gristlabs_grist-core/docker-compose-examples/grist-traefik-oidc-auth
Spoffy dfb816888e
Adds docker compose examples (#1113)
This adds three example docker-compose files:

- A basic Grist instance backed by sqlite, with no additional services.
- A Grist instance that uses Postgres, Redis and MinIO.
- A Grist instance that uses OIDC authentication and traefik.

These are intended to be customised by self-hosters for their own needs.

All examples should work without any additional configuration.
2024-08-12 20:54:43 +01:00
..
configs Adds docker compose examples (#1113) 2024-08-12 20:54:43 +01:00
secrets_template Adds docker compose examples (#1113) 2024-08-12 20:54:43 +01:00
docker-compose.yml Adds docker compose examples (#1113) 2024-08-12 20:54:43 +01:00
env-template Adds docker compose examples (#1113) 2024-08-12 20:54:43 +01:00
generateSecureSecrets.sh Adds docker compose examples (#1113) 2024-08-12 20:54:43 +01:00
README.md Adds docker compose examples (#1113) 2024-08-12 20:54:43 +01:00

This is an example of Grist with Authelia for OIDC authentication, and Traefik for HTTP encryption and routing.

OIDC enables authentication using many existing providers, including Google, Microsoft, Amazon and Okta.

This example uses Authelia, which is a locally hosted OIDC provider, so that it can work without further setup. However, Authelia could be easily replaced by one of the providers listed above, or other self-hosted alternatives, such as Authentik or Dex.

This example could be hosted on a dedicated server, with the following changes:

  • DNS setup
  • HTTPS / Certificate setup (e.g Let's encrypt)

See https://support.getgrist.com/install/oidc for more information on using Grist with OIDC.

How to run this example

To run this example, you'll first need to generate several secrets needed by Authelia.

This is automated for you in generateSecureSecrets.sh, which uses Authelia's docker image to populate the ./secrets directory.

This example can then be run with docker compose up. This will make Grist available on https://grist.localhost with a self-signed certificate (by default), after all the services have started. Note: it may take up to a minute for all of the services to start correctly.

The self-signed certificate will cause a security warning in the web browser when you try to visit Grist. This is fine for local testing and can be bypassed, but correct certificates should be set up if Grist is being made available on the internet.

Users

The default username is test, with password test.

You can add or modify users in ./configs/authelia/user-database.yml. Additional instructions are provided in that file.