add authelia to registry-ui (#234)
Reviewed-on: #234 Co-authored-by: Michael Grote <michael.grote@posteo.de> Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
bc6f8fdc9e
commit
31031608b8
4 changed files with 13 additions and 4 deletions
|
|
@ -91,9 +91,8 @@ services:
|
||||||
timeout: 10s
|
timeout: 10s
|
||||||
retries: 3
|
retries: 3
|
||||||
labels:
|
labels:
|
||||||
traefik.http.routers.registry-ui.rule: Host(`registry.mgrote.net`)&&PathPrefix(`/ui`) # mache unter /ui erreichbar, damit wird demPfad dieser Prefix hinzugefügt, die Anwendung "hört" dort abrer nicht
|
traefik.http.routers.registry-ui.rule: Host(`rui.mgrote.net`)
|
||||||
traefik.http.routers.registry-ui.middlewares: registry-ui-strip-prefix,registry-ui-ipallowlist # also entferne den Prefix danach wieder
|
traefik.http.routers.registry-ui.middlewares: authelia,registry-ui-ipallowlist # also entferne den Prefix danach wieder
|
||||||
traefik.http.middlewares.registry-ui-strip-prefix.stripprefix.prefixes: /ui # hier ist die Middleware definiert
|
|
||||||
traefik.enable: true
|
traefik.enable: true
|
||||||
traefik.http.routers.registry-ui.tls: true
|
traefik.http.routers.registry-ui.tls: true
|
||||||
traefik.http.routers.registry-ui.tls.certresolver: resolver_letsencrypt
|
traefik.http.routers.registry-ui.tls.certresolver: resolver_letsencrypt
|
||||||
|
|
@ -109,7 +108,6 @@ networks:
|
||||||
external: true
|
external: true
|
||||||
intern:
|
intern:
|
||||||
|
|
||||||
|
|
||||||
######## Volumes ########
|
######## Volumes ########
|
||||||
volumes:
|
volumes:
|
||||||
oci:
|
oci:
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@
|
||||||
|
|
||||||
server.address: "0.0.0.0:9091"
|
server.address: "0.0.0.0:9091"
|
||||||
|
|
||||||
|
theme: auto
|
||||||
|
|
||||||
log:
|
log:
|
||||||
level: debug
|
level: debug
|
||||||
|
|
||||||
|
|
@ -19,6 +21,10 @@ access_control:
|
||||||
policy: one_factor
|
policy: one_factor
|
||||||
subject:
|
subject:
|
||||||
- 'group:authelia_wiki'
|
- 'group:authelia_wiki'
|
||||||
|
- domain: rui.mgrote.net
|
||||||
|
policy: one_factor
|
||||||
|
subject:
|
||||||
|
- 'group:authelia_registry-ui'
|
||||||
|
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
|
|
|
||||||
|
|
@ -26,6 +26,8 @@ services:
|
||||||
interval: 30s
|
interval: 30s
|
||||||
timeout: 10s
|
timeout: 10s
|
||||||
retries: 3
|
retries: 3
|
||||||
|
depends_on:
|
||||||
|
- authelia
|
||||||
|
|
||||||
######## authelia ########
|
######## authelia ########
|
||||||
authelia:
|
authelia:
|
||||||
|
|
@ -51,6 +53,7 @@ services:
|
||||||
traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email
|
traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email
|
||||||
depends_on:
|
depends_on:
|
||||||
- authelia-redis
|
- authelia-redis
|
||||||
|
- authelia-db
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
- postfix
|
- postfix
|
||||||
|
|
|
||||||
|
|
@ -90,6 +90,8 @@ blocky_custom_lookups: # optional
|
||||||
ip: 192.168.2.40
|
ip: 192.168.2.40
|
||||||
- name: s3.mgrote.net
|
- name: s3.mgrote.net
|
||||||
ip: 192.168.2.43
|
ip: 192.168.2.43
|
||||||
|
- name: rui.mgrote.net
|
||||||
|
ip: 192.168.2.43
|
||||||
|
|
||||||
### mgrote_munin_node
|
### mgrote_munin_node
|
||||||
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue