feat(examples): improve local setup script (#2094)

The local setup script expects to be run as root and would only work on a fresh clone of the repo. Now if not run as root the user will be prompted for sudo elevation at the beginning of the script and the script will also survive re-runs on a dirty clone.
This commit is contained in:
Amir Zarrinkafsh 2021-06-18 10:01:09 +10:00 committed by GitHub
parent 55d87f99e4
commit fc71030c18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 31 additions and 15 deletions

View File

@ -10,12 +10,12 @@ nav_order: 2
### Steps ### Steps
These commands are intended to be run sequentially: These commands are to be run sequentially:
- `git clone https://github.com/authelia/authelia.git` - `git clone https://github.com/authelia/authelia.git`
- `cd authelia/examples/compose/local` - `cd authelia/examples/compose/local`
- ``git checkout $(git describe --tags `git rev-list --tags --max-count=1`)`` - ``git checkout $(git describe --tags `git rev-list --tags --max-count=1`)``
- `sudo ./setup.sh` *sudo is required to modify the `/etc/hosts` file* - `./setup.sh` *sudo is required to modify the `/etc/hosts` file, the user will be prompted for access if not run as root*
You can now visit the following locations; replace example.com with the domain you specified in the setup script: You can now visit the following locations; replace example.com with the domain you specified in the setup script:
- https://public.example.com - Bypasses Authelia - https://public.example.com - Bypasses Authelia

View File

@ -1,5 +1,13 @@
#!/usr/bin/env bash #!/usr/bin/env bash
writehosts(){
echo "\
127.0.0.1 authelia.$DOMAIN
127.0.0.1 public.$DOMAIN
127.0.0.1 traefik.$DOMAIN
127.0.0.1 secure.$DOMAIN" | sudo tee -a /etc/hosts > /dev/null
}
username(){ username(){
read -ep "Enter your username for Authelia: " USERNAME read -ep "Enter your username for Authelia: " USERNAME
} }
@ -27,6 +35,18 @@ fi
echo "Pulling Authelia docker image for setup" echo "Pulling Authelia docker image for setup"
docker pull authelia/authelia > /dev/null docker pull authelia/authelia > /dev/null
if [[ $(id -u) != 0 ]]; then
echo "The script requires root access to perform some functions such as modifying your /etc/hosts file"
read -rp "Would you like to elevate access with sudo? [y/N] " confirmsudo
if ! [[ "$confirmsudo" =~ ^([yY][eE][sS]|[yY])$ ]]; then
echo "Sudo elevation denied, exiting"
exit
fi
fi
echo "Resetting docker-compose.yml, configuration.yml and users_database.yml"
sudo git checkout -- docker-compose.yml authelia/configuration.yml authelia/users_database.yml
read -ep "What root domain would you like to protect? (default/no selection is example.com): " DOMAIN read -ep "What root domain would you like to protect? (default/no selection is example.com): " DOMAIN
if [[ $DOMAIN == "" ]]; then if [[ $DOMAIN == "" ]]; then
@ -36,11 +56,7 @@ fi
MODIFIED=$(cat /etc/hosts | grep $DOMAIN && echo true || echo false) MODIFIED=$(cat /etc/hosts | grep $DOMAIN && echo true || echo false)
if [[ $MODIFIED == "false" ]]; then if [[ $MODIFIED == "false" ]]; then
echo "\ writehosts
127.0.0.1 authelia.$DOMAIN
127.0.0.1 public.$DOMAIN
127.0.0.1 traefik.$DOMAIN
127.0.0.1 secure.$DOMAIN" >> /etc/hosts
fi fi
echo "Generating SSL certificate for *.$DOMAIN" echo "Generating SSL certificate for *.$DOMAIN"
@ -48,9 +64,9 @@ docker run -a stdout -v $PWD/traefik/certs:/tmp/certs authelia/authelia authelia
if [[ $DOMAIN != "example.com" ]]; then if [[ $DOMAIN != "example.com" ]]; then
if [[ $(uname) == "Darwin" ]]; then if [[ $(uname) == "Darwin" ]]; then
sed -i '' "s/example.com/$DOMAIN/g" {docker-compose.yml,authelia/configuration.yml} sudo sed -i '' "s/example.com/$DOMAIN/g" {docker-compose.yml,authelia/configuration.yml}
else else
sed -i "s/example.com/$DOMAIN/g" {docker-compose.yml,authelia/configuration.yml} sudo sed -i "s/example.com/$DOMAIN/g" {docker-compose.yml,authelia/configuration.yml}
fi fi
fi fi
@ -58,9 +74,9 @@ username
if [[ $USERNAME != "" ]]; then if [[ $USERNAME != "" ]]; then
if [[ $(uname) == "Darwin" ]]; then if [[ $(uname) == "Darwin" ]]; then
sed -i '' "s/<USERNAME>/$USERNAME/g" authelia/users_database.yml sudo sed -i '' "s/<USERNAME>/$USERNAME/g" authelia/users_database.yml
else else
sed -i "s/<USERNAME>/$USERNAME/g" authelia/users_database.yml sudo sed -i "s/<USERNAME>/$USERNAME/g" authelia/users_database.yml
fi fi
else else
echo "Username cannot be empty" echo "Username cannot be empty"
@ -71,9 +87,9 @@ displayname
if [[ $DISPLAYNAME != "" ]]; then if [[ $DISPLAYNAME != "" ]]; then
if [[ $(uname) == "Darwin" ]]; then if [[ $(uname) == "Darwin" ]]; then
sed -i '' "s/<DISPLAYNAME>/$DISPLAYNAME/g" authelia/users_database.yml sudo sed -i '' "s/<DISPLAYNAME>/$DISPLAYNAME/g" authelia/users_database.yml
else else
sed -i "s/<DISPLAYNAME>/$DISPLAYNAME/g" authelia/users_database.yml sudo sed -i "s/<DISPLAYNAME>/$DISPLAYNAME/g" authelia/users_database.yml
fi fi
else else
echo "Display name cannot be empty" echo "Display name cannot be empty"
@ -85,9 +101,9 @@ password
if [[ $PASSWORD != "" ]]; then if [[ $PASSWORD != "" ]]; then
PASSWORD=$(docker run authelia/authelia authelia hash-password $PASSWORD | sed 's/Password hash: //g') PASSWORD=$(docker run authelia/authelia authelia hash-password $PASSWORD | sed 's/Password hash: //g')
if [[ $(uname) == "Darwin" ]]; then if [[ $(uname) == "Darwin" ]]; then
sed -i '' "s/<PASSWORD>/$(echo $PASSWORD | sed -e 's/[\/&]/\\&/g')/g" authelia/users_database.yml sudo sed -i '' "s/<PASSWORD>/$(echo $PASSWORD | sed -e 's/[\/&]/\\&/g')/g" authelia/users_database.yml
else else
sed -i "s/<PASSWORD>/$(echo $PASSWORD | sed -e 's/[\/&]/\\&/g')/g" authelia/users_database.yml sudo sed -i "s/<PASSWORD>/$(echo $PASSWORD | sed -e 's/[\/&]/\\&/g')/g" authelia/users_database.yml
fi fi
else else
echo "Password cannot be empty" echo "Password cannot be empty"