From 9b1bf73bbea69d2c0467b818f34299477ddd590d Mon Sep 17 00:00:00 2001 From: Firas Dib Date: Mon, 3 Jul 2023 22:51:24 +0200 Subject: [PATCH] Add documentation on how to integrate SilverBullet with Authelia (#448) --- website/Authelia.md | 26 ++++++++++++++++++++++++++ website/Install.md | 5 ++++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 website/Authelia.md diff --git a/website/Authelia.md b/website/Authelia.md new file mode 100644 index 00000000..d32e9d5f --- /dev/null +++ b/website/Authelia.md @@ -0,0 +1,26 @@ +# How to setup SilverBullet with Authelia +In order for SilverBullet to work as intended, some files will need to be excluded from your authentication method of choice. These files need to always be accessible, for example for offline or [[PWA]] support. + +The files are the following: +- The web manifest +- The app icon +- The service worker + +These files can be whitelisted by adjusting your Authelia configuration to something like this: + +```yaml +access_control: + default_policy: deny + + rules: + - domain: silverbullet.yourdomain.com + resources: + - '/.client/manifest.json$' + - '/.client/[a-zA-Z0-9_-]+.png$' + - '/service_worker.js$' + policy: bypass + - domain: yourdomain.com + policy: two_factor +``` + +Please adjust this to fit your specific needs. The important part is that the files are associated with `policy: bypass`. diff --git a/website/Install.md b/website/Install.md index 92323bb8..83655861 100644 --- a/website/Install.md +++ b/website/Install.md @@ -112,4 +112,7 @@ You can configure SB with environment variables instead of flags as well. The fo * `SB_USER`: Sets single-user credentials (like `--user`), e.g. `SB_USER=pete:1234` * `SB_PORT`: Sets the port to listen to, e.g. `SB_PORT=1234` * `SB_FOLDER`: Sets the folder to expose, e.g. `SB_FOLDER=/space` -* `SB_AUTH`: Loads an [[Authentication]] database from a (JSON encoded) string, e.g. `SB_AUTH=$(cat /path/to/.auth.json)` \ No newline at end of file +* `SB_AUTH`: Loads an [[Authentication]] database from a (JSON encoded) string, e.g. `SB_AUTH=$(cat /path/to/.auth.json)` + +## Using Authelia +You need to adjust a few configuration options in [[Authelia]] in order for SilverBullet to work as intended.