WIP: authelia: add traefik dashboard #247

Draft
mg wants to merge 1 commit from traefik_ldap_dashboard into master
4 changed files with 19 additions and 4 deletions

View file

@ -21,6 +21,10 @@ access_control:
policy: one_factor policy: one_factor
subject: subject:
- 'group:authelia_wiki' - 'group:authelia_wiki'
- domain: traefik.mgrote.net
policy: one_factor
subject:
- 'group:authelia_traefik'
- domain: rui.mgrote.net - domain: rui.mgrote.net
policy: one_factor policy: one_factor
subject: subject:

View file

@ -1,4 +1,4 @@
# Details/Doku: https://wiki.mgrote.net/pages/_Technik/software/rest/ldap/?h=ldap # Details/Doku: https:/wiki.mgrote.net/pages/_Technik/software/rest/ldap
services: services:
######## traefik ######## ######## traefik ########
@ -16,16 +16,23 @@ services:
- traefik - traefik
ports: ports:
- "80:80" # HTTP - "80:80" # HTTP
- "8081:8080" # Web-GUI - "8081:8080" # Web-GUI # deaktiveiren, einkomentioeren wenn ldap oder middleware kapuutt !!!
- "443:443" # HTTPS - "443:443" # HTTPS
- "2222:2222" # SSH - "2222:2222" # SSH
environment: environment:
TZ: Europe/Berlin TZ: Europe/Berlin
healthcheck: healthcheck:
test: ["CMD", "traefik", "healthcheck", "--ping"] test: ["CMD", "traefik", "healthcheck", "--ping"]
interval: 30s interval: 10s
timeout: 10s timeout: 10s
retries: 3 retries: 3
labels:
traefik.http.routers.traefik-dashboard.rule: Host(`traefik.mgrote.net`)
traefik.enable: true
traefik.http.routers.traefik-dashboard.entrypoints: entry_https
traefik.http.services.traefik-dashboard.loadbalancer.server.port: 8080
traefik.http.routers.traefik-dashboard.middlewares: authelia@docker
######## Networks ######## ######## Networks ########
networks: networks:
@ -37,3 +44,5 @@ networks:
######## Volumes ######## ######## Volumes ########
volumes: volumes:
acme_data: acme_data:
# inscure mode aus

View file

@ -36,7 +36,7 @@ log:
accessLog: {} accessLog: {}
api: api:
insecure: true insecure: false
dashboard: true # unter Port 8081 erreichbar dashboard: true # unter Port 8081 erreichbar
ping: {} # für healthcheck ping: {} # für healthcheck

View file

@ -92,6 +92,8 @@ blocky_custom_lookups: # optional
ip: 192.168.2.43 ip: 192.168.2.43
- name: rui.mgrote.net - name: rui.mgrote.net
ip: 192.168.2.43 ip: 192.168.2.43
- name: traefik.mgrote.net # kein oeffentlicher DNS-Record
ip: 192.168.2.43
### mgrote_munin_node ### mgrote_munin_node
# kann git.mgrote.net nicht auflösen, deshalb hiermit IP # kann git.mgrote.net nicht auflösen, deshalb hiermit IP