mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

WIP: authelia: add traefik dashboard #247

Draft
mg wants to merge 1 commit from traefik_ldap_dashboard into master
pull from: traefik_ldap_dashboard
merge into: mg:master
Conversation 0 Commits 1 Files changed 4 +19 -4
4 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit c6281461f0 - Show all commits

4
docker-compose/authelia/configuration.yml.j2
View file

@ -21,6 +21,10 @@ access_control:
policy: one_factor
subject:
- 'group:authelia_wiki'
- domain: traefik.mgrote.net
policy: one_factor
subject:
- 'group:authelia_traefik'
- domain: rui.mgrote.net
policy: one_factor
subject:

15
docker-compose/traefik/docker-compose.yml.j2
View file

@ -1,4 +1,4 @@
# Details/Doku: https://wiki.mgrote.net/pages/_Technik/software/rest/ldap/?h=ldap
# Details/Doku: https:/wiki.mgrote.net/pages/_Technik/software/rest/ldap
services:
######## traefik ########
@ -16,16 +16,23 @@ services:
- traefik
ports:
- "80:80" # HTTP
- "8081:8080" # Web-GUI
- "8081:8080" # Web-GUI # deaktiveiren, einkomentioeren wenn ldap oder middleware kapuutt !!!
- "443:443" # HTTPS
- "2222:2222" # SSH
environment:
TZ: Europe/Berlin
healthcheck:
test: ["CMD", "traefik", "healthcheck", "--ping"]
interval: 30s
interval: 10s
timeout: 10s
retries: 3
labels:
traefik.http.routers.traefik-dashboard.rule: Host(`traefik.mgrote.net`)
traefik.enable: true
traefik.http.routers.traefik-dashboard.entrypoints: entry_https
traefik.http.services.traefik-dashboard.loadbalancer.server.port: 8080
traefik.http.routers.traefik-dashboard.middlewares: authelia@docker
######## Networks ########
networks:
@ -37,3 +44,5 @@ networks:
######## Volumes ########
volumes:
acme_data:
# inscure mode aus

2
docker-compose/traefik/traefik.yml
View file

@ -36,7 +36,7 @@ log:
accessLog: {}
api:
insecure: true
insecure: false
dashboard: true # unter Port 8081 erreichbar
ping: {} # für healthcheck

2
group_vars/blocky.yml
View file

@ -92,6 +92,8 @@ blocky_custom_lookups: # optional
ip: 192.168.2.43
- name: rui.mgrote.net
ip: 192.168.2.43
- name: traefik.mgrote.net # kein oeffentlicher DNS-Record
ip: 192.168.2.43
### mgrote_munin_node
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP