changed Files: docker-compose/authelia/configuration.yml.j2
docker-compose/traefik/docker-compose.yml.j2 docker-compose/traefik/traefik.yml group_vars/blocky.yml Signed-off-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
1956e70a3a
commit
c6281461f0
4 changed files with 19 additions and 4 deletions
|
@ -21,6 +21,10 @@ access_control:
|
||||||
policy: one_factor
|
policy: one_factor
|
||||||
subject:
|
subject:
|
||||||
- 'group:authelia_wiki'
|
- 'group:authelia_wiki'
|
||||||
|
- domain: traefik.mgrote.net
|
||||||
|
policy: one_factor
|
||||||
|
subject:
|
||||||
|
- 'group:authelia_traefik'
|
||||||
- domain: rui.mgrote.net
|
- domain: rui.mgrote.net
|
||||||
policy: one_factor
|
policy: one_factor
|
||||||
subject:
|
subject:
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# Details/Doku: https://wiki.mgrote.net/pages/_Technik/software/rest/ldap/?h=ldap
|
# Details/Doku: https:/wiki.mgrote.net/pages/_Technik/software/rest/ldap
|
||||||
|
|
||||||
services:
|
services:
|
||||||
######## traefik ########
|
######## traefik ########
|
||||||
|
@ -16,16 +16,23 @@ services:
|
||||||
- traefik
|
- traefik
|
||||||
ports:
|
ports:
|
||||||
- "80:80" # HTTP
|
- "80:80" # HTTP
|
||||||
- "8081:8080" # Web-GUI
|
- "8081:8080" # Web-GUI # deaktiveiren, einkomentioeren wenn ldap oder middleware kapuutt !!!
|
||||||
- "443:443" # HTTPS
|
- "443:443" # HTTPS
|
||||||
- "2222:2222" # SSH
|
- "2222:2222" # SSH
|
||||||
environment:
|
environment:
|
||||||
TZ: Europe/Berlin
|
TZ: Europe/Berlin
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ["CMD", "traefik", "healthcheck", "--ping"]
|
test: ["CMD", "traefik", "healthcheck", "--ping"]
|
||||||
interval: 30s
|
interval: 10s
|
||||||
timeout: 10s
|
timeout: 10s
|
||||||
retries: 3
|
retries: 3
|
||||||
|
labels:
|
||||||
|
traefik.http.routers.traefik-dashboard.rule: Host(`traefik.mgrote.net`)
|
||||||
|
traefik.enable: true
|
||||||
|
traefik.http.routers.traefik-dashboard.entrypoints: entry_https
|
||||||
|
traefik.http.services.traefik-dashboard.loadbalancer.server.port: 8080
|
||||||
|
|
||||||
|
traefik.http.routers.traefik-dashboard.middlewares: authelia@docker
|
||||||
|
|
||||||
######## Networks ########
|
######## Networks ########
|
||||||
networks:
|
networks:
|
||||||
|
@ -37,3 +44,5 @@ networks:
|
||||||
######## Volumes ########
|
######## Volumes ########
|
||||||
volumes:
|
volumes:
|
||||||
acme_data:
|
acme_data:
|
||||||
|
|
||||||
|
# inscure mode aus
|
||||||
|
|
|
@ -36,7 +36,7 @@ log:
|
||||||
accessLog: {}
|
accessLog: {}
|
||||||
|
|
||||||
api:
|
api:
|
||||||
insecure: true
|
insecure: false
|
||||||
dashboard: true # unter Port 8081 erreichbar
|
dashboard: true # unter Port 8081 erreichbar
|
||||||
|
|
||||||
ping: {} # für healthcheck
|
ping: {} # für healthcheck
|
||||||
|
|
|
@ -92,6 +92,8 @@ blocky_custom_lookups: # optional
|
||||||
ip: 192.168.2.43
|
ip: 192.168.2.43
|
||||||
- name: rui.mgrote.net
|
- name: rui.mgrote.net
|
||||||
ip: 192.168.2.43
|
ip: 192.168.2.43
|
||||||
|
- name: traefik.mgrote.net # kein oeffentlicher DNS-Record
|
||||||
|
ip: 192.168.2.43
|
||||||
|
|
||||||
### mgrote_munin_node
|
### mgrote_munin_node
|
||||||
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
||||||
|
|
Loading…
Reference in a new issue