changed Files: docker-compose/authelia/configuration.yml.j2
docker-compose/traefik/docker-compose.yml.j2 docker-compose/traefik/traefik.yml group_vars/blocky.yml Signed-off-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
parent
1956e70a3a
commit
c6281461f0
4 changed files with 19 additions and 4 deletions
|
@ -21,6 +21,10 @@ access_control:
|
|||
policy: one_factor
|
||||
subject:
|
||||
- 'group:authelia_wiki'
|
||||
- domain: traefik.mgrote.net
|
||||
policy: one_factor
|
||||
subject:
|
||||
- 'group:authelia_traefik'
|
||||
- domain: rui.mgrote.net
|
||||
policy: one_factor
|
||||
subject:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# Details/Doku: https://wiki.mgrote.net/pages/_Technik/software/rest/ldap/?h=ldap
|
||||
# Details/Doku: https:/wiki.mgrote.net/pages/_Technik/software/rest/ldap
|
||||
|
||||
services:
|
||||
######## traefik ########
|
||||
|
@ -16,16 +16,23 @@ services:
|
|||
- traefik
|
||||
ports:
|
||||
- "80:80" # HTTP
|
||||
- "8081:8080" # Web-GUI
|
||||
- "8081:8080" # Web-GUI # deaktiveiren, einkomentioeren wenn ldap oder middleware kapuutt !!!
|
||||
- "443:443" # HTTPS
|
||||
- "2222:2222" # SSH
|
||||
environment:
|
||||
TZ: Europe/Berlin
|
||||
healthcheck:
|
||||
test: ["CMD", "traefik", "healthcheck", "--ping"]
|
||||
interval: 30s
|
||||
interval: 10s
|
||||
timeout: 10s
|
||||
retries: 3
|
||||
labels:
|
||||
traefik.http.routers.traefik-dashboard.rule: Host(`traefik.mgrote.net`)
|
||||
traefik.enable: true
|
||||
traefik.http.routers.traefik-dashboard.entrypoints: entry_https
|
||||
traefik.http.services.traefik-dashboard.loadbalancer.server.port: 8080
|
||||
|
||||
traefik.http.routers.traefik-dashboard.middlewares: authelia@docker
|
||||
|
||||
######## Networks ########
|
||||
networks:
|
||||
|
@ -37,3 +44,5 @@ networks:
|
|||
######## Volumes ########
|
||||
volumes:
|
||||
acme_data:
|
||||
|
||||
# inscure mode aus
|
||||
|
|
|
@ -36,7 +36,7 @@ log:
|
|||
accessLog: {}
|
||||
|
||||
api:
|
||||
insecure: true
|
||||
insecure: false
|
||||
dashboard: true # unter Port 8081 erreichbar
|
||||
|
||||
ping: {} # für healthcheck
|
||||
|
|
|
@ -92,6 +92,8 @@ blocky_custom_lookups: # optional
|
|||
ip: 192.168.2.43
|
||||
- name: rui.mgrote.net
|
||||
ip: 192.168.2.43
|
||||
- name: traefik.mgrote.net # kein oeffentlicher DNS-Record
|
||||
ip: 192.168.2.43
|
||||
|
||||
### mgrote_munin_node
|
||||
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP
|
||||
|
|
Loading…
Reference in a new issue