Nixius
/
authelia
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Nixius:15cd2440b9670b8493fd7d89f9ae85876cf32309
Branches Tags
Nixius:main
...
compare: Nixius:73e9856e613f969de262faab1d0f9f0857003d46
Branches Tags
Nixius:main

2 Commits
15cd2440b9 ... 73e9856e61

Author SHA1 Message Date
Your Name 73e9856e61 fixup
ci/woodpecker/push/woodpecker Pipeline failed Details
2025-06-04 16:20:48 -04:00
Your Name 9b47588a81 Reorganize tests into ./tests directory with precommit naming convention 2025-06-04 16:19:55 -04:00
10 changed files with 734 additions and 9 deletions
Show Stats Expand all files Collapse all files

29
.gitignore vendored Normal file
View File

@ -0,0 +1,29 @@
# Secrets and sensitive files
secrets.md
*.secret
*.key
*.pem
# OS generated files
.DS_Store
.DS_Store?
._*
.Spotlight-V100
.Trashes
ehthumbs.db
Thumbs.db
# IDE files
.vscode/
.idea/
*.swp
*.swo
*~
# Logs
*.log
logs/
# Temporary files
*.tmp
*.temp

49
authelia-dev-config.yml Normal file
View File

@ -0,0 +1,49 @@
---
# Authelia Development Configuration
# Minimal config for local development
server:
address: tcp://0.0.0.0:9091
log:
level: debug
identity_validation:
reset_password:
jwt_secret: DoXL9Z1aCrXQ3Ylc2J9MWLO8QeseI8W6F91R0lS0SIE=
authentication_backend:
file:
path: /config/users_database.yml
access_control:
default_policy: one_factor
rules:
- domain: ["dev.local.com"]
policy: one_factor
session:
cookies:
- name: authelia_session
domain: dev.local.com
authelia_url: http://dev.local.com:9091
secret: DoXL9Z1aCrXQ3Ylc2J9MWLO8QeseI8W6F91R0lS0SIE=
expiration: 1h
inactivity: 5m
regulation:
max_retries: 3
find_time: 120
ban_time: 300
storage:
local:
path: /data/db.sqlite3
encryption_key: DvbtMjsNDIC3eqtNaPtdHm/f07dtlHREgieDStTu9NA=
notifier:
filesystem:
filename: /data/notification.txt
totp:
issuer: authelia.com

163
docker-compose.dev.yml Normal file
View File

@ -0,0 +1,163 @@
services:
mariadb:
image: mariadb:latest
container_name: authelia_mariadb
environment:
MYSQL_ROOT_PASSWORD: dev_authelia_root
MYSQL_DATABASE: authelia
MYSQL_USER: authelia
MYSQL_PASSWORD: authelia
volumes:
- mariadb_data:/var/lib/mysql
# No ports exposed - internal only
networks:
- authelia_dev
healthcheck:
test: ["CMD", "/usr/local/bin/healthcheck.sh", "--su-mysql", "--connect", "--innodb_initialized"]
start_period: 30s
interval: 30s
timeout: 10s
retries: 5
redis:
image: redis:latest
container_name: authelia_redis
command: redis-server --appendonly yes
volumes:
- redis_data:/data
# No ports exposed - internal only
networks:
- authelia_dev
healthcheck:
test: ["CMD", "redis-cli", "ping"]
start_period: 10s
interval: 30s
timeout: 5s
retries: 3
lldap:
image: nitnelave/lldap:latest
container_name: lldap_lldap
volumes:
- lldap_data:/data
environment:
- LLDAP_JWT_SECRET=I2sNvGvhzZlTJWPfNL9MBPFGhyG/gWU5wHz6wFsIC3I=
- LLDAP_LDAP_USER_PASS=/ETAToLiZPWo6QK171abAUqsa3WDpd9IgneZnTA4zU0=
- LLDAP_LDAP_BASE_DN=dc=nixc,dc=us
- PUID=33
- PGID=33
ports:
# Only expose web UI for manual testing
- "17170:17170" # Web interface port
networks:
- authelia_dev
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:17170/health"]
start_period: 10s
interval: 30s
timeout: 5s
retries: 3
authelia:
build:
context: ./docker/authelia/
dockerfile: Dockerfile
image: git.nixc.us/nixius/authelia:dev-authelia
container_name: authelia_dev_main
command:
- sh
- -c
- |
# Create the secrets directory and populate with environment variables
mkdir -p /run/secrets
echo "$${IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET}" > /run/secrets/IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET
echo "$${STORAGE_ENCRYPTION_KEY}" > /run/secrets/STORAGE_ENCRYPTION_KEY
echo "$${SESSION_SECRET}" > /run/secrets/SESSION_SECRET
echo "$${NOTIFIER_SMTP_PASSWORD}" > /run/secrets/NOTIFIER_SMTP_PASSWORD
echo "$${AUTHENTICATION_BACKEND_LDAP_PASSWORD}" > /run/secrets/AUTHENTICATION_BACKEND_LDAP_PASSWORD
echo "$${IDENTITY_PROVIDERS_OIDC_HMAC_SECRET}" > /run/secrets/IDENTITY_PROVIDERS_OIDC_HMAC_SECRET
echo "$${IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY}" > /run/secrets/IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY
echo "$${IDENTITY_PROVIDERS_OIDC_JWKS_KEY}" > /run/secrets/IDENTITY_PROVIDERS_OIDC_JWKS_KEY
echo "$${CLIENT_SECRET_HEADSCALE}" > /run/secrets/CLIENT_SECRET_HEADSCALE
echo "$${CLIENT_SECRET_HEADADMIN}" > /run/secrets/CLIENT_SECRET_HEADADMIN
# Start Authelia with original command
exec authelia --config=/config/configuration.server.yml --config=/config/configuration.ldap.yml --config=/config/configuration.acl.yml
environment:
# Template environment variables
X_AUTHELIA_EMAIL: authelia@nixc.us
X_AUTHELIA_SITE_NAME: ATLAS-DEV
X_AUTHELIA_CONFIG_FILTERS: template
X_AUTHELIA_LDAP_DOMAIN: dc=nixc,dc=us
TRAEFIK_DOMAIN: dev.local.com
# Development secrets for templates
IDENTITY_VALIDATION_RESET_PASSWORD_JWT_SECRET: DoXL9Z1aCrXQ3Ylc2J9MWLO8QeseI8W6F91R0lS0SIE=
STORAGE_ENCRYPTION_KEY: DvbtMjsNDIC3eqtNaPtdHm/f07dtlHREgieDStTu9NA=
SESSION_SECRET: DoXL9Z1aCrXQ3Ylc2J9MWLO8QeseI8W6F91R0lS0SIE=
NOTIFIER_SMTP_PASSWORD: 8P7ah6U5ZjbQ2Faaw1fJoehxJrMOslCu
AUTHENTICATION_BACKEND_LDAP_PASSWORD: /ETAToLiZPWo6QK171abAUqsa3WDpd9IgneZnTA4zU0=
IDENTITY_PROVIDERS_OIDC_HMAC_SECRET: Pq5+dkrmh04daeSEPEXGq6JniiPsgJ6nHBi/ettUGLSKcuZtnaw3em8/BCXn2iFhUqTRdLSeCiWMbo+oEl/ZYA==
IDENTITY_PROVIDERS_OIDC_ISSUER_PRIVATE_KEY: |
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC0JC4jaDhdqk3U
0yDwAh5JVQR84htkPY0Trf5VQYNnBhglo2CqRm6jwjzfOJLBruCUokbG5wJL+OU8
zDm3aQAhF0xWPEr1ad1U+fIezdF4pZ0fDHVAG9MYTwZYD8iYQclVhoKA8M6/gT15
QHq0Fzfgf4U5dmsNH2CWiFi+TAWQ85bxLiXchTnRkoyZ445xBqCuthJyvvUtrZrl
dCAcnNJ6kdGypXwqAuOGrRDz1g9cv52aoJC0k747EnMcmm1HEuR2zGXyw2RM+Sbu
GrUhLk2vCE448zKXuJGEckalMn2yBfaf5RsZYC9j7SwB0ehyNk5Bn4tKuPt38C7T
wWkIoI/DAgMBAAECggEAAIQB/2cmK8GrC14dwAVUu0NoPRTgnMulHCNPxERPV5Va
4fCy/CNlE0iHdODsLdKN7gVkGOAPnGwP+LnIIh0Sbp9q2bkk3C/IMTZ6wCY5E64i
e85E7HQOVjytRfjb/on7RSianKF6PG4Z4PKTgPFE30c+K5XwZIJse/UHKM3kgWLp
exKVvYyKDrERunDJqZbYsxSnixk8TavOWFHkpk0wHYvxso6a7jQfEjDWh3N7lduj
RlaesSO+NJrZDq44zbyJNsFjh4DsNITdBwYXERPUS33Dp+IlrD2SeQMtMBtz+7Ha
Pd8jMpx8Fw/S3CnjSYRRzDj5Z21EfspfoO6v1ULA0QKBgQDyQejBS7QNwNRIcnhO
b6TVOPmqcOL9gR/mkC4VmWFvf4pTA69OOuU/gHeF6+J40Z4tuFggHMoPmZuPi9AL
GSp2UZQHYa7BxTk7XxESflF/8HzgbtFtK/0dUp1l2JN26qha+djQADFFPNWs8abX
wpbKfjPqLzwR8K5kCtbd3WWDrwKBgQC+XDajJ6I4k9hwfYDxb35UkNFjboK4NfTY
u5Eiz1NhbqqkNV8idZhadJfnbgIAymqr9Yf9M9ncAbuUhCDI2r/VL1CLMx/y/DGH
RxlXWq4sArG1xpR1Muc9W8tTT9cf9XDMmuL81wYccXGqv3RpYQM/VtYIRSWvC0HE
FxZCGPa2LQKBgHlg1IGksH4Dk1kJIYYLIgdDGLRxAwoI3DblHnHr+4ml2WRmgDst
/xamAzyyRzJJtHsr1duhEQxn5i0x2/bzkPbfQM/B/ZFQg7BfnWoqqCL2F1tLqtqM
I7HBZuNUc+4s/FU4wYzVy9no9RZFrVaFRJAIU3KOYAaNFJNDawyWlPo5AoGARe6C
c/W/dqF5xfmVQR0Af/ijs6+Jfjr0NBrT+sHHk+ef8Ktaw8IHslNa6r5TJg82mO2e
g7pksppAWxMfKCqUhrDXGgwyFIXpfBT2jkzV530l4+2L5HJK2RO74mNWWHtGcSQF
d3VW3WQfqeaj0YK+Oqqf/nHIokG0a2E/4BBjshECgYAnlU2Fl7uI1lQBbWsckaQ9
EVeSDtrRvNuER0Eh3WFni9affOqB9qAZXNfCZ+goFJoNgk4fww0OqmewX9Y18/3a
vsrm7L7OKFFlM6vmIG1nPX/s5l++mkMe+qRd4B7C4NSF0bzJlweTozQFDp+prp1y
SHERk3EUdAZn7yyIISd/Qg==
-----END PRIVATE KEY-----
IDENTITY_PROVIDERS_OIDC_JWKS_KEY: mbfKKlpQ5QEzrmBCCcOg7yubDBKZtKCAiL7rGtVdMq/hpCorO+Qiei2fKbB/xieDS3BIg5BMza5fZm5w0hMiNA==
CLIENT_SECRET_HEADSCALE: t4Hvp6DnpA0T+0ePbdx8lPIAujFMrkjEnx5aMQkMFiA=
CLIENT_SECRET_HEADADMIN: RAxwkJxwMBSYkaA0r+D5qZdEFIrVEZJbigOPtkCBED8=
volumes:
- authelia_data:/data
ports:
- "9091:9091"
networks:
- authelia_dev
depends_on:
redis:
condition: service_healthy
mariadb:
condition: service_healthy
lldap:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9091/api/health"]
start_period: 15s
interval: 30s
timeout: 10s
retries: 3
networks:
authelia_dev:
driver: bridge
volumes:
mariadb_data:
driver: local
redis_data:
driver: local
authelia_data:
driver: local
lldap_data:
driver: local

