fixup
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/push/woodpecker Pipeline was successful
Details
This commit is contained in:
Your Name
parent
7a6cfde6e9
commit
330d1ac7b3
|
|
@ -170,6 +170,66 @@ steps:
|
||||||
branch: main
|
branch: main
|
||||||
event: [push, cron]
|
event: [push, cron]
|
||||||
|
|
||||||
|
# Create Docker Secrets
|
||||||
|
create-docker-secrets:
|
||||||
|
name: create-docker-secrets
|
||||||
|
image: woodpeckerci/plugin-docker-buildx
|
||||||
|
environment:
|
||||||
|
REGISTRY_USER:
|
||||||
|
from_secret: REGISTRY_USER
|
||||||
|
REGISTRY_PASSWORD:
|
||||||
|
from_secret: REGISTRY_PASSWORD
|
||||||
|
# Authelia Core Secrets
|
||||||
|
AUTHENTICATION_BACKEND_LDAP_PASSWORD:
|
||||||
|
from_secret: AUTHENTICATION_BACKEND_LDAP_PASSWORD
|
||||||
|
IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
|
||||||
|
from_secret: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
|
||||||
|
STORAGE_ENCRYPTION_KEY:
|
||||||
|
from_secret: STORAGE_ENCRYPTION_KEY
|
||||||
|
SESSION_SECRET:
|
||||||
|
from_secret: SESSION_SECRET
|
||||||
|
NOTIFIER_SMTP_PASSWORD:
|
||||||
|
from_secret: NOTIFIER_SMTP_PASSWORD
|
||||||
|
# OIDC Secrets
|
||||||
|
IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
|
||||||
|
from_secret: IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
|
||||||
|
IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
|
||||||
|
from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
|
||||||
|
IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
|
||||||
|
from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
|
||||||
|
# Client Secrets
|
||||||
|
CLIENT_SECRET_HEADSCALE:
|
||||||
|
from_secret: CLIENT_SECRET_HEADSCALE
|
||||||
|
CLIENT_SECRET_HEADADMIN:
|
||||||
|
from_secret: CLIENT_SECRET_HEADADMIN
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
commands:
|
||||||
|
- echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
|
||||||
|
- docker secret rm AUTHENTICATION_BACKEND_LDAP_PASSWORD || true
|
||||||
|
- docker secret rm IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET || true
|
||||||
|
- docker secret rm STORAGE_ENCRYPTION_KEY || true
|
||||||
|
- docker secret rm SESSION_SECRET || true
|
||||||
|
- docker secret rm NOTIFIER_SMTP_PASSWORD || true
|
||||||
|
- docker secret rm IDENTITY_PROVIDERS_OIDC_HMAC_SECRET || true
|
||||||
|
- docker secret rm IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY || true
|
||||||
|
- docker secret rm IDENTITY_PROVIDERS_OIDC_JWKS_KEY || true
|
||||||
|
- docker secret rm CLIENT_SECRET_HEADSCALE || true
|
||||||
|
- docker secret rm CLIENT_SECRET_HEADADMIN || true
|
||||||
|
- echo "$${AUTHENTICATION_BACKEND_LDAP_PASSWORD}" | docker secret create AUTHENTICATION_BACKEND_LDAP_PASSWORD -
|
||||||
|
- echo "$${IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET}" | docker secret create IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET -
|
||||||
|
- echo "$${STORAGE_ENCRYPTION_KEY}" | docker secret create STORAGE_ENCRYPTION_KEY -
|
||||||
|
- echo "$${SESSION_SECRET}" | docker secret create SESSION_SECRET -
|
||||||
|
- echo "$${NOTIFIER_SMTP_PASSWORD}" | docker secret create NOTIFIER_SMTP_PASSWORD -
|
||||||
|
- echo "$${IDENTITY_PROVIDERS_OIDC_HMAC_SECRET}" | docker secret create IDENTITY_PROVIDERS_OIDC_HMAC_SECRET -
|
||||||
|
- echo "$${IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY}" | docker secret create IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY -
|
||||||
|
- echo "$${IDENTITY_PROVIDERS_OIDC_JWKS_KEY}" | docker secret create IDENTITY_PROVIDERS_OIDC_JWKS_KEY -
|
||||||
|
- echo "$${CLIENT_SECRET_HEADSCALE}" | docker secret create CLIENT_SECRET_HEADSCALE -
|
||||||
|
- echo "$${CLIENT_SECRET_HEADADMIN}" | docker secret create CLIENT_SECRET_HEADADMIN -
|
||||||
|
when:
|
||||||
|
branch: main
|
||||||
|
event: [push, cron]
|
||||||
|
|
||||||
# Deploy Production
|
# Deploy Production
|
||||||
deploy-production:
|
deploy-production:
|
||||||
name: deploy-production
|
name: deploy-production
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,8 @@ x-authelia-env: &authelia-env
|
||||||
secrets:
|
secrets:
|
||||||
AUTHENTICATION_BACKEND_LDAP_PASSWORD:
|
AUTHENTICATION_BACKEND_LDAP_PASSWORD:
|
||||||
external: true
|
external: true
|
||||||
|
IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
|
||||||
|
external: true
|
||||||
IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
|
IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
|
||||||
external: true
|
external: true
|
||||||
IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
|
IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
|
||||||
|
|
@ -20,6 +22,10 @@ secrets:
|
||||||
external: true
|
external: true
|
||||||
STORAGE_ENCRYPTION_KEY:
|
STORAGE_ENCRYPTION_KEY:
|
||||||
external: true
|
external: true
|
||||||
|
CLIENT_SECRET_HEADSCALE:
|
||||||
|
external: true
|
||||||
|
CLIENT_SECRET_HEADADMIN:
|
||||||
|
external: true
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
default:
|
default:
|
||||||
|
|
@ -49,12 +55,15 @@ services:
|
||||||
- --config=/config/configuration.oidc.clients.yml
|
- --config=/config/configuration.oidc.clients.yml
|
||||||
secrets:
|
secrets:
|
||||||
- AUTHENTICATION_BACKEND_LDAP_PASSWORD
|
- AUTHENTICATION_BACKEND_LDAP_PASSWORD
|
||||||
|
- IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
|
||||||
- IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
|
- IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
|
||||||
- IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
|
- IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
|
||||||
- IDENTITY_PROVIDERS_OIDC_JWKS_KEY
|
- IDENTITY_PROVIDERS_OIDC_JWKS_KEY
|
||||||
- NOTIFIER_SMTP_PASSWORD
|
- NOTIFIER_SMTP_PASSWORD
|
||||||
- SESSION_SECRET
|
- SESSION_SECRET
|
||||||
- STORAGE_ENCRYPTION_KEY
|
- STORAGE_ENCRYPTION_KEY
|
||||||
|
- CLIENT_SECRET_HEADSCALE
|
||||||
|
- CLIENT_SECRET_HEADADMIN
|
||||||
environment: *authelia-env
|
environment: *authelia-env
|
||||||
dns:
|
dns:
|
||||||
- 1.1.1.1 # Cloudflare
|
- 1.1.1.1 # Cloudflare
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue