changed Files: docker-compose/traefik/configuration.yml.j2
All checks were successful
ansible-lint / gitleaks (pull_request) Successful in 5s
ansible-lint / Ansible Lint (pull_request) Successful in 48s

docker-compose/traefik/file-provider.yml
group_vars/blocky.yml
group_vars/munin.yml

Signed-off-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2024-11-14 12:13:24 +00:00
parent d3814000f9
commit 65b4719c36
4 changed files with 21 additions and 2 deletions

View file

@ -21,6 +21,10 @@ access_control:
policy: one_factor policy: one_factor
subject: subject:
- 'group:authelia_wiki' - 'group:authelia_wiki'
- domain: munin.mgrote.net
policy: one_factor
subject:
- 'group:authelia_munin'
- domain: rui.mgrote.net - domain: rui.mgrote.net
policy: one_factor policy: one_factor
subject: subject:

View file

@ -2,6 +2,16 @@
http: http:
###### router ##### ###### router #####
routers: routers:
router_munin:
rule: "Host(`munin.mgrote.net`)"
service: "service_munin"
middlewares:
- "ratelimit40@file"
- "authelia@docker"
entrypoints:
- entry_https
tls:
certresolver: resolver_letsencrypt
router_forgejo: router_forgejo:
rule: "Host(`git.mgrote.net`)" rule: "Host(`git.mgrote.net`)"
service: "service_forgejo" service: "service_forgejo"
@ -13,6 +23,10 @@ http:
certresolver: resolver_letsencrypt certresolver: resolver_letsencrypt
###### services ##### ###### services #####
services: services:
service_munin:
loadBalancer:
servers:
- url: "http://munin.mgrote.net/"
service_forgejo: service_forgejo:
loadBalancer: loadBalancer:
servers: servers:

View file

@ -87,7 +87,7 @@ blocky_custom_lookups: # optional
- name: ldap.mgrote.net - name: ldap.mgrote.net
ip: 192.168.2.47 ip: 192.168.2.47
- name: munin.mgrote.net - name: munin.mgrote.net
ip: 192.168.2.40 ip: 192.168.2.43
- name: s3.mgrote.net - name: s3.mgrote.net
ip: 192.168.2.43 ip: 192.168.2.43
- name: rui.mgrote.net - name: rui.mgrote.net

View file

@ -10,6 +10,7 @@ ufw_rules:
to_port: 80 to_port: 80
protocol: tcp protocol: tcp
comment: 'munin' comment: 'munin'
from_ip: 192.168.2.43 # nur von docker10 aus, wird in blocky dort auf traefik umgeleitet
### mgrote_restic ### mgrote_restic
restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin" restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin"
@ -104,7 +105,7 @@ munin_node_plugins:
src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/http/http_response src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/http/http_response
config: | config: |
[http_response] [http_response]
env.sites https://git.mgrote.net http://ldap.mgrote.net:17170 https://docker10.mgrote.net:8443 https://registry.mgrote.net/ui/ http://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://s3.mgrote.net https://auth.mgrote.net env.sites https://git.mgrote.net http://ldap.mgrote.net:17170 https://docker10.mgrote.net:8443 https://rui.mgrote.net/ https://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://s3.mgrote.net https://auth.mgrote.net
env.max_time 20 env.max_time 20
env.short_label true env.short_label true
env.follow_redirect true env.follow_redirect true