93
docker-compose.simple.yml Normal file
View File

@ -0,0 +1,93 @@
services:
mariadb:
image: mariadb:latest
container_name: authelia_simple_mariadb
environment:
MYSQL_ROOT_PASSWORD: dev_authelia_root
MYSQL_DATABASE: authelia
MYSQL_USER: authelia
MYSQL_PASSWORD: dev_authelia_db
volumes:
- mariadb_data:/var/lib/mysql
networks:
- authelia_dev
healthcheck:
test: ["CMD", "mysqladmin", "ping", "-h", "localhost", "-u", "authelia", "-pdev_authelia_db"]
start_period: 15s
interval: 30s
timeout: 10s
retries: 3
redis:
image: redis:latest
container_name: authelia_simple_redis
command: redis-server --appendonly yes
volumes:
- redis_data:/data
networks:
- authelia_dev
healthcheck:
test: ["CMD", "redis-cli", "ping"]
start_period: 10s
interval: 30s
timeout: 5s
retries: 3
lldap:
image: nitnelave/lldap:latest
container_name: authelia_simple_lldap
volumes:
- lldap_data:/data
environment:
- LLDAP_JWT_SECRET=I2sNvGvhzZlTJWPfNL9MBPFGhyG/gWU5wHz6wFsIC3I=
- LLDAP_LDAP_USER_PASS=/ETAToLiZPWo6QK171abAUqsa3WDpd9IgneZnTA4zU0=
- LLDAP_LDAP_BASE_DN=dc=nixc,dc=us
- PUID=33
- PGID=33
ports:
- "17170:17170"
networks:
- authelia_dev
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:17170/health"]
start_period: 10s
interval: 30s
timeout: 5s
retries: 3
authelia:
image: authelia/authelia:latest
container_name: authelia_simple_main
environment:
AUTHELIA_SERVER_HOST: 0.0.0.0
AUTHELIA_SERVER_PORT: 9091
AUTHELIA_LOG_LEVEL: debug
ports:
- "9091:9091"
networks:
- authelia_dev
depends_on:
mariadb:
condition: service_healthy
redis:
condition: service_healthy
lldap:
condition: service_healthy
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9091/api/health"]
start_period: 15s
interval: 30s
timeout: 10s
retries: 3
networks:
authelia_dev:
driver: bridge
volumes:
mariadb_data:
driver: local
redis_data:
driver: local
lldap_data:
driver: local

8
docker/redis/Dockerfile
View File

@ -1 +1,7 @@
FROM ghcr.io/microsoft/garnet
FROM redis:latest
# Copy any custom configuration if needed
# COPY redis.conf /usr/local/etc/redis/redis.conf
# Use the default Redis configuration with persistence enabled
CMD ["redis-server", "--appendonly", "yes"]

