#!/bin/bash # Authelia install hooks — requirements check, config + secrets bootstrap, # admin account provisioning, and an end-of-install credentials notice. authelia_install_pre() { local app_name="$1" if ! appInstallCheckRequirements "$app_name" "$CFG_AUTHELIA_REQUIRES"; then authelia=n return 1 fi } authelia_install_post_compose() { local app_name="$1" local result result=$(copyResource "$app_name" "configuration.yml" "config" | runInstallWrite -a "$logs_dir/$docker_log_file" 2>&1) checkSuccess "Copying configuration.yml to $containers_dir$app_name/config" result=$(copyResource "$app_name" "users_database.yml" "config" | runInstallWrite -a "$logs_dir/$docker_log_file" 2>&1) checkSuccess "Copying users_database.yml to $containers_dir$app_name/config" local authelia_config_file="$containers_dir$app_name/config/configuration.yml" runFileOp sed -i "s|AUTHELIA_THEME_PLACEHOLDER|$CFG_AUTHELIA_THEME|g" "$authelia_config_file" runFileOp sed -i "s|AUTHELIA_DOMAIN_PLACEHOLDER|$domain_full|g" "$authelia_config_file" runFileOp sed -i "s|AUTHELIA_HOST_PLACEHOLDER|$host_setup|g" "$authelia_config_file" checkSuccess "Substituting Authelia configuration values (theme=$CFG_AUTHELIA_THEME domain=$domain_full host=$host_setup)" local authelia_secrets_dir="$containers_dir$app_name/secrets" runFileOp mkdir -p "$authelia_secrets_dir" local secret_name secret_file for secret_name in JWT_SECRET SESSION_SECRET STORAGE_ENCRYPTION_KEY; do secret_file="$authelia_secrets_dir/$secret_name" if [[ ! -s "$secret_file" ]]; then openssl rand -hex 64 | runFileWrite "$secret_file" runFileOp chmod 600 "$secret_file" fi done runFileOp chown -R "$docker_install_user":"$docker_install_user" "$authelia_secrets_dir" checkSuccess "Generated Authelia secrets at $authelia_secrets_dir" # Authelia's metrics block lives in configuration.yml (not the compose), # so toggle it here. The driver already toggled docker-compose.yml. monitoringToggleAppConfig "$app_name" "config/configuration.yml" } authelia_install_post_start() { local app_name="$1" ((menu_number++)) echo "" echo "---- $menu_number. Configuring Authelia admin account" echo "" local authelia_admin_user="${CFG_AUTHELIA_ADMIN_USERNAME:-admin}" local authelia_admin_pass="${CFG_AUTHELIA_ADMIN_PASSWORD:-authelia}" local authelia_users_file="$containers_dir$app_name/config/users_database.yml" local authelia_attempts=0 while ((authelia_attempts < 30)); do if runFileOp docker exec authelia-service authelia --version >/dev/null 2>&1; then break fi sleep 2 ((authelia_attempts++)) done if ((authelia_attempts >= 30)); then isNotice "Authelia container did not become responsive in time — admin left at default (admin / authelia)." return 0 fi local authelia_hash authelia_hash=$(runFileOp docker exec authelia-service authelia crypto hash generate argon2 --password "$authelia_admin_pass" 2>/dev/null \ | grep -oE '\$argon2[^[:space:]]+') if [[ -z "$authelia_hash" ]]; then isNotice "Could not generate Authelia password hash — admin left at default (admin / authelia)." return 0 fi runFileWrite "$authelia_users_file" <