diff --git a/docker-compose/traefik/configuration.yml.j2 b/docker-compose/traefik/configuration.yml.j2 index 34b8085a..a418729b 100644 --- a/docker-compose/traefik/configuration.yml.j2 +++ b/docker-compose/traefik/configuration.yml.j2 @@ -21,6 +21,10 @@ access_control: policy: one_factor subject: - 'group:authelia_wiki' + - domain: munin.mgrote.net + policy: one_factor + subject: + - 'group:authelia_munin' - domain: rui.mgrote.net policy: one_factor subject: diff --git a/docker-compose/traefik/file-provider.yml b/docker-compose/traefik/file-provider.yml index 07e207f0..6b8f6b19 100644 --- a/docker-compose/traefik/file-provider.yml +++ b/docker-compose/traefik/file-provider.yml @@ -2,6 +2,16 @@ http: ###### router ##### routers: + router_munin: + rule: "Host(`munin.mgrote.net`)" + service: "service_munin" + middlewares: + - "ratelimit40@file" + - "authelia@docker" + entrypoints: + - entry_https + tls: + certresolver: resolver_letsencrypt router_forgejo: rule: "Host(`git.mgrote.net`)" service: "service_forgejo" @@ -13,6 +23,10 @@ http: certresolver: resolver_letsencrypt ###### services ##### services: + service_munin: + loadBalancer: + servers: + - url: "http://munin.mgrote.net/" service_forgejo: loadBalancer: servers: diff --git a/group_vars/blocky.yml b/group_vars/blocky.yml index 7eefd60a..5abc653b 100644 --- a/group_vars/blocky.yml +++ b/group_vars/blocky.yml @@ -87,7 +87,7 @@ blocky_custom_lookups: # optional - name: ldap.mgrote.net ip: 192.168.2.47 - name: munin.mgrote.net - ip: 192.168.2.40 + ip: 192.168.2.43 - name: s3.mgrote.net ip: 192.168.2.43 - name: rui.mgrote.net diff --git a/group_vars/munin.yml b/group_vars/munin.yml index 5ee059ff..ce1bcb09 100644 --- a/group_vars/munin.yml +++ b/group_vars/munin.yml @@ -10,6 +10,7 @@ ufw_rules: to_port: 80 protocol: tcp comment: 'munin' + from_ip: 192.168.2.43 # nur von docker10 aus, wird in blocky dort auf traefik umgeleitet ### mgrote_restic restic_folders_to_backup: "/usr/local /etc /root /home /var/lib/munin" @@ -104,7 +105,7 @@ munin_node_plugins: src: https://git.mgrote.net/mirrors/munin-contrib/raw/branch/master/plugins/http/http_response config: | [http_response] - env.sites https://git.mgrote.net http://ldap.mgrote.net:17170 https://docker10.mgrote.net:8443 https://registry.mgrote.net/ui/ http://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://s3.mgrote.net https://auth.mgrote.net + env.sites https://git.mgrote.net http://ldap.mgrote.net:17170 https://docker10.mgrote.net:8443 https://rui.mgrote.net/ https://munin.mgrote.net http://192.168.5.1 http://192.168.3.1 http://192.168.3.108:8080 http://192.168.3.204 http://docker10.mgrote.net:6483 https://miniflux.mgrote.net/ https://nextcloud.mgrote.net https://audio.mgrote.net/mg http://wiki.mgrote.net https://s3.mgrote.net https://auth.mgrote.net env.max_time 20 env.short_label true env.follow_redirect true