14
stack.production.yml
View File

@ -29,6 +29,14 @@ networks:
ad:
external: true
volumes:
authelia_config:
driver: local
authelia_redis_data:
driver: local
authelia_mariadb_data:
driver: local
services:
authelia:
image: git.nixc.us/nixius/authelia:production-authelia
@ -52,7 +60,7 @@ services:
- 1.1.1.1 # Cloudflare
- 9.9.9.9 # Quad9
volumes:
- /mnt/tank/persist/nixc.us/authelia/production/config:/config:rw
- authelia_config:/config:rw
networks:
- traefik
- default
@ -104,7 +112,7 @@ services:
image: git.nixc.us/nixius/authelia:production-redis
command: redis-server --appendonly yes
volumes:
- /mnt/tank/persist/nixc.us/authelia/production/redis:/data:rw
- authelia_redis_data:/data:rw
networks:
- default
deploy:
@ -141,7 +149,7 @@ services:
MYSQL_USER: authelia
MYSQL_PASSWORD: authelia
volumes:
- /mnt/tank/persist/nixc.us/authelia/production/db:/var/lib/mysql:rw
- authelia_mariadb_data:/var/lib/mysql:rw
networks:
- default
deploy:

16
stack.staging.yml
View File

@ -13,6 +13,14 @@ networks:
ad:
external: true
volumes:
authelia_staging_config:
driver: local
authelia_staging_redis_data:
driver: local
authelia_staging_mariadb_data:
driver: local
services:
authelia:
image: git.nixc.us/nixius/authelia:staging-authelia
@ -25,7 +33,7 @@ services:
- --config=/config/configuration.oidc.clients.yml
environment: *authelia-env
volumes:
- /mnt/tank/persist/nixc.us/authelia/staging/config:/config:rw
- authelia_staging_config:/config:rw
networks:
- traefik
- default
@ -67,7 +75,7 @@ services:
image: git.nixc.us/nixius/authelia:staging-redis
command: redis-server --appendonly yes
volumes:
- /mnt/tank/persist/nixc.us/authelia/staging/redis:/data:rw
- authelia_staging_redis_data:/data:rw
networks:
- default
deploy:
@ -98,7 +106,7 @@ services:
MYSQL_USER: authelia
MYSQL_PASSWORD: authelia
volumes:
- /mnt/tank/persist/nixc.us/authelia/staging/db:/var/lib/mysql:rw
- authelia_staging_mariadb_data:/var/lib/mysql:rw
networks:
- default
deploy:
@ -112,8 +120,6 @@ services:
placement:
constraints:
- node.hostname == ingress.nixc.us
labels:
us.nixc.autodeploy: "true"
traefik.enable: "false"

