add authelia to registry-ui (#234)
Reviewed-on: #234 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
bc6f8fdc9e
commit
31031608b8
4 changed files with 13 additions and 4 deletions
|
@ -91,9 +91,8 @@ services:
|
|||
timeout: 10s
|
||||
retries: 3
|
||||
labels:
|
||||
traefik.http.routers.registry-ui.rule: Host(`registry.mgrote.net`)&&PathPrefix(`/ui`) # mache unter /ui erreichbar, damit wird demPfad dieser Prefix hinzugefügt, die Anwendung "hört" dort abrer nicht
|
||||
traefik.http.routers.registry-ui.middlewares: registry-ui-strip-prefix,registry-ui-ipallowlist # also entferne den Prefix danach wieder
|
||||
traefik.http.middlewares.registry-ui-strip-prefix.stripprefix.prefixes: /ui # hier ist die Middleware definiert
|
||||
traefik.http.routers.registry-ui.rule: Host(`rui.mgrote.net`)
|
||||
traefik.http.routers.registry-ui.middlewares: authelia,registry-ui-ipallowlist # also entferne den Prefix danach wieder
|
||||
traefik.enable: true
|
||||
traefik.http.routers.registry-ui.tls: true
|
||||
traefik.http.routers.registry-ui.tls.certresolver: resolver_letsencrypt
|
||||
|
@ -109,7 +108,6 @@ networks:
|
|||
external: true
|
||||
intern:
|
||||
|
||||
|
||||
######## Volumes ########
|
||||
volumes:
|
||||
oci:
|
||||
|
|
|
@ -3,6 +3,8 @@
|
|||
|
||||
server.address: "0.0.0.0:9091"
|
||||
|
||||
theme: auto
|
||||
|
||||
log:
|
||||
level: debug
|
||||
|
||||
|
@ -19,6 +21,10 @@ access_control:
|
|||
policy: one_factor
|
||||
subject:
|
||||
- 'group:authelia_wiki'
|
||||
- domain: rui.mgrote.net
|
||||
policy: one_factor
|
||||
subject:
|
||||
- 'group:authelia_registry-ui'
|
||||
|
||||
session:
|
||||
name: authelia_session
|
||||
|
|
|
@ -26,6 +26,8 @@ services:
|
|||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 3
|
||||
depends_on:
|
||||
- authelia
|
||||
|
||||
######## authelia ########
|
||||
authelia:
|
||||
|
@ -51,6 +53,7 @@ services:
|
|||
traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email
|
||||
depends_on:
|
||||
- authelia-redis
|
||||
- authelia-db
|
||||
networks:
|
||||
- traefik
|
||||
- postfix
|
||||
|
|
|
@ -90,6 +90,8 @@ blocky_custom_lookups: # optional
|
|||
ip: 192.168.2.40
|
||||
- name: s3.mgrote.net
|
||||
ip: 192.168.2.43
|
||||
- name: rui.mgrote.net
|
||||
ip: 192.168.2.43
|
||||
|
||||
### mgrote_munin_node
|
||||
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
||||
|
|
Loading…
Reference in a new issue