# Details/Doku: https://wiki.mgrote.net/pages/_Technik/hardware/rest/fpv/software/rest/ldap/ services: ######## traefik ######## traefik: container_name: traefik image: "traefik:v3.2.0" restart: unless-stopped pull_policy: missing volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./traefik.yml:/etc/traefik/traefik.yml - ./file-provider.yml:/etc/traefik/file-provider.yml - acme_data:/etc/traefik/acme networks: - traefik ports: - "80:80" # HTTP - "8081:8080" # Web-GUI - "443:443" # HTTPS - "2222:2222" # SSH environment: TZ: Europe/Berlin healthcheck: test: ["CMD", "traefik", "healthcheck", "--ping"] interval: 30s timeout: 10s retries: 3 ######## authelia ######## authelia: image: authelia/authelia:4.38.17 container_name: authelia restart: unless-stopped pull_policy: missing environment: TZ: Europe/Berlin volumes: - ./configuration.yml:/config/configuration.yml - ./users_database.yml:/config/users_database.yml - authelia_data:/data labels: traefik.enable: true traefik.http.routers.authelia.rule: Host(`auth.mgrote.net`) traefik.http.services.authelia.loadbalancer.server.port: 9091 traefik.http.routers.authelia.tls: true traefik.http.routers.authelia.tls.certresolver: resolver_letsencrypt traefik.http.routers.authelia.entrypoints: entry_https traefik.http.middlewares.authelia.forwardauth.address: http://authelia:9091/api/verify?rd=https://auth.mgrote.net traefik.http.middlewares.authelia.forwardauth.trustForwardHeader: true traefik.http.middlewares.authelia.forwardauth.authResponseHeaders: Remote-User,Remote-Groups,Remote-Name,Remote-Email depends_on: - authelia-redis networks: - traefik - postfix - authelia healthcheck: test: ["CMD", "wget", "--quiet", "--tries=1", "--spider", "http://authelia:9091"] interval: 30s timeout: 10s retries: 3 authelia-redis: # version!!!! image: redis:7 container_name: authelia-redis restart: unless-stopped pull_policy: missing environment: TZ: Europe/Berlin networks: - authelia healthcheck: test: ["CMD", "redis-cli", "--no-auth-warning", "ping"] interval: 5s timeout: 2s retries: 3 ######## Networks ######## networks: authelia: traefik: external: true postfix: external: true ######## Volumes ######## volumes: acme_data: authelia_data: # TODO # keepass aufraumen # docs lesen # ldap gruppe per app # weitere seiten? # registry-ui # munin # traefik