Cleanup credentials and db use

2025-05-25 18:01:47 +10:00
parent ffbd240453
commit 376c278c11
5 changed files with 44 additions and 13 deletions
--- a/2-nomad-config/authelia.nomad.hcl
+++ b/2-nomad-config/authelia.nomad.hcl
@@ -1,11 +1,25 @@
 job "authelia" {
  group "authelia" {
    network {
+      mode = "bridge"
      port "http" {
        static = 9091
      }
    }

+    service {
+      connect {
+        sidecar_service {
+          proxy {
+            upstreams {
+              destination_name = "postgres"
+              local_bind_port  = 5432
+            }
+          }
+        }
+      }
+    }
+
    service {
      name = "auth"
      port = "http"
@@ -59,9 +73,6 @@ access_control:
  rules:
    - domain: "*.othrayte.one"
      policy: one_factor
-    # Disable auth for authelia
-    #- domain: "auth.othrayte.one"
-    #  policy: bypass

 session:
  name: authelia_session
@@ -72,9 +83,14 @@ session:
      authelia_url: "https://auth.othrayte.one"

 storage:
-  local:
-    path: /config/db.sqlite3
  encryption_key: "{{ with nomadVar "nomad/jobs/authelia" }}{{ .encryption_key }}{{ end }}"
+  postgres:
+    address: 'tcp://127.0.0.1:5432'
+    database: 'authelia'
+    schema: 'public'
+    username: 'authelia'
+    password: '{{ with nomadVar "nomad/jobs/authelia" }}{{ .database_pw }}{{ end }}'
+    timeout: '5s'

 notifier:
  filesystem: