fixup
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/push/woodpecker Pipeline was successful
Details
This commit is contained in:
Your Name
parent
7a6cfde6e9
commit
330d1ac7b3
|
|
@ -170,6 +170,66 @@ steps:
|
|||
branch: main
|
||||
event: [push, cron]
|
||||
|
||||
# Create Docker Secrets
|
||||
create-docker-secrets:
|
||||
name: create-docker-secrets
|
||||
image: woodpeckerci/plugin-docker-buildx
|
||||
environment:
|
||||
REGISTRY_USER:
|
||||
from_secret: REGISTRY_USER
|
||||
REGISTRY_PASSWORD:
|
||||
from_secret: REGISTRY_PASSWORD
|
||||
# Authelia Core Secrets
|
||||
AUTHENTICATION_BACKEND_LDAP_PASSWORD:
|
||||
from_secret: AUTHENTICATION_BACKEND_LDAP_PASSWORD
|
||||
IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
|
||||
from_secret: IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
|
||||
STORAGE_ENCRYPTION_KEY:
|
||||
from_secret: STORAGE_ENCRYPTION_KEY
|
||||
SESSION_SECRET:
|
||||
from_secret: SESSION_SECRET
|
||||
NOTIFIER_SMTP_PASSWORD:
|
||||
from_secret: NOTIFIER_SMTP_PASSWORD
|
||||
# OIDC Secrets
|
||||
IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
|
||||
from_secret: IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
|
||||
IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
|
||||
from_secret: IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
|
||||
IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
|
||||
from_secret: IDENTITY_PROVIDERS_OIDC_JWKS_KEY
|
||||
# Client Secrets
|
||||
CLIENT_SECRET_HEADSCALE:
|
||||
from_secret: CLIENT_SECRET_HEADSCALE
|
||||
CLIENT_SECRET_HEADADMIN:
|
||||
from_secret: CLIENT_SECRET_HEADADMIN
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
commands:
|
||||
- echo "$${REGISTRY_PASSWORD}" | docker login -u "$${REGISTRY_USER}" --password-stdin git.nixc.us
|
||||
- docker secret rm AUTHENTICATION_BACKEND_LDAP_PASSWORD || true
|
||||
- docker secret rm IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET || true
|
||||
- docker secret rm STORAGE_ENCRYPTION_KEY || true
|
||||
- docker secret rm SESSION_SECRET || true
|
||||
- docker secret rm NOTIFIER_SMTP_PASSWORD || true
|
||||
- docker secret rm IDENTITY_PROVIDERS_OIDC_HMAC_SECRET || true
|
||||
- docker secret rm IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY || true
|
||||
- docker secret rm IDENTITY_PROVIDERS_OIDC_JWKS_KEY || true
|
||||
- docker secret rm CLIENT_SECRET_HEADSCALE || true
|
||||
- docker secret rm CLIENT_SECRET_HEADADMIN || true
|
||||
- echo "$${AUTHENTICATION_BACKEND_LDAP_PASSWORD}" | docker secret create AUTHENTICATION_BACKEND_LDAP_PASSWORD -
|
||||
- echo "$${IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET}" | docker secret create IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET -
|
||||
- echo "$${STORAGE_ENCRYPTION_KEY}" | docker secret create STORAGE_ENCRYPTION_KEY -
|
||||
- echo "$${SESSION_SECRET}" | docker secret create SESSION_SECRET -
|
||||
- echo "$${NOTIFIER_SMTP_PASSWORD}" | docker secret create NOTIFIER_SMTP_PASSWORD -
|
||||
- echo "$${IDENTITY_PROVIDERS_OIDC_HMAC_SECRET}" | docker secret create IDENTITY_PROVIDERS_OIDC_HMAC_SECRET -
|
||||
- echo "$${IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY}" | docker secret create IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY -
|
||||
- echo "$${IDENTITY_PROVIDERS_OIDC_JWKS_KEY}" | docker secret create IDENTITY_PROVIDERS_OIDC_JWKS_KEY -
|
||||
- echo "$${CLIENT_SECRET_HEADSCALE}" | docker secret create CLIENT_SECRET_HEADSCALE -
|
||||
- echo "$${CLIENT_SECRET_HEADADMIN}" | docker secret create CLIENT_SECRET_HEADADMIN -
|
||||
when:
|
||||
branch: main
|
||||
event: [push, cron]
|
||||
|
||||
# Deploy Production
|
||||
deploy-production:
|
||||
name: deploy-production
|
||||
|
|
|
|||
|
|
@ -8,6 +8,8 @@ x-authelia-env: &authelia-env
|
|||
secrets:
|
||||
AUTHENTICATION_BACKEND_LDAP_PASSWORD:
|
||||
external: true
|
||||
IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
|
||||
external: true
|
||||
IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
|
||||
external: true
|
||||
IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
|
||||
|
|
@ -20,6 +22,10 @@ secrets:
|
|||
external: true
|
||||
STORAGE_ENCRYPTION_KEY:
|
||||
external: true
|
||||
CLIENT_SECRET_HEADSCALE:
|
||||
external: true
|
||||
CLIENT_SECRET_HEADADMIN:
|
||||
external: true
|
||||
|
||||
networks:
|
||||
default:
|
||||
|
|
@ -49,12 +55,15 @@ services:
|
|||
- --config=/config/configuration.oidc.clients.yml
|
||||
secrets:
|
||||
- AUTHENTICATION_BACKEND_LDAP_PASSWORD
|
||||
- IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
|
||||
- IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
|
||||
- IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
|
||||
- IDENTITY_PROVIDERS_OIDC_JWKS_KEY
|
||||
- NOTIFIER_SMTP_PASSWORD
|
||||
- SESSION_SECRET
|
||||
- STORAGE_ENCRYPTION_KEY
|
||||
- CLIENT_SECRET_HEADSCALE
|
||||
- CLIENT_SECRET_HEADADMIN
|
||||
environment: *authelia-env
|
||||
dns:
|
||||
- 1.1.1.1 # Cloudflare
|
||||
|
|
|
|||
Loading…
Reference in New Issue