From 88bd0d8b1133db0e2a1c7115b3001d97a551b7ef Mon Sep 17 00:00:00 2001
From: Colin <colin@nixc.us>
Date: Sun, 7 Apr 2024 12:55:10 -0400
Subject: [PATCH] forgot

---
 stack.production.yml | 45 +++++++++++++++++++++++++++++++++++++-------
 1 file changed, 38 insertions(+), 7 deletions(-)

diff --git a/stack.production.yml b/stack.production.yml
index 911b7f1..26d9551 100644
--- a/stack.production.yml
+++ b/stack.production.yml
@@ -8,6 +8,26 @@ x-authelia-env: &authelia-env
   TRAEFIK_DOMAIN: nixc.us
   # CONFIG: /home/deleted-porcupine/docker-configs
 
+secrets:
+  AUTHENTICATION_BACKEND_LDAP_PASSWORD:
+    external: true
+  CLIENT_SECRET_HEADSCALE:
+    external: true
+  IDENTITY_PROVIDERS_OIDC_HMAC_SECRET:
+    external: true
+  IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY:
+    external: true
+  IDENTITY_PROVIDERS_OIDC_JWKS_KEY:
+    external: true
+  IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET:
+    external: true
+  NOTIFIER_SMTP_PASSWORD:
+    external: true
+  SESSION_SECRET:
+    external: true
+  STORAGE_ENCRYPTION_KEY:
+    external: true
+
 networks:
   default:
     driver: overlay
@@ -18,13 +38,24 @@ networks:
 services:
   authelia:
     image: git.nixc.us/nixius/authelia:production-authelia
-    command:
-      - "authelia"
-      - "--config=/config/configuration.server.yml"
-      - "--config=/config/configuration.ldap.yml"
-      - "--config=/config/configuration.acl.yml"
-      - "--config=/config/configuration.identity.providers.yml"
-      - "--config=/config/configuration.oidc.clients.yml"
+    ## These are now included in the Dockerfile
+    # command:
+    #   - "authelia"
+    #   - "--config=/config/configuration.server.yml"
+    #   - "--config=/config/configuration.ldap.yml"
+    #   - "--config=/config/configuration.acl.yml"
+    #   - "--config=/config/configuration.identity.providers.yml"
+    #   - "--config=/config/configuration.oidc.clients.yml"
+    secrets:
+      - AUTHENTICATION_BACKEND_LDAP_PASSWORD
+      - CLIENT_SECRET_HEADSCALE
+      - IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
+      - IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
+      - IDENTITY_PROVIDERS_OIDC_JWKS_KEY
+      - IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
+      - NOTIFIER_SMTP_PASSWORD
+      - SESSION_SECRET
+      - STORAGE_ENCRYPTION_KEY
     environment:
       <<: *authelia-env
     volumes: