Two Docker images are provided as a utility to run the NS:
- nextauth-mgmt contains the management interface for the NS, providing both the Dashboard and Account Management;
- nextauth-portmap is a tool for testing environments, which you can use to expose the NS ports, Dashboard and Account Management web interfaces.
nextauth-mgmt Docker image is entirely configured through environment variables. It expects the NS API to be available at
nextauth:8888. This is set up by default if you use the nextAuth provided
It requires only one environment variable in order to access the NS:
NEXTAUTH_ROOT_APIKEY: Root API key for the nextAuth API.
nextauth-portmap Docker image is also entirely configured through environment variables.
The portmap utility will act as a HTTP proxy, mapping URLs to a specific host and port. Portmap supports TLS and will automatically request TLS certificates from LetsEncrypt when configuring a
For production environments
nextauth-portmap should not be used, but a proper reverse proxy with TLS termination should be set up.
NEXTAUTH_WS_URL: WebSocket endpoint, using HTTPS is strongly recommended (e.g.,
NEXTAUTH_WS_MAP: Host and port to forward websocket requests to (e.g.,
NEXTAUTH_PROTO_URL: nextAuth protocol endpoint (e.g.,
NEXTAUTH_PROTO_MAP: Host and port to forward nextAuth protocol requests to (e.g.,
NEXTAUTH_DASHBOARD_URL: Dashboard web interface endpoint, using HTTPS is strongly recommended (e.g.,
https://dashboard.mysite.com/). Using a subfolder URL (e.g.,
https://www.mysite.com/dashboard/) is not supported.
NEXTAUTH_DASHBOARD_MAP: Host and port to forward dashboard requests to (e.g.
NEXTAUTH_ACCOUNT_URL: Account Management web interface endpoint, using HTTPS and wilcard subdomains is strongly recommended (e.g.,
NEXTAUTH_ACCOUNT_MAP: Host and port to forward account management requests to (e.g.,
NEXTAUTH_IDP_URL: Identity Provider endpoint, using HTTPS and wilcard subdomains is strongly recommended (e.g.,
NEXTAUTH_IDP_MAP: Host and port to forward IdP requests to (e.g.,
NEXTAUTH_TLS_EMAIL: Email address to use for TLS certificate requests towards LetsEncrypt (e.g.,
ACME_AGREE: Set to “true” to accept the LetsEncrypt terms and conditions.