homeserver/docker-compose/traefik/docker-compose.yml.j2

93 lines
2.4 KiB
Text
Raw Normal View History

services:
######## traefik ########
traefik:
container_name: traefik
image: "traefik:v3.2.0"
restart: unless-stopped
pull_policy: missing
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./traefik.yml:/etc/traefik/traefik.yml
- ./file-provider.yml:/etc/traefik/file-provider.yml
- acme_data:/etc/traefik/acme
networks:
- traefik
ports:
- "80:80" # HTTP
- "8081:8080" # Web-GUI
- "443:443" # HTTPS
- "2222:2222" # SSH
environment:
TZ: Europe/Berlin
healthcheck:
test: ["CMD", "traefik", "healthcheck", "--ping"]
interval: 30s
timeout: 10s
retries: 3
2024-11-10 10:56:26 +01:00
2024-11-10 10:49:54 +01:00
######## authelia ########
authelia:
image: authelia/authelia:4.38.17
container_name: authelia
restart: unless-stopped
pull_policy: missing
environment:
2024-11-10 10:49:54 +01:00
TZ: Europe/Berlin
volumes:
- ./configuration.yml:/config/configuration.yml
2024-11-10 11:05:02 +01:00
- ./users_database.yml:/config/users_database.yml
2024-11-10 10:49:54 +01:00
- authelia_data:/data
labels:
2024-11-10 10:49:54 +01:00
traefik.enable: true'
traefik.http.routers.authelia.rule: Host(`auth.mgrote.net`)
traefik.http.services.authelia.loadbalancer.server.port: 80
traefik.http.routers.authelia.tls: true
traefik.http.routers.authelia.tls.certresolver: resolver_letsencrypt
traefik.http.routers.authelia.entrypoints: entry_https
2024-11-10 10:56:08 +01:00
traefik.http.middlewares.authelia.forwardauth.address: http://authelia:9091/api/verify?rd=https://auth.mgrote.net'
2024-11-10 10:49:54 +01:00
traefik.http.middlewares.authelia.forwardauth.trustForwardHeader: true'
traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email'
depends_on:
- authelia-redis
2024-11-10 11:01:12 +01:00
networks:
- traefik
- postfix
- authelia
2024-11-10 10:49:54 +01:00
authelia-redis: # version!!!!
image: redis:7
container_name: authelia-redis
restart: unless-stopped
pull_policy: missing
environment:
TZ: Europe/Berlin
2024-11-10 11:01:12 +01:00
networks:
- authelia
######## Networks ########
networks:
traefik:
external: true
2024-11-10 11:01:12 +01:00
postfix:
external: true
######## Volumes ########
volumes:
acme_data:
2024-11-10 10:49:54 +01:00
authelia_data:
# passwd
2024-11-10 10:52:11 +01:00
# echo "<user>:$(mkpasswd -m sha-512 <password>)" # kann weg
2024-11-10 10:49:54 +01:00
# TODO
# ldap user: https://www.authelia.com/configuration/first-factor/ldap/
# test mit whoami
# doku: https://ruanbekker.hashnode.dev/sso-with-authelia-using-traefik-on-docker
# healtchecks
# munin
# keepass aufraumen
2024-11-10 10:52:11 +01:00
# secrets
2024-11-10 11:02:47 +01:00
# docs lesen