141
tests/precommit-auth.sh Executable file
View File

@ -0,0 +1,141 @@
#!/bin/bash
# Authelia Authentication Test Script
# This script helps test the full authentication flow with LLDAP
set -e
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
echo -e "${BLUE}🔐 Authelia Authentication Test${NC}"
echo "========================================"
# Check if services are running
echo -e "${YELLOW}📋 Checking service status...${NC}"
if ! docker-compose -f docker-compose.dev.yml ps | grep -q "Up"; then
echo -e "${RED}❌ Services not running. Starting them now...${NC}"
docker-compose -f docker-compose.dev.yml up -d
echo "⏳ Waiting for services to start..."
sleep 20
fi
# Verify services are healthy
echo -e "${YELLOW}🔍 Verifying service health...${NC}"
# Check Authelia
if response=$(curl -s http://localhost:9091/api/health 2>/dev/null); then
if [ "$response" = '{"status":"OK"}' ]; then
echo -e " ${GREEN}✓ Authelia: HEALTHY${NC}"
else
echo -e " ${RED}❌ Authelia: UNHEALTHY${NC}"
exit 1
fi
else
echo -e " ${RED}❌ Authelia: NOT ACCESSIBLE${NC}"
exit 1
fi
# Check LLDAP
if curl -s http://localhost:17170/health >/dev/null 2>&1; then
echo -e " ${GREEN}✓ LLDAP: ACCESSIBLE${NC}"
else
echo -e " ${RED}❌ LLDAP: NOT ACCESSIBLE${NC}"
exit 1
fi
echo ""
echo -e "${CYAN}🌐 Authentication Testing URLs:${NC}"
echo "=================================="
echo -e " ${BLUE}• Authelia Login:${NC} http://localhost:9091"
echo -e " ${BLUE}• LLDAP Admin Panel:${NC} http://localhost:17170"
echo ""
echo -e "${CYAN}🔑 LLDAP Admin Credentials:${NC}"
echo "============================="
echo -e " ${BLUE}Username:${NC} admin"
echo -e " ${BLUE}Password:${NC} /ETAToLiZPWo6QK171abAUqsa3WDpd9IgneZnTA4zU0="
echo ""
echo -e "${YELLOW}📝 Manual Testing Instructions:${NC}"
echo "==============================="
echo ""
echo -e "${BLUE}Step 1: Create a Test User in LLDAP${NC}"
echo " 1. Open http://localhost:17170 in your browser"
echo " 2. Login with admin credentials above"
echo " 3. Go to 'Users' section"
echo " 4. Click 'Create User'"
echo " 5. Fill in details:"
echo " - Username: testuser"
echo " - Email: testuser@nixc.us"
echo " - Display Name: Test User"
echo " - Password: password123"
echo " 6. Click 'Create'"
echo ""
echo -e "${BLUE}Step 2: Add User to Groups (Optional)${NC}"
echo " 1. In LLDAP, go to 'Groups' section"
echo " 2. Create a group (e.g., 'dev') if needed"
echo " 3. Add the test user to appropriate groups"
echo ""
echo -e "${BLUE}Step 3: Test Authelia Authentication${NC}"
echo " 1. Open http://localhost:9091 in your browser"
echo " 2. You should see the Authelia login page"
echo " 3. Login with your test user credentials:"
echo " - Username: testuser"
echo " - Password: password123"
echo " 4. If successful, you should see the Authelia portal"
echo ""
echo -e "${YELLOW}🧪 Automated Basic Tests:${NC}"
echo "========================="
# Test 1: Check if Authelia login page loads
echo -n " • Testing Authelia login page... "
if curl -s http://localhost:9091/ | grep -q "Authelia"; then
echo -e "${GREEN}✓ PASS${NC}"
else
echo -e "${RED}❌ FAIL${NC}"
fi
# Test 2: Check LDAP connection via Authelia logs
echo -n " • Testing LDAP connection... "
if docker-compose -f docker-compose.dev.yml logs authelia 2>/dev/null | grep -q "LDAP Supported OIDs"; then
echo -e "${GREEN}✓ PASS (LDAP connection established)${NC}"
else
echo -e "${YELLOW}⚠ WARNING (Check logs for LDAP connection issues)${NC}"
fi
# Test 3: Test configuration endpoint (may require auth)
echo -n " • Testing API endpoints... "
if curl -s http://localhost:9091/api/configuration >/dev/null 2>&1; then
echo -e "${GREEN}✓ PASS${NC}"
else
echo -e "${YELLOW}⚠ RESTRICTED (Expected - requires authentication)${NC}"
fi
echo ""
echo -e "${GREEN}🎉 Basic Tests Complete!${NC}"
echo ""
echo -e "${CYAN}📊 Current Container Status:${NC}"
echo "============================="
docker-compose -f docker-compose.dev.yml ps
echo ""
echo -e "${BLUE}💡 Tips:${NC}"
echo "======="
echo "• If login fails, check LLDAP user exists and password is correct"
echo "• Check Authelia ACL rules in docker/authelia/config/configuration.acl.yml"
echo "• Use 'docker-compose -f docker-compose.dev.yml logs authelia' for debugging"
echo "• LLDAP users need to be in the correct Base DN: dc=nixc,dc=us"
echo ""
echo -e "${GREEN}✅ Authentication testing environment ready!${NC}"
echo -e "${YELLOW}💡 Open the URLs above in your browser to test manually${NC}"

211
tests/precommit.sh Executable file
View File

@ -0,0 +1,211 @@
#!/bin/bash
# Manual test script for Authelia
# Run this to test your setup manually: ./test.sh
set -e
echo "🧪 Running Authelia test suite..."
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# Parse command line arguments
CLEANUP=true
VERBOSE=false
for arg in "$@"; do
case $arg in
--no-cleanup)
CLEANUP=false
shift
;;
--verbose)
VERBOSE=true
shift
;;
*)
echo "Usage: $0 [--no-cleanup] [--verbose]"
echo " --no-cleanup: Keep containers running after tests"
echo " --verbose: Show detailed output"
exit 1
;;
esac
done
# Function to log messages
log() {
if [ "$VERBOSE" = true ]; then
echo -e "${BLUE}[DEBUG]${NC} $1"
fi
}
echo -e "${BLUE}🚀 Starting Authelia Development Environment Tests${NC}"
echo "======================================================"
# Step 1: Build all images
echo -e "${YELLOW}📦 Building Docker images...${NC}"
if [ "$VERBOSE" = true ]; then
docker-compose -f docker-compose.dev.yml build
else
docker-compose -f docker-compose.dev.yml build > /dev/null 2>&1
fi
if [ $? -ne 0 ]; then
echo -e "${RED}❌ Failed to build Docker images!${NC}"
exit 1
fi
echo -e "${GREEN}✓ Docker images built successfully${NC}"
# Step 2: Start services
echo -e "${YELLOW}🏃 Starting services...${NC}"
if [ "$VERBOSE" = true ]; then
docker-compose -f docker-compose.dev.yml up -d
else
docker-compose -f docker-compose.dev.yml up -d > /dev/null 2>&1
fi
if [ $? -ne 0 ]; then
echo -e "${RED}❌ Failed to start services!${NC}"
exit 1
fi
echo -e "${GREEN}✓ Services started${NC}"
# Step 3: Wait for services to be healthy
echo -e "${YELLOW}⏳ Waiting for services to be ready...${NC}"
sleep 15
# Primary Focus: Comprehensive Authelia Testing
echo -e "${BLUE}🔍 Testing Authelia Service (Primary Focus)${NC}"
echo "=============================================="
# Test Authelia health endpoint (most important)
echo " • Testing Authelia health endpoint..."
max_attempts=30
attempt=0
authelia_healthy=false
while [ $attempt -lt $max_attempts ]; do
if response=$(curl -f http://localhost:9091/api/health 2>/dev/null); then
if [ "$response" = '{"status":"OK"}' ]; then
authelia_healthy=true
break
fi
fi
attempt=$((attempt + 1))
sleep 2
done
if [ "$authelia_healthy" = false ]; then
echo -e "${RED}❌ Authelia health endpoint not responding after 60 seconds!${NC}"
echo "Authelia logs:"
docker-compose -f docker-compose.dev.yml logs authelia --tail 20
exit 1
fi
echo -e " ${GREEN}✓ Authelia health check: PASSED${NC}"
# Test Authelia web interface
echo " • Testing Authelia web interface..."
if curl -f http://localhost:9091/ >/dev/null 2>&1; then
echo -e " ${GREEN}✓ Authelia Web UI: ACCESSIBLE${NC}"
else
echo -e "${RED}❌ Authelia Web UI: NOT ACCESSIBLE${NC}"
exit 1
fi
# Test Authelia API endpoints
echo " • Testing Authelia API endpoints..."
if curl -f http://localhost:9091/api/configuration >/dev/null 2>&1; then
echo -e " ${GREEN}✓ Authelia API configuration endpoint: WORKING${NC}"
else
echo -e "${YELLOW}⚠ Authelia API configuration endpoint: LIMITED ACCESS (normal)${NC}"
fi
# Test Authelia service logs for errors
echo " • Checking Authelia service logs for errors..."
error_count=$(docker-compose -f docker-compose.dev.yml logs authelia | grep -i "error\|fatal\|panic" | grep -v "SMTP\|ntp" | wc -l)
if [ "$error_count" -eq 0 ]; then
echo -e " ${GREEN}✓ No critical errors in Authelia logs${NC}"
else
echo -e "${YELLOW}⚠ Found $error_count potential errors in logs (excluding SMTP/NTP)${NC}"
if [ "$VERBOSE" = true ]; then
echo "Recent errors:"
docker-compose -f docker-compose.dev.yml logs authelia | grep -i "error\|fatal\|panic" | grep -v "SMTP\|ntp" | tail -5
fi
fi
# Test Authelia container status
echo " • Checking Authelia container status..."
container_status=$(docker inspect authelia_dev_main --format='{{.State.Status}}' 2>/dev/null || echo "not_found")
if [ "$container_status" = "running" ]; then
echo -e " ${GREEN}✓ Authelia container: RUNNING${NC}"
else
echo -e "${RED}❌ Authelia container status: $container_status${NC}"
exit 1
fi
# Secondary: Test supporting infrastructure
echo ""
echo -e "${BLUE}🔧 Testing Supporting Infrastructure${NC}"
echo "====================================="
# Test LLDAP web interface (important for authentication)
echo " • Testing LLDAP web interface (authentication backend)..."
max_attempts=15
attempt=0
lldap_healthy=false
while [ $attempt -lt $max_attempts ]; do
if curl -f http://localhost:17170/health >/dev/null 2>&1; then
lldap_healthy=true
break
fi
attempt=$((attempt + 1))
sleep 2
done
if [ "$lldap_healthy" = true ]; then
echo -e " ${GREEN}✓ LLDAP Web UI: ACCESSIBLE${NC}"
else
echo -e "${YELLOW}⚠ LLDAP not accessible after 30 seconds (may affect auth)${NC}"
fi
# Display service status
echo ""
echo -e "${BLUE}📊 Service Status Overview:${NC}"
docker-compose -f docker-compose.dev.yml ps
echo ""
if [ "$authelia_healthy" = true ]; then
echo -e "${GREEN}🎉 Authelia Development Environment: FULLY FUNCTIONAL!${NC}"
else
echo -e "${RED}❌ Authelia Development Environment: ISSUES DETECTED${NC}"
exit 1
fi
echo ""
echo -e "${BLUE}🔗 Access URLs:${NC}"
echo " • Authelia: http://localhost:9091"
echo " • LLDAP Admin: http://localhost:17170"
echo " - Username: admin"
echo " - Password: /ETAToLiZPWo6QK171abAUqsa3WDpd9IgneZnTA4zU0="
echo ""
# Cleanup
if [ "$CLEANUP" = true ]; then
echo -e "${YELLOW}🧹 Cleaning up containers...${NC}"
if [ "$VERBOSE" = true ]; then
docker-compose -f docker-compose.dev.yml down
else
docker-compose -f docker-compose.dev.yml down > /dev/null 2>&1
fi
echo -e "${GREEN}✓ Cleanup completed${NC}"
else
echo -e "${YELLOW}🔧 Containers left running for inspection${NC}"
echo "To stop: docker-compose -f docker-compose.dev.yml down"
fi
echo -e "${GREEN}✅ Authelia functionality test completed successfully!${NC}"
exit 0

19
users_database.yml Normal file
View File

@ -0,0 +1,19 @@
---
# Authelia Development Users Database
# Password: password (bcrypt hashed)
users:
authelia:
displayname: "Authelia User"
password: "$2a$10$3EtQKrGrfQJDdUZ4W3zWcuKU9KN7k/XC4EQFOKZvIrQJXQFQy1H6K" # password
email: authelia@dev.local
groups:
- admins
- dev
testuser:
displayname: "Test User"
password: "$2a$10$3EtQKrGrfQJDdUZ4W3zWcuKU9KN7k/XC4EQFOKZvIrQJXQFQy1H6K" # password
email: testuser@dev.local
groups:
- dev