +ENV SLAPD_FORCE_RECONFIGURE=true diff --git a/example/ldap/base.ldif b/example/ldap/base.ldif index 97ca0356..f1fbdb88 100644 --- a/example/ldap/base.ldif +++ b/example/ldap/base.ldif @@ -25,7 +25,7 @@ dn: cn=john,ou=users,dc=example,dc=com cn: john objectclass: inetOrgPerson objectclass: top -mail: clement.michaud34@gmail.com +mail: john.doe@example.com sn: John Doe userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= @@ -45,18 +45,3 @@ mail: bob.dylan@example.com sn: Bob Dylan userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= -# dn: uid=jack,ou=users,dc=example,dc=com -# cn: jack -# gidnumber: 501 -# givenname: Jack -# homedirectory: /home/jack -# loginshell: /bin/sh -# objectclass: inetOrgPerson -# objectclass: posixAccount -# objectclass: top -# mail: jack.daniels@example.com -# sn: Jack Daniels -# uid: jack -# uidnumber: 1001 -# userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= -# diff --git a/example/ldap/docker-compose.admin.yml b/example/ldap/docker-compose.admin.yml new file mode 100644 index 00000000..c7307578 --- /dev/null +++ b/example/ldap/docker-compose.admin.yml @@ -0,0 +1,11 @@ +version: '2' +services: + openldap-admin: + image: osixia/phpldapadmin:0.6.11 + ports: + - 9090:80 + environment: + - PHPLDAPADMIN_LDAP_HOSTS=openldap + - PHPLDAPADMIN_HTTPS=false + networks: + - example-network diff --git a/example/ldap/docker-compose.yml b/example/ldap/docker-compose.yml new file mode 100644 index 00000000..0f505a0a --- /dev/null +++ b/example/ldap/docker-compose.yml @@ -0,0 +1,10 @@ +version: '2' +services: + openldap: + build: ./example/ldap + volumes: + - ./example/ldap/base.ldif:/etc/ldap.dist/prepopulate/base.ldif + - ./example/ldap/access.rules:/etc/ldap.dist/prepopulate/access.rules + networks: + - example-network + diff --git a/example/nginx/docker-compose.yml b/example/nginx/docker-compose.yml new file mode 100644 index 00000000..f4127377 --- /dev/null +++ b/example/nginx/docker-compose.yml @@ -0,0 +1,24 @@ +version: '2' +services: + nginx: + image: nginx:alpine + volumes: + - ./example/nginx/index.html:/usr/share/nginx/html/index.html + - ./example/nginx/secret.html:/usr/share/nginx/html/secret.html + - ./example/nginx/ssl:/etc/ssl + - ./example/nginx/nginx.conf:/etc/nginx/nginx.conf + ports: + - "8080:443" + depends_on: + - authelia + networks: + example-network: + aliases: + - home.test.local + - secret.test.local + - secret1.test.local + - secret2.test.local + - mx1.mail.test.local + - mx2.mail.test.local + - auth.test.local + diff --git a/example/nginx_conf/index.html b/example/nginx/index.html similarity index 100% rename from example/nginx_conf/index.html rename to example/nginx/index.html diff --git a/example/nginx_conf/nginx.conf b/example/nginx/nginx.conf similarity index 95% rename from example/nginx_conf/nginx.conf rename to example/nginx/nginx.conf index 400eb115..bb0749f3 100644 --- a/example/nginx_conf/nginx.conf +++ b/example/nginx/nginx.conf @@ -36,7 +36,7 @@ http { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; - proxy_pass http://auth/; + proxy_pass http://authelia/; proxy_intercept_errors on; @@ -68,7 +68,7 @@ http { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; - proxy_pass http://auth/verify; + proxy_pass http://authelia/verify; } location = /secret.html { diff --git a/example/nginx_conf/secret.html b/example/nginx/secret.html similarity index 63% rename from example/nginx_conf/secret.html rename to example/nginx/secret.html index 8b44155a..d1693678 100644 --- a/example/nginx_conf/secret.html +++ b/example/nginx/secret.html @@ -4,6 +4,6 @@
This is a very important secret!