move paperless domain

main
Alpha Chen 8 months ago
parent 080154b530
commit d277f4a18e
Signed by: alpha
SSH Key Fingerprint: SHA256:3fOT8fiYQG/aK9ntivV3Bqtg8AYQ7q4nV6ZgihOA20g

@ -43,7 +43,7 @@
PAPERLESS_TASK_WORKERS: "1" PAPERLESS_TASK_WORKERS: "1"
PAPERLESS_THREADS_PER_WORKER: "1" PAPERLESS_THREADS_PER_WORKER: "1"
PAPERLESS_TIME_ZONE: America/Los_Angeles PAPERLESS_TIME_ZONE: America/Los_Angeles
PAPERLESS_URL: https://docs.{{ domain }} PAPERLESS_URL: https://docs.chislan.family
PAPERLESS_WEBSERVER_WORKERS: "1" PAPERLESS_WEBSERVER_WORKERS: "1"
volumes: volumes:
- /mnt/lotus-land-story/paperless-ngx/data:/usr/src/paperless/data - /mnt/lotus-land-story/paperless-ngx/data:/usr/src/paperless/data

@ -35,6 +35,12 @@ auth.{{ domain }} {
} }
} }
auth.chislan.family {
reverse_proxy authelia:9091 {
import trusted_proxy_list
}
}
search.{{ domain }} { search.{{ domain }} {
log log
@ -93,6 +99,25 @@ books.{{ domain }} {
} }
} }
docs.chislan.family
forward_auth authelia:9091 {
uri /api/verify?rd=https://auth.chislan.family
copy_headers Remote-User
# This import needs to be included if you're relying on a trusted proxies configuration.
import trusted_proxy_list
}
reverse_proxy paperless-ngx:8000 {
import trusted_proxy_list
}
redir /flower /flower/
handle /flower/* {
reverse_proxy paperless-ngx:5555
}
}
docs.{{ domain }} { docs.{{ domain }} {
forward_auth authelia:9091 { forward_auth authelia:9091 {
uri /api/verify?rd=https://auth.{{ domain }} uri /api/verify?rd=https://auth.{{ domain }}

@ -17,9 +17,14 @@ authentication_backend:
access_control: access_control:
default_policy: deny default_policy: deny
rules: rules:
- domain: "*.{{ domain }}" - domain: "*.chislan.family"
# policy: one_factor
policy: two_factor policy: two_factor
subject:
- group:family
- domain: "*.kejadlen.dev"
policy: two_factor
subject:
- user:alpha
identity_validation: identity_validation:
reset_password: reset_password:
@ -31,6 +36,8 @@ session:
- domain: {{ domain }} - domain: {{ domain }}
authelia_url: https://auth.{{ domain }} authelia_url: https://auth.{{ domain }}
# default_redirection_url: https://www.{{ domain }} # default_redirection_url: https://www.{{ domain }}
- domain: chislan.family
authelia_url: https://auth.chislan.family
storage: storage:
encryption_key: {{ authelia.storage_encryption_key }} encryption_key: {{ authelia.storage_encryption_key }}
@ -49,8 +56,8 @@ identity_providers:
jwks: jwks:
- key: | - key: |
{{ authelia.oidc_private_key | indent(10) }} {{ authelia.oidc_private_key | indent(10) }}
clients:
clients:
- client_id: grafana - client_id: grafana
client_name: Grafana client_name: Grafana
client_secret: $argon2id$v=19$m=65536,t=3,p=4$bHcAAorVdHuZzuz53WfAQA$x+pIDTo6SsGyY9JD4OZ7dT6pkEcPf8Yh6Yb7DXco8aQ client_secret: $argon2id$v=19$m=65536,t=3,p=4$bHcAAorVdHuZzuz53WfAQA$x+pIDTo6SsGyY9JD4OZ7dT6pkEcPf8Yh6Yb7DXco8aQ

@ -6,8 +6,11 @@ users:
email: alpha@kejadlen.dev email: alpha@kejadlen.dev
groups: groups:
- admins - admins
- family
lydia: lydia:
disabled: false disabled: false
displayname: "Lydia" displayname: "Lydia"
password: "$argon2id$v=19$m=65536,t=3,p=4$ALAevUUnRK1hcwf5jp1OkA$aSwuYjEMrbtcAGfhsclL901QKF5S+6u42NQFG7S8DkI" # yamllint disable-line rule:line-length password: "$argon2id$v=19$m=65536,t=3,p=4$ALAevUUnRK1hcwf5jp1OkA$aSwuYjEMrbtcAGfhsclL901QKF5S+6u42NQFG7S8DkI" # yamllint disable-line rule:line-length
email: lydia.islan@gmail.com email: lydia.islan@gmail.com
groups:
- family

Loading…
Cancel
Save