Erik/server
1
0
Fork 0
Code Issues 7 Pull requests Projects Activity

authentication via authelia #20

New issue
Open
opened 2024-11-03 18:53:47 +00:00 by Erik · 5 comments
Erik commented 2024-11-03 18:53:47 +00:00
Owner
Copy link
  • via reverse proxy (caddy)
  • via OIDC
    • mealie
    • Nextcloud
    • Memos
    • MiniFlux
    • Linkwarden
    • Grocy
    • Wiki.js
    • HedgeDoc
    • Firefly III
  • SMTP
- [x] via reverse proxy (caddy) - [ ] via OIDC - [x] mealie - [ ] Nextcloud - [x] Memos - [x] MiniFlux - [x] Linkwarden - [ ] Grocy - [x] Wiki.js - [x] HedgeDoc - [ ] Firefly III - [x] SMTP
Erik commented 2024-11-03 20:41:51 +00:00
Author
Owner
Copy link

to setup smtp I had to script a dumper of a cert from caddy

#!/bin/bash
cd /opt/caddy
MAILCOW_HOSTNAME=mail.grobecker.me
MD5SUM_CURRENT_CERT=($(md5sum /opt/mailcow-dockerized/data/assets/ssl/cert.pem))
MD5SUM_NEW_CERT=($(docker compose exec caddy cat /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$MAILCOW_HOSTNAME/$MAILCOW_HOSTNAME.crt | md5sum -))

if [ $MD5SUM_CURRENT_CERT != $MD5SUM_NEW_CERT ]; then
    docker compose exec caddy cat /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$MAILCOW_HOSTNAME/$MAILCOW_HOSTNAME.crt > /opt/mailcow-dockerized/data/assets/ssl/cert.pem
    docker compose exec caddy cat /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$MAILCOW_HOSTNAME/$MAILCOW_HOSTNAME.key > /opt/mailcow-dockerized/data/assets/ssl/key.pem
    cp /opt/mailcow-dockerized/data/assets/ssl/cert.pem /opt/mailcow-dockerized/data/assets/ssl/$MAILCOW_HOSTNAME/cert.pem
    cp /opt/mailcow-dockerized/data/assets/ssl/key.pem /opt/mailcow-dockerized/data/assets/ssl/$MAILCOW_HOSTNAME/key.pem

    docker restart mailcowdockerized-postfix-mailcow-1
    docker restart mailcowdockerized-nginx-mailcow-1
    docker restart mailcowdockerized-dovecot-mailcow-1
    curl -d "[CADDY DUMPER] copied $MAILCOW_HOSTNAME certs to Mailcow and restarted related services" https://ntfy.grobecker.me/status
else
    echo "Certs not copied from Caddy (Not needed)"
    curl -d "[CADDY DUMPER] Certs not copied from Caddy (Not needed)" https://ntfy.grobecker.me/status
fi

# this is a heavily modified version of https://docs.mailcow.email/de/post_installation/reverse-proxy/r_p-caddy2/

which runs every day at one in the morning

to setup smtp I had to script a dumper of a cert from caddy ```bash #!/bin/bash cd /opt/caddy MAILCOW_HOSTNAME=mail.grobecker.me MD5SUM_CURRENT_CERT=($(md5sum /opt/mailcow-dockerized/data/assets/ssl/cert.pem)) MD5SUM_NEW_CERT=($(docker compose exec caddy cat /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$MAILCOW_HOSTNAME/$MAILCOW_HOSTNAME.crt | md5sum -)) if [ $MD5SUM_CURRENT_CERT != $MD5SUM_NEW_CERT ]; then docker compose exec caddy cat /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$MAILCOW_HOSTNAME/$MAILCOW_HOSTNAME.crt > /opt/mailcow-dockerized/data/assets/ssl/cert.pem docker compose exec caddy cat /data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/$MAILCOW_HOSTNAME/$MAILCOW_HOSTNAME.key > /opt/mailcow-dockerized/data/assets/ssl/key.pem cp /opt/mailcow-dockerized/data/assets/ssl/cert.pem /opt/mailcow-dockerized/data/assets/ssl/$MAILCOW_HOSTNAME/cert.pem cp /opt/mailcow-dockerized/data/assets/ssl/key.pem /opt/mailcow-dockerized/data/assets/ssl/$MAILCOW_HOSTNAME/key.pem docker restart mailcowdockerized-postfix-mailcow-1 docker restart mailcowdockerized-nginx-mailcow-1 docker restart mailcowdockerized-dovecot-mailcow-1 curl -d "[CADDY DUMPER] copied $MAILCOW_HOSTNAME certs to Mailcow and restarted related services" https://ntfy.grobecker.me/status else echo "Certs not copied from Caddy (Not needed)" curl -d "[CADDY DUMPER] Certs not copied from Caddy (Not needed)" https://ntfy.grobecker.me/status fi # this is a heavily modified version of https://docs.mailcow.email/de/post_installation/reverse-proxy/r_p-caddy2/ ``` which runs every day at one in the morning
Erik commented 2024-11-03 21:33:41 +00:00
Author
Owner
Copy link

grocy has to be done via some PHP hack, so I will postpone this

grocy has to be done via some PHP hack, so I will postpone this
Erik commented 2024-11-03 22:02:47 +00:00
Author
Owner
Copy link

I have to find a way to persist sessions through restart of authelia

I have to find a way to persist sessions through restart of authelia
Erik commented 2024-11-08 17:53:06 +00:00
Author
Owner
Copy link

I have to find a way to persist sessions through restart of authelia

Have done this by implementing Redis, which is now responsible for session cache.

> I have to find a way to persist sessions through restart of authelia Have done this by implementing Redis, which is now responsible for session cache.
Erik commented 2024-11-08 20:07:17 +00:00
Author
Owner
Copy link

Nextcloud may have to be configured with some .php files which I don't have access to, however there may exist another solution

**Nextcloud** may have to be configured with some .php files which I don't have access to, however there may exist another solution
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Erik/server#20
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?