Intro
I started using Notion’s free tier as a knowledge bank for a side project. It’s measley 1000 blocks were capped quickly and searching for an alternative lead to Outline. Outline is 100% free, selfhostable, and has a very similar featureset.
Most of the guides out there configure Outline with an S3 store for object storage, but I do not really have a need for it. Also, I wanted to integrate Outline with Authelia for integration with my Active Directory server as well as Fail2Ban.
Docker Compose
After some trial and error, this was the resuting compose file that spins up Outline with OIDC and local object storage.
version: "3.1"
services:
redis:
image: redis
restart: unless-stopped
container_name: redis
networks:
- internal
postgres:
image: postgres:latest
restart: unless-stopped
container_name: postgres
environment:
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_USER=outline
- POSTGRES_DB=outline
networks:
- internal
volumes:
- db:/var/lib/postgresql/data
outline:
image: outlinewiki/outline
user: root
restart: unless-stopped
container_name: outline
command: sh -c "yarn start --env=production-ssl-disabled"
depends_on:
- postgres
- redis
environment:
- PGSSLMODE=disable
- SECRET_KEY=${SECRET_KEY}
- UTILS_SECRET=${UTILS_SECRET}
- DATABASE_URL=postgres://outline:${POSTGRES_PASSWORD}@postgres:5432/outline
- REDIS_URL=redis://redis:6379
- URL=${WIKI_URL}
- PORT=3000
- FORCE_HTTPS=false
- OIDC_CLIENT_ID=outline
- OIDC_CLIENT_SECRET=${OIDC_SECRET}
- OIDC_AUTH_URI=${AUTH_URI}
- OIDC_TOKEN_URI=${AUTH_TOKEN}
- OIDC_USERINFO_URI=${AUTH_USERINFO}
- OIDC_USERNAME_CLAIM=preferred_username
- OIDC_DISPLAY_NAME=Authelia
- OIDC_SCOPES=openid email groups profile
- FILE_STORAGE=local
- FILE_STORAGE_UPLOAD_MAX_SIZE=26214400
- FILE_STORAGE_IMPORT_MAX_SIZE=
- FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE=
- SMTP_HOST=$SMTP_HOST
- SMTP_PORT=$SMTP_PORT
- SMTP_USERNAME=$SMTP_USER
- SMTP_PASSWORD=$SMTP_PASSWORD
- SMTP_FROM_EMAIL=$SMTP_FROM
- SMTP_TLS_CIPHERS=TLSv1.2
- SMTP_SECURE=false
volumes:
- data:/var/lib/outline/data
ports:
- 10300:3000
networks:
- internal
networks:
internal:
volumes:
db:
driver: local
data:
driver: localHere is how you populate the variables:
${SECRET_KEY}, can be any random string (the longer the better)
${UTILS_SECRET}, can be any random string (the longer the better)
${POSTGRES_PASSWORD}, can be any random string (the longer the better)
${WIKI_URL}, where outline will be accessed (like a reverse proxy address)
${OIDC_SECRET}, a random jwt token
${OIDC_AUTH_URI}=${AUTH_URI}, https://<authelia_domain>/api/oidc/authorization
${OIDC_TOKEN_URI}=${AUTH_TOKEN}, https://<authelia_domain>/api/oidc/token
${OIDC_USERINFO_URI}=https://<authelia_domain>/api/oidc/userinfo
Authelia configuration
This is how the configuration.yml for Authelia should look like:
identity_providers:
oidc:
issuer_private_key: |
<private_key>
clients:
- id: outline
description: Outline Wiki
secret: '$plaintext$<OIDC_SECRET>'
public: false
authorization_policy: two_factor
redirect_uris:
- https://<WIKI_URL>/auth/oidc.callback
scopes:
- openid
- profile
- email
- groups
response_types:
- code
grant_types:
- refresh_token
- authorization_code
response_modes:
- form_post
- query
- fragment
userinfo_signing_algorithm: none
token_endpoint_auth_method: client_secret_post
consent_mode: implicitHere is how you populate the variables:
${WIKI_URL}, where outline will be accessed (like a reverse proxy address)
${OIDC_SECRET}, jwt token used in the docker compose file
private_key, please visit the authelia guide located here
Done!
Once set up with these config settings, outline should be up and running. You can take a look at this compose file, as well as others here.