Home Authelia: The Next Generation Authentication and Authorization Solution for Docker
Post
Cancel

Authelia: The Next Generation Authentication and Authorization Solution for Docker

Posted Jan 27, 2023
By marsblars
4 min read

Authelia is a modern and secure authentication and authorization solution designed to work seamlessly with Docker and Docker Compose. With its advanced features and intuitive user interface, Authelia provides a secure and user-friendly way to manage access to your Docker applications.

In this blog post, we will explore the benefits and capabilities of using Authelia with Docker, and provide a step-by-step guide to install and configure it using Docker Compose. We will also show you how to integrate Traefik with Authelia for a complete and secure Docker environment.

Benefits of Authelia on Docker

  1. Easy installation and setup: Authelia is designed to work seamlessly with Docker, making it easy to install and configure. You can get started with Authelia in just a few steps, without having to worry about complex dependencies or configurations.

  2. Secure authentication and authorization: Authelia provides a secure and user-friendly way to manage access to your Docker applications. With its advanced features and intuitive user interface, you can easily manage user accounts and permissions, and ensure that only authorized users have access to your sensitive data.

  3. Scalability: Authelia is designed to be scalable and performant, allowing you to easily manage large numbers of users and applications. Whether you have a small team or a large organization, Authelia can handle your authentication and authorization needs.

  4. Integration with popular tools: Authelia integrates seamlessly with popular tools like Traefik, providing a complete and secure solution for your Docker environment.

Install and Configure Authelia on Docker

Here is a step-by-step guide to install and configure Authelia using Docker Compose:

  1. Install Docker and Docker Compose on your machine.

  2. Create a new directory for your project and navigate to it in the terminal.
    1
2

    mkdir authelia
cd authelia
  3. Create a new file named “docker-compose.yml” in the project directory.
    1

    nano docker-compose.yml
  4. In the “docker-compose.yml” file, define the services for Authelia:
1
2
3
4
5
6
7
8
9

version: '3'
services:
authelia:
image: authelia/authelia:latest
environment:
AUT_DEBUG: true
AUT_HOSTNAME: authelia.localhost
ports:
- "9091:9091"
  1. Include a configuration.yml and users_database.yml file in the same directory:

configuration.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

---
theme: dark
jwt_secret: ""
default_redirection_url: https://example.com/
server:
  host: 0.0.0.0
  port: 9091
  path: ""
  read_buffer_size: 4096
  write_buffer_size: 4096
  enable_pprof: false
  enable_expvars: false
  disable_healthcheck: false
  tls:
    key: ""
    certificate: ""
log:
  level: debug
totp:
  issuer: example.com
  period: 30
  skew: 1
authentication_backend:
  password_reset:
    disable: false
  refresh_interval: 5m
  file:
    path: /config/users_database.yml
    password:
      algorithm: argon2id
      iterations: 1
      key_length: 32
      salt_length: 16
      memory: 1024
      parallelism: 8
access_control:
  default_policy: deny
  rules:
    - domain:
        - "auth.example.com"
      policy: bypass
    - domain:
        - "overseerr.example.com"
      policy: bypass
    - domain: "*.example.com"
      resources:
        - "^/api([/?].*)?$"
      policy: bypass
    - domain:
        - "*.example.com"
      subject:
        - group:admins
      policy: one_factor
session:
  name: authelia_session
  domain: example.com
  same_site: lax
  secret: ""
  expiration: 1h
  inactivity: 5m
  remember_me_duration: 2M
  redis:
    host: redis
    port: 6379
    password: ""
    database_index: 0
    maximum_active_connections: 10
    minimum_idle_connections: 0
regulation:
  max_retries: 3
  find_time: 10m
  ban_time: 12h
storage:
  encryption_key: ""
  mysql:
    host: mariadb
    port: 3306
    database: authelia
    username: authelia
    password: ""
    
notifier:

  filesystem:
    filename: /config/notification.txt
...

users_database.yml

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

---
###############################################################
#                         Users Database                      #
###############################################################

# This file can be used if you do not have an LDAP set up.

# List of users
users:
  marbles:
    displayname: ""
    # Password is Authelia
    password: "" 
    email: 
    groups:
      - admins
      - dev
...

Authelia and Code-Server Workflow Example

1. Go to protected Site

Site redirects to Authelia domain

2. Sign in to authelia

users are stored in users_database.yml file

3. Proceed to Protected Domain

code-server on docker requires Yes, I trust the authors to be clicked

Conclusion

In conclusion, Authelia is a powerful and user-friendly solution for authentication and authorization in Docker environments. With its advanced features and seamless integration with popular tools like Traefik, Authelia provides a secure and scalable way to manage access to your Docker applications. By using Docker Compose, the installation and configuration of Authelia can be done quickly and easily, allowing you to focus on what really matters - your applications and users. In this blog post, we have explored the benefits and capabilities of using Authelia with Docker and provided a step-by-step guide to install and configure it. If you are looking for a modern and secure solution for authentication and authorization in your Docker environment, Authelia is definitely worth considering.

Security
authelia docker docker-compose
This post is licensed under CC BY 4.0 by the author.
Contents