add sso login

3 files changed, 49 insertions, 0 deletions

diff --git a/roles/authelia/files/authelia/.gitignore b/roles/authelia/files/authelia/.gitignore
new file mode 100644
index 0000000..53c78ad
--- /dev/null
+++ b/roles/authelia/files/authelia/.gitignore
@@ -0,0 +1,2 @@
+users_database.yml
+configuration.yml
diff --git a/roles/authelia/tasks/main.yml b/roles/authelia/tasks/main.yml
new file mode 100644
index 0000000..c9abe44
--- /dev/null
+++ b/roles/authelia/tasks/main.yml
@@ -0,0 +1,30 @@
+---
+- name: ensure authelia docker/compose exist
+  file:
+    path: /etc/docker/compose/authelia
+    state: directory
+    owner: root
+    group: root
+    mode: 0700
+
+- name: copy authelia config
+  copy:
+    src: ../files/authelia
+    dest: /etc/docker/compose/authelia/
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+
+- name: build authelia docker-compose.yml.j2
+  template:
+    src: ../templates/docker-compose.yml.j2
+    dest: /etc/docker/compose/authelia/docker-compose.yml
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+
+- name: daemon-reload and enable authelia
+  ansible.builtin.systemd_service:
+    state: restarted
+    enabled: true
+    name: docker-compose@authelia
diff --git a/roles/authelia/templates/docker-compose.yml.j2 b/roles/authelia/templates/docker-compose.yml.j2
new file mode 100644
index 0000000..b60545f
--- /dev/null
+++ b/roles/authelia/templates/docker-compose.yml.j2
@@ -0,0 +1,17 @@
+version: '3.3'
+
+services:
+  authelia:
+    image: authelia/authelia
+    container_name: authelia
+    volumes:
+      - ./authelia:/config
+    ports:
+      - 9091:9091
+    restart: unless-stopped
+  redis:
+    image: redis:alpine
+    container_name: redis
+    volumes:
+      - ./redis:/data
+    restart: unless-stopped