部署方式:容器部署
部署物料:helm, mysql, redis, openldap, mail server
部署注意事项:
helm地址:https://charts.authelia.com
redis需要开启 user,开启命令如下<br>ACL SETUSER tempuser on
mysql要求:
Must both support the InnoDB engine and this engine must be the default engine. Must support the utf8mb4 charset. Must support the utf8mb4_unicode_520_ci collation. Must support maximum index size of no less than 2048 bytes. The default maximum index size for the InnoDB engine is 3072 bytes on: MySQL 8.0 or later. MySQL5.7 or later provided: The innodb_large_prefix option is ON. MariaDB 10.3 or later. Must support ANSI standard time behaviors. See ANSI standard time behaviors.
openldap:
直接使用群晖的ladp server,配置如下
ldap:
## Enable LDAP Backend.
enabled: true
implementation: activedirectory
url: ldap://192.168.10.10
timeout: 5s
start_tls: false
tls:
server_name: ""
skip_verify: false
minimum_version: TLS1.2
maximum_version: TLS1.3
base_dn: DC=zuole,DC=net
username_attribute: "uid"
additional_users_dn: CN=users
users_filter: "(&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=posixAccount)(shadowExpire=-1)(mail=*))"
additional_groups_dn: cn=groups
groups_filter: "(&(memberUid={username})(objectClass=posixGroup))"
group_name_attribute: "cn"
mail_attribute: "mail"
display_name_attribute: ""
permit_referrals: false
permit_unauthenticated_bind: false
permit_feature_detection_failure: false
user: uid=root,CN=users,DC=zuole,DC=net
部署步骤:
helm pull authelia/authelia
编辑 values.yaml 文件
部署
helm install authelia authelia/authelia -n authelia
+ There are no comments
Add yours