This guide deploys Authelia using Docker Compose with Redis and PostgreSQL.
/opt/authelia directory structure- name: Deploy Authelia on Debian family
hosts: authelia_debian
become: true
vars:
authelia_dir: /opt/authelia
authelia_domain: auth.example.com
authelia_jwt_secret: "change-me-jwt-secret"
authelia_storage_encryption_key: "change-me-storage-key"
authelia_session_secret: "change-me-session-secret"
authelia_pg_password: "change-me-postgres-password"
tasks:
- name: Install Docker dependencies
ansible.builtin.apt:
update_cache: true
name:
- docker.io
- docker-compose-plugin
state: present
- name: Enable and start Docker
ansible.builtin.systemd:
name: docker
enabled: true
state: started
- name: Create Authelia directories
ansible.builtin.file:
path: "{{ authelia_dir }}/{{ item }}"
state: directory
mode: "0755"
loop:
- ""
- config
- data
- name: Write Authelia users database
ansible.builtin.copy:
dest: "{{ authelia_dir }}/config/users_database.yml"
mode: "0640"
content: |
users:
admin:
displayname: "Admin User"
password: "$argon2id$v=19$m=65536,t=3,p=4$replace$replace"
email: admin@example.com
groups:
- admins
- name: Write Authelia configuration
ansible.builtin.copy:
dest: "{{ authelia_dir }}/config/configuration.yml"
mode: "0640"
content: |
server:
address: 'tcp://0.0.0.0:9091'
log:
level: info
identity_validation:
reset_password:
jwt_secret: "{{ authelia_jwt_secret }}"
authentication_backend:
file:
path: /config/users_database.yml
access_control:
default_policy: deny
rules:
- domain: "{{ authelia_domain }}"
policy: one_factor
session:
secret: "{{ authelia_session_secret }}"
cookies:
- domain: example.com
authelia_url: https://{{ authelia_domain }}
default_redirection_url: https://example.com
storage:
encryption_key: "{{ authelia_storage_encryption_key }}"
postgres:
address: tcp://postgres:5432
database: authelia
username: authelia
password: "{{ authelia_pg_password }}"
notifier:
filesystem:
filename: /data/notification.txt
- name: Write Docker Compose stack
ansible.builtin.copy:
dest: "{{ authelia_dir }}/docker-compose.yml"
mode: "0644"
content: |
services:
authelia:
image: authelia/authelia:latest
container_name: authelia
restart: unless-stopped
depends_on:
- redis
- postgres
volumes:
- ./config:/config
- ./data:/data
ports:
- "9091:9091"
redis:
image: redis:7-alpine
container_name: authelia-redis
restart: unless-stopped
postgres:
image: postgres:16-alpine
container_name: authelia-postgres
restart: unless-stopped
environment:
POSTGRES_DB: authelia
POSTGRES_USER: authelia
POSTGRES_PASSWORD: "{{ authelia_pg_password }}"
volumes:
- ./data/postgres:/var/lib/postgresql/data
- name: Start Authelia stack
ansible.builtin.command: docker compose up -d
args:
chdir: "{{ authelia_dir }}"
- name: Deploy Authelia on RHEL family
hosts: authelia_rhel
become: true
vars:
authelia_dir: /opt/authelia
tasks:
- name: Install Docker dependencies
ansible.builtin.dnf:
name:
- docker
- docker-compose-plugin
state: present
- name: Enable and start Docker
ansible.builtin.systemd:
name: docker
enabled: true
state: started
- name: Ensure Authelia directory exists
ansible.builtin.file:
path: "{{ authelia_dir }}"
state: directory
mode: "0755"
ansible-playbook -i inventory.ini authelia-install.yml
authelia_debian.docker run authelia/authelia:latest authelia crypto hash generate argon2.Beyond this playbook, we offer:
Contact our automation team: office@linux-server-admin.com