feat: add authelia example use for authentication

[miberecz]

To address the lot of confusion around how to install and configure Authelia as an authentication backed for Opencloud, like opencloud-eu/desktop#217
I tried to port my solution to match the project structure here.

PROXY_ROLE_ASSIGNMENT_DRIVER works questionably right now, so I included my workflow of bootstrapping the service with oidc then use default to make all clients work.

Disclaimer: Docs/comments are AI-aided. Also I don't speak Traefik so that is an AI translation of my Nginx setup.

[juan11perez]

Good day, I'd like to add that in a related post i saw a csp.yml file in opencloud/idm/csp.yml with this content:

services:
  opencloud:
    environment:
      PROXY_CSP_CONFIG_FILE_LOCATION: /etc/opencloud/csp.yaml
    volumes:
      - ./appdata/config/csp.yaml:/etc/opencloud/csp.yaml:ro

And then opencloud/appdata/config/csp.yaml

directives:
  default-src:
    - "'self'"
  connect-src:
    - "'self'"
    - "https://authelia.yourdomain.com"
    - "https://opencloud.yourdomain.com"
    - "https://collabora.yourdomain.com"
    - "https://wopi.yourdomain.com"    
  frame-src:
    - "'self'"
    - "https://collabora.yourdomain.com"
    - "https://wopi.yourdomain.com"  
  frame-ancestors:
    - 'self'
    - "https://collabora.yourdomain.com"
    - "https://wopi.yourdomain.com"  
  img-src:
    - "'self'"
    - "data:"
    - "blob:"
  script-src:
    - "'self'"
    - "'unsafe-inline'"
  style-src:
    - "'self'"
    - "'unsafe-inline'"
  font-src:
    - "'self'"
    - "data:"

These were necessary to get collabora working

[micbar]

I like that addition, but for me it feels to big.

I would like to drop LLDAP here.

We already have OpenLDAP in the stack, too much diversity kills us here in regards of documentation.