From b302951682ee50b32a57b5bfb3c7fd8dc724a621 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 16:43:59 +0100 Subject: [PATCH 1/6] dfg --- docker-compose/registry/docker-compose.yml.j2 | 3 +-- docker-compose/traefik/configuration.yml.j2 | 5 ++++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/docker-compose/registry/docker-compose.yml.j2 b/docker-compose/registry/docker-compose.yml.j2 index a6e3096d..a68c659d 100644 --- a/docker-compose/registry/docker-compose.yml.j2 +++ b/docker-compose/registry/docker-compose.yml.j2 @@ -92,7 +92,7 @@ services: retries: 3 labels: traefik.http.routers.registry-ui.rule: Host(`registry.mgrote.net`)&&PathPrefix(`/ui`) # mache unter /ui erreichbar, damit wird demPfad dieser Prefix hinzugefügt, die Anwendung "hört" dort abrer nicht - traefik.http.routers.registry-ui.middlewares: registry-ui-strip-prefix,registry-ui-ipallowlist # also entferne den Prefix danach wieder + traefik.http.routers.registry-ui.middlewares: registry-ui-strip-prefix,registry-ui-ipallowlist,authelia # also entferne den Prefix danach wieder traefik.http.middlewares.registry-ui-strip-prefix.stripprefix.prefixes: /ui # hier ist die Middleware definiert traefik.enable: true traefik.http.routers.registry-ui.tls: true @@ -109,7 +109,6 @@ networks: external: true intern: - ######## Volumes ######## volumes: oci: diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index 03ee4ea0..8cf9c6a4 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -19,7 +19,10 @@ access_control: policy: one_factor subject: - 'group:authelia_wiki' - + - domain: registry.mgrote.net + policy: one_factor + subject: + - 'group:authelia_registry-ui' session: name: authelia_session secret: {{ lookup('viczem.keepass.keepass', 'authelia/authelia_session_secret', 'password') }} -- 2.43.0 From a92cf7f812066bac1574b25917ad63ffdfbc9909 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 16:56:15 +0100 Subject: [PATCH 2/6] gfdff --- docker-compose/registry/docker-compose.yml.j2 | 2 +- docker-compose/traefik/configuration.yml.j2 | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docker-compose/registry/docker-compose.yml.j2 b/docker-compose/registry/docker-compose.yml.j2 index a68c659d..0e98a86e 100644 --- a/docker-compose/registry/docker-compose.yml.j2 +++ b/docker-compose/registry/docker-compose.yml.j2 @@ -92,7 +92,7 @@ services: retries: 3 labels: traefik.http.routers.registry-ui.rule: Host(`registry.mgrote.net`)&&PathPrefix(`/ui`) # mache unter /ui erreichbar, damit wird demPfad dieser Prefix hinzugefügt, die Anwendung "hört" dort abrer nicht - traefik.http.routers.registry-ui.middlewares: registry-ui-strip-prefix,registry-ui-ipallowlist,authelia # also entferne den Prefix danach wieder + traefik.http.routers.registry-ui.middlewares: authelia,registry-ui-strip-prefix,registry-ui-ipallowlist # also entferne den Prefix danach wieder traefik.http.middlewares.registry-ui-strip-prefix.stripprefix.prefixes: /ui # hier ist die Middleware definiert traefik.enable: true traefik.http.routers.registry-ui.tls: true diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index 8cf9c6a4..c9f41070 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -23,6 +23,7 @@ access_control: policy: one_factor subject: - 'group:authelia_registry-ui' + session: name: authelia_session secret: {{ lookup('viczem.keepass.keepass', 'authelia/authelia_session_secret', 'password') }} -- 2.43.0 From 195b44bc6bd38fc5dffdc91fa4c3e87d5b037788 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 16:56:55 +0100 Subject: [PATCH 3/6] dependsa --- docker-compose/traefik/docker-compose.yml.j2 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker-compose/traefik/docker-compose.yml.j2 b/docker-compose/traefik/docker-compose.yml.j2 index 40ff6641..49a0000d 100644 --- a/docker-compose/traefik/docker-compose.yml.j2 +++ b/docker-compose/traefik/docker-compose.yml.j2 @@ -26,6 +26,8 @@ services: interval: 30s timeout: 10s retries: 3 + depends_on: + - authelia ######## authelia ######## authelia: @@ -51,6 +53,7 @@ services: traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email depends_on: - authelia-redis + - authelia-db networks: - traefik - postfix -- 2.43.0 From e2d2937504fb1efd3aef85792359c82b801265ba Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 17:01:28 +0100 Subject: [PATCH 4/6] theme --- docker-compose/traefik/configuration.yml.j2 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index c9f41070..95be3603 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -3,6 +3,8 @@ server.address: "0.0.0.0:9091" +theme: auto + log: level: debug -- 2.43.0 From 5537098156c161d0e113186ba1e161686c88dcf4 Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 17:21:40 +0100 Subject: [PATCH 5/6] dfg --- docker-compose/registry/docker-compose.yml.j2 | 5 ++--- docker-compose/traefik/configuration.yml.j2 | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/docker-compose/registry/docker-compose.yml.j2 b/docker-compose/registry/docker-compose.yml.j2 index 0e98a86e..6dda59a6 100644 --- a/docker-compose/registry/docker-compose.yml.j2 +++ b/docker-compose/registry/docker-compose.yml.j2 @@ -91,9 +91,8 @@ services: timeout: 10s retries: 3 labels: - traefik.http.routers.registry-ui.rule: Host(`registry.mgrote.net`)&&PathPrefix(`/ui`) # mache unter /ui erreichbar, damit wird demPfad dieser Prefix hinzugefügt, die Anwendung "hört" dort abrer nicht - traefik.http.routers.registry-ui.middlewares: authelia,registry-ui-strip-prefix,registry-ui-ipallowlist # also entferne den Prefix danach wieder - traefik.http.middlewares.registry-ui-strip-prefix.stripprefix.prefixes: /ui # hier ist die Middleware definiert + traefik.http.routers.registry-ui.rule: Host(`rui.mgrote.net`) + traefik.http.routers.registry-ui.middlewares: authelia,registry-ui-ipallowlist # also entferne den Prefix danach wieder traefik.enable: true traefik.http.routers.registry-ui.tls: true traefik.http.routers.registry-ui.tls.certresolver: resolver_letsencrypt diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index 95be3603..34b8085a 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -21,7 +21,7 @@ access_control: policy: one_factor subject: - 'group:authelia_wiki' - - domain: registry.mgrote.net + - domain: rui.mgrote.net policy: one_factor subject: - 'group:authelia_registry-ui' -- 2.43.0 From b46fd3baf652e53812842bfb5c6f4f4cd46c618c Mon Sep 17 00:00:00 2001 From: Michael Grote Date: Sun, 10 Nov 2024 17:25:11 +0100 Subject: [PATCH 6/6] ff --- group_vars/blocky.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/group_vars/blocky.yml b/group_vars/blocky.yml index 585779dc..7eefd60a 100644 --- a/group_vars/blocky.yml +++ b/group_vars/blocky.yml @@ -90,6 +90,8 @@ blocky_custom_lookups: # optional ip: 192.168.2.40 - name: s3.mgrote.net ip: 192.168.2.43 + - name: rui.mgrote.net + ip: 192.168.2.43 ### mgrote_munin_node # kann git.mgrote.net nicht auflösen, deshalb hiermit IP -- 2.43.0