add authelia configuration

docker-compose.yml

@@ -8,7 +8,6 @@ services:
     environment:
       UID: "10001"
       GID: "10001"
-      LLDAP_LDAP_BASE_DN: "dc=unixyourbrain,dc=org"
       #LLDAP_LDAPS_OPTIONS__ENABLED: true
       #LLDAP_LDAPS_OPTIONS__CERT_FILE: "/ssl/cert.crt"
       #LLDAP_LDAPS_OPTIONS__KEY_FILE: "/ssl/key.pem"
@@ -31,6 +30,30 @@ services:
       - "traefik.http.services.lldap.loadbalancer.server.port=17170"
       - "traefik.http.services.lldap.loadbalancer.server.scheme=http"   
 
+  authelia:
+    image: "authelia/authelia:latest"
+    container_name: "Authelia"
+    hostname: "authelia"
+    restart: "unless-stopped"
+    user: "10002:10002"
+    volumes:
+      - "/etc/localtime:/etc/localtime:ro"
+      - "./config/:/config:rw"
+      - "/data/docker/authelia-prod-3/data/:/data:rw"
+    networks:
+      lldap-authelia:
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.authelia.entrypoints=websecure"
+      - "traefik.http.routers.authelia.rule=Host(`accounts.unixyourbrain.org`)"
+      - "traefik.http.routers.authelia.tls.certresolver=letsencrypt"
+      - "traefik.http.services.authelia.loadbalancer.server.port=9091"
+      - "traefik.http.services.authelia.loadbalancer.server.scheme=http"
+      - 'traefik.http.middlewares.authelia.forwardAuth.address=http://10.2.4.2:9091/api/authz/forward-auth'
+      - 'traefik.http.middlewares.authelia.forwardAuth.trustForwardHeader=true'
+      - "traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true"
+      - 'traefik.http.middlewares.authelia.forwardAuth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Email,Remote-Name'
+
 networks:
   lldap-authelia:
     name: lldap-